vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)
-   -   Quick Account Switch v1.2 (https://vborg.vbsupport.ru/showthread.php?t=70971)

dsboyce8624 06-10-2005 08:10 PM

Quote:

Originally Posted by MarcoH64
This means there is a potential SQL insertion vulnerability in this hack. To avoid problems everybody should edit their qas.php file and change the line:
PHP Code:

$condition "username LIKE '$u2%'"// search for usernames starting with 

into:
PHP Code:

$condition "username LIKE '" addslashes($u2) . "%'"// search for usernames starting with 

PS Don't have this installed, so above modification is not tested.

This seems to be working fine, in case nobody else reported back.

3.0.7 vBa CMPS 1

vexiphne 11-02-2005 01:11 PM

globalize() has been removed from 3.5.1 to my knowledge, so this hack is busted.. any chance to get it fixed? :(

tnguy3n 11-03-2005 02:48 AM

globalize() was replaced by $vbulletin->input->clean_array_gpc()

akanevsky 11-09-2005 01:19 AM

May I have your permission to port this hack? Thx.

TCM 11-09-2005 03:26 AM

Quote:

Originally Posted by Dark Visor
May I have your permission to port this hack? Thx.

Quote:

Last Activity: 05. Mar 2005
I doubt you'll get a reply.

EDIT: If you'd like to email him, his address is in his profile on his boards, where he appears to be active. :p
EDIT: I sent him a link to your post.

Cedric_FP 11-12-2005 12:43 PM

Hopefully we can get permission to port this. It'd be nice.

akanevsky 11-12-2005 02:44 PM

Quote:

I doubt you'll get a reply.
Grrr.... You're right.

Azhrialilu 11-12-2005 04:11 PM

I've got someone rewriting this hack to work for 3.5 and I'm sure he'll release it here when it's complete :)

akanevsky 11-12-2005 04:15 PM

You are not the hack's author, so you cannot be releasing it here without permission.

Mythotical 11-12-2005 04:45 PM

Dark Visor,

I am the one porting this hack, everything is ported, just need to get one thing figured out which is why the information is not inserting into the database when its entered. Everything else works.

I have emailed the author for permission to release the hack. If you wish to give me assistance on figuring out this last little piece, please do PM me. I will be releasing the hack once I have gotten permission to do so.

Cheers
Myth


All times are GMT. The time now is 02:54 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02941 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete