Anyone figured out yet what the change/fix is? I have modified my version of ibPA and would like to just apply the fix manually.... unless it includes a major remodeling of everything.

just upload all the files and dont worry about where the fix is no one is going to tell you

I would like to find a fix for my problem above I have this on my test forum but before I go live I need to know how to get it working

I have no more information than anyone else. I figured out what the issue was by looking at the release and comparing with the old files, but since the moderators and admins declined to post the info, I don't think I should either. But the files in the download zip file have dates on them and the mod was only quarantined a couple days ago, so there's nothing stopping someone from extracting the files into a directory and searching for the ones that were changed recently...

easy to say when you haven't spent hours and hours and hours customizing your ibProArcade install! Anyway - hopefully someone will share the fix as I and others have asked:

I took me about 3 minutes to compare all the files, probably as long...if not less time than as some of you have waited in this thread for answers. You call yourself admins...and some even claim to offer professional support - do yourself a favour and download a compare program (you'll need it to compare and make the edits to the files below if you would rather not just overwrite the files).

Between versions 2.7.0+ and 2.7.1+ the following files have changed (code changes as opposed to just something like 2.7.0+ becoming 2.7.1+ in the file)

arcade.php
admincp/arcade.php
functions/functions.php
modules/mod_favorites.php
modules/mod_league.php
modules/mod_report.php
modules/mod_settings.php
skins/skin_arcade.php
skins/skin_v3arcade.php

And the product file (obviously).

Some changes are only 1 line

That took about 3 minutes to find out and I even sent a text message inbetween comparing.

Go figure :rolleyes:

Thanks for the speedy update MrZeropage.

The coder makes it very clear, IF YOU READ THE TOP OF ALL THREAD PAGES (enjoy the vulnerability, as now that it is brought to light, it was not real hard to find it, and exploitation is now much more likely on lower versions):

** ...And remember that Support is given in the ibProArcade-Support-Forum **

Who reads anymore? :confused:

Let's think about this for a second... how many sites do you suppose are still running 2.7.0? From the install count and download count I would dare say QUITE a few do you all agree?

If you agree then why would we post the exact issue, allowing some script-kiddies just enough info to do harm to those sites still running 2.7.0? I love you guys (and gals Jacquii :D) however you can't always assume info is not disclosed because we simply don't want to tell you, that's silly tbo :p.

Yes I found most of these.... :)

Though I confess, using Beyond Compare on a clean 2.7.1 versus a clean 2.7.0, it didn't find any differences in functions/functions.php

Many of the changes are just to do with branding free licences however.

I can't go into any any more detail than that.....as Gemma says, a good admin should be able to pull out the required changes and patch up nicely in no time. :)

That's what I've done due to heavy customisation, however that's a temporary measure and I'll be running the full upgrade in a week or two when I get the time to re-apply everything. :)