vb.org Archive - Quick Account Switch v1.2

Page 15 of 16

« First

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)

- - Quick Account Switch v1.2 (https://vborg.vbsupport.ru/showthread.php?t=70971)

dsboyce8624

06-10-2005 08:10 PM

Quote:

Originally Posted by MarcoH64

This means there is a potential SQL insertion vulnerability in this hack. To avoid problems everybody should edit their qas.php file and change the line:

PHP Code:


		
			
$condition = "username LIKE '$u2%'"; // search for usernames starting with

into:

PHP Code:


		
			
$condition = "username LIKE '" . addslashes($u2) . "%'"; // search for usernames starting with

PS Don't have this installed, so above modification is not tested.

This seems to be working fine, in case nobody else reported back.

3.0.7 vBa CMPS 1

vexiphne

11-02-2005 01:11 PM

globalize() has been removed from 3.5.1 to my knowledge, so this hack is busted.. any chance to get it fixed? :(

tnguy3n

11-03-2005 02:48 AM

globalize() was replaced by $vbulletin->input->clean_array_gpc()

akanevsky

11-09-2005 01:19 AM

May I have your permission to port this hack? Thx.

TCM	11-09-2005 03:26 AM

Quote:

Originally Posted by Dark Visor

May I have your permission to port this hack? Thx.

Quote:

Last Activity: 05. Mar 2005

I doubt you'll get a reply.

EDIT: If you'd like to email him, his address is in his profile on his boards, where he appears to be active. :p
EDIT: I sent him a link to your post.

Cedric_FP

11-12-2005 12:43 PM

Hopefully we can get permission to port this. It'd be nice.

akanevsky

11-12-2005 02:44 PM

Quote:

I doubt you'll get a reply.

Grrr.... You're right.

Azhrialilu

11-12-2005 04:11 PM

I've got someone rewriting this hack to work for 3.5 and I'm sure he'll release it here when it's complete :)

akanevsky

11-12-2005 04:15 PM

You are not the hack's author, so you cannot be releasing it here without permission.

Mythotical

11-12-2005 04:45 PM

Dark Visor,

I am the one porting this hack, everything is ported, just need to get one thing figured out which is why the information is not inserting into the database when its entered. Everything else works.

I have emailed the author for permission to release the hack. If you wish to give me assistance on figuring out this last little piece, please do PM me. I will be releasing the hack once I have gotten permission to do so.

Cheers
Myth

All times are GMT. The time now is 02:54 PM.

Page 15 of 16

« First

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.02941 seconds Memory Usage 1,739KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_php_printable (4)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (1)pagenav_pagelinkrel (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: