vb.org Archive
Page 12 of 44 « First 21011 12 131422 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.7 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=228)
-   -   Add-On Releases - vBTube 1.2.9 (CSRF protection added) (https://vborg.vbsupport.ru/showthread.php?t=173083)

bigtime 03-22-2008 08:11 PM
Hi,

Here are some other security issues I think should be corrected:


On line 13 of cat.php, change:

PHP Code:
$pages $_GET[page]; 
To:

PHP Code:
$pages intval($_GET['page']); 

Same change to playlist.php on line 13, user.php on line 49.

On line 43 of vBTube.php, find this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages $_GET[page]; }
$pages intval($_GET['page']); 
Change it to this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages intval($_GET['page']); } 
Hope I caught them all.


BTW, Playa82, thanks again for the great addon! Don't let anyone's rude comments discourage you!

Tim

DoB Rhapsody 03-22-2008 11:26 PM
Question!

How do i change the default videos that are displayed when someone goes to "vBTube.php"? I want to display gaming related content. I don't just want to link to a search result though. I also don't mind if it displays "results: xxx xxx" in the video area, as long as it's not a dynamic link.

bigtime 03-23-2008 04:06 AM
Quote:
Originally Posted by DoB Rhapsody (Post 1472071)
Question!

How do i change the default videos that are displayed when someone goes to "vBTube.php"? I want to display gaming related content. I don't just want to link to a search result though. I also don't mind if it displays "results: xxx xxx" in the video area, as long as it's not a dynamic link.
Is there an existing gaming category at youtube? If not, the only way I know to do it would be the edit I posted earlier in this thread.

Tim

DoB Rhapsody 03-23-2008 05:34 AM
Quote:
Originally Posted by bigtime (Post 1472234)
Is there an existing gaming category at youtube? If not, the only way I know to do it would be the edit I posted earlier in this thread.

Tim

Found it, thanks for that. One thing still bugs me though, why are all the videos in the categories foreign!!

Playa82 03-23-2008 11:25 AM
Quote:
Originally Posted by bigtime (Post 1471928)
Hi,

Here are some other security issues I think should be corrected:


On line 13 of cat.php, change:

PHP Code:
$pages $_GET[page]; 
To:

PHP Code:
$pages intval($_GET['page']); 

Same change to playlist.php on line 13, user.php on line 49.

On line 43 of vBTube.php, find this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages $_GET[page]; }
$pages intval($_GET['page']); 
Change it to this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages intval($_GET['page']); } 
Hope I caught them all.


BTW, Playa82, thanks again for the great addon! Don't let anyone's rude comments discourage you!

Tim

thanks, i already noticed the codes above. but it's still a xss error when u don't edit your .htaccess file...

arco 03-23-2008 04:14 PM
Here's some stars I made you can use with dark styles.

kall 03-24-2008 11:24 PM
Quote:
Originally Posted by connkid25 (Post 1470764)
You put your site URL. Such as example.com. Nothing else goes there.

You need to edit the htaccess in the root directory so it can be set for the entire site.
He said that he has a .htaccess in the forum root.

Telling him that setting one up "in the root directory so it can be set for the entire site" is both incorrect and misleading. The one in /forum/ will NOT inherit the values in the /root/ one. It will OVERRIDE them entirely.

connkid25 03-24-2008 11:50 PM
Quote:
Originally Posted by kall (Post 1473717)
He said that he has a .htaccess in the forum root.

Telling him that setting one up "in the root directory so it can be set for the entire site" is both incorrect and misleading. The one in /forum/ will NOT inherit the values in the /root/ one. It will OVERRIDE them entirely.
It should be enabled globally on the server. Instead of being rude about it, you could have then told him to edit both. Simple and fixed! ;)

Magnumutz 03-25-2008 05:10 PM
Okay, what does the new update contain?

Playa82 03-25-2008 06:21 PM
Quote:
Originally Posted by Magnumutz (Post 1474340)
Okay, what does the new update contain?
XSS Protection


All times are GMT. The time now is 09:40 PM.
Page 12 of 44 « First 21011 12 131422 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01586 seconds
  • Memory Usage 1,761KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (8)bbcode_php_printable
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete