vb.org Archive - Major Additions - ibProArcade

Since this isn't being answered on the other support thread, maybe someone can help on this one.

I just installed the arcade on a clients' site. When we click on the arcade link, or go to /arcade.php, the follow warning appears at the top of the arcade page -
Does anyone know what this is referring to? Any help is much appreciated.

It looks like you need to specify the path for the skin of the arcade or arcade itself.

like

Code:

/home/username/forum/arcade/skins/skin_Arcade.php

the path example is

Code:

/home/username/forum

Vaupell

01-02-2009 08:48 PM

Quote:

Originally Posted by bwcbob (Post 1526020)

ibProArcade is compatible to PNflashgames, some information about it:

> download the games at www.pnflashgames.com in POSTNUKE format
> PNflashgames can submit their score and play again without reloading the page or going back to ibProArcade

to install a PNflahgames-Game, do the following:

1) locally unzip the archive
2) upload the .swf-file to /arcade
3) create two .gif-files (gamename1.gif and gamename2.gif) based on the .gif provided with the game
4) upload the two .gif-files to /arcade/images/
5) enter AdminCP -> Arcade -> Add Game and manually add it (using the first upper section)

Is the same thing I did, but It tells me I need to put the variables in for the score, and I dont know what the variables are....

Did you ewer solve this, haveing same problem now...

Ohiosweetheart

01-03-2009 03:02 AM

Quote:

Originally Posted by subzero06 (Post 1698813)

It looks like you need to specify the path for the skin of the arcade or arcade itself.

like

Code:

/home/username/forum/arcade/skins/skin_Arcade.php

the path example is

Code:

/home/username/forum

thank you, but where would I do this at? I've never had this problem before.

mikeinjersey

01-03-2009 12:56 PM

Is it normal for some arcade games in the /arcade/ folder to be chmod 777 and others to be 644 ? Thats what i've got going on.

#2 , is there still anyway to increase the cookie duration of how long people appear in the arcade after they leave ? If I knew of a way, i'd make it so it would last 5 hours...so that it would appear more people are playing the games... If theres only 1 person in there..and your the one... it doesnt really motivate others to play.

Pipo123

01-03-2009 07:53 PM

Multiple SQL queries do not filter input and are subject to SQL injection attempts.
For example the "UPDATE tournament SET winner =" queries in arcade.php and mod_arcade.php

djbaxter

01-03-2009 08:55 PM

Quote:

Originally Posted by Pipo123 (Post 1700636)

Multiple SQL queries do not filter input and are subject to SQL injection attempts.
For example the "UPDATE tournament SET winner =" queries in arcade.php and mod_arcade.php

Thanks for this warning. Uninstalled.

mikeinjersey

01-04-2009 03:55 AM

Quote:

Originally Posted by Pipo123 (Post 1700636)

Multiple SQL queries do not filter input and are subject to SQL injection attempts.
For example the "UPDATE tournament SET winner =" queries in arcade.php and mod_arcade.php

are u saying some of my arcade files were possibly hacked and pushed to 777...or were you answering someone else's question ? im confused.

and could this spread to any of the vBulletin database tables ?

now u guys are gettin me all paranoid. :erm:

Digital Jedi

01-04-2009 04:22 AM

Quote:

Originally Posted by mikeinjersey (Post 1700984)

I wouldn't fret too much. If it was a serious vulnerability, it would have been exploited multiple times by now.

MrZeropage

01-04-2009 12:07 PM

@Pipo123:
the queries are fine, in one line of code the name is not cleaned, right, but the incoming name is pulled from the database, which means this is very hard or even not possible to use for an injection/exploit.

Anyway, the v2.6.8+ will be released in the next minutes having those queries changed to improve security

DanTHEGREAT

01-04-2009 12:43 PM

I'm n00b at this sort of thing but how do you MASS install games? It's really not fun installing them manually. I've already had to install 100 manually.

All times are GMT. The time now is 05:02 AM.

Page 479 of 758

479

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05490 seconds Memory Usage 1,746KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (4)bbcode_code_printable (6)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (6)pagenav_pagelinkrel (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: