vb.org Archive
Page 161 of 277 « First 61111151159160 161 162163171211261 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   New Posting Features - [DBTech] Advanced Post Thanks / Like v3 (vB4) [AJAX] (https://vborg.vbsupport.ru/showthread.php?t=243510)

TyrbaneSilverha 08-12-2012 06:03 PM
I was really interested in using this mod, but I don't feel comfortable having a directory with PHP files in it that is CHMODed to 777. This smells of a security hole as anyone can modify those PHP files to display sensitive information. Is there a specific reason for vbactivity_type to be wide open?

DragonByte Tech 08-13-2012 06:44 PM
Yeah, the fact that when you add a new button, it needs to write a new file to that directory to be compatible with vBActivity :)


Fillip

Shemillian 08-14-2012 05:15 PM
Thank you for all of your efforts. This seems like a great product.


Quote:
Originally Posted by TyrbaneSilverha (Post 2356482)
I was really interested in using this mod, but I don't feel comfortable having a directory with PHP files in it that is CHMODed to 777. This smells of a security hole as anyone can modify those PHP files to display sensitive information. Is there a specific reason for vbactivity_type to be wide open?
I am also concerned about security. My site was recently exploited through the Post Thank You plugin by Abe1. A shell script was inserted into the ajax_complete.php.

I'm honestly not fluent enough to ask the right questions here, but have you had any experience with this product being similarly exploited? I'd really love to have a Thanks option again (members of my forum are begging for it) but not if it's going to leave me vulnerable to attack.

Thank you!

DragonByte Tech 08-14-2012 05:33 PM
There have been no reports of this mod being the source of any exploits.

Keep in mind that a directory being 777 doesn't mean anyone can inject scripts into it from any server - the attacker needs some form of access to your server via other means (either an Admin account with Can Admin Plugins) or another account on the server.

That still doesn't mean anyone else on a shared server can hack your site - there's still open_basedir restrictions which any shared host worth their salt would have enabled.

Fillip

aryshi 08-16-2012 06:22 PM
Dear Fillip is there a possibility to add option to hide posts that have specific number of dislikes?

DragonByte Tech 08-18-2012 06:43 PM
That's a Pro only feature: "Ability to auto-collapse posts using provided formula or input for your own using your custom buttons" :)


Fillip

Kirk Fitzgerald 08-21-2012 08:08 PM
Quote:
Originally Posted by Sidewindr (Post 2320156)
Originally Posted by Sidewindr View Post

The problem where ALL search result postbits were being replaced by "-= Hiden Content =-" comes from the edit to the file /vb/legacy/post.php. I removed this edit and search results for posts were being displayed properly.. There probably needs to be some kind of conditional statement in the code..

BUMP! This is a bug I believe .. :)
This is still happening, or at least it was on my own site until I removed the edit to /vb/legacy/post.php as stated by Sidewindr.

Is this going to be fixed?

DJ-Dez 08-27-2012 12:18 AM
Were do I edit?
{vb:raw stat}

Need to edit the code whatever is being pulled through this variable.

DragonByte Tech 08-27-2012 10:03 PM
Quote:
Originally Posted by DJ-Dez (Post 2360308)
Were do I edit?
{vb:raw stat}

Need to edit the code whatever is being pulled through this variable.
That variable is defined in /dbtech/thanks/hooks/postbit_display_complete.php


Fillip

zero477 09-01-2012 07:14 PM
Hello Dragon Byte,

I installed your plugin ... It looks good but I do not know how to thank or like someone ... how can I do this??

Greetings:

http://www.hyperlinkbuilding.org/thr...-Compte-Newbie

Currently your website is down: https://www.dragonbyte-tech.com/

How long will it itake to bring it back to life??


All times are GMT. The time now is 04:44 AM.
Page 161 of 277 « First 61111151159160 161 162163171211261 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02466 seconds
  • Memory Usage 1,745KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (6)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete