|
|
It appears you are using a browser that is not based on Internet Explorer, this means you are not viewing the web as good as you should be. Other browsers might try to immitate Internet Explorer, but none can parse the web as it should like Internet Explorer can. So view the web as it was meant to be with Avant Browser!
|
| |
|
|
All times are GMT - 5 Hours
|
|
 |
Sat Apr 16, 2005 3:15 am |
 |
|
Sat Apr 16, 2005 9:44 am |
|
 Author |
Message |
aUsTiN
Webmaster
 
Joined: 05 Jan 2005
Posts: 3684
Words Posted: 144,671
Average Post: 39.27
Location: USA
|
| Post subject: |
 |
|
| It wont matter, and of course they fixed it, but look how long it took them to address it & i love the reference to 'we didn't give some people credit for the fixes' that Acyd Burn posted in his Announcement post.... lol |
|
| Post #2 |
|
|
|
Sat Apr 16, 2005 11:06 am |
|
|
Sat Apr 16, 2005 12:40 pm |
|
| Author |
Message |
ChaosBringer
Amature TweakeR
Joined: 15 Apr 2005
Posts: 43
Words Posted: 29,160
Average Post: 678.14
|
| Post subject: |
|
|
| yeah, lol, they are some messed up people....what is horrible about that site really its the support they give. IMO, they let every member they have give the support(even if they dont know what the F*CK their talking about)...sadly, if it wasnt for all these sites phpbb would not be a competing forum software. |
|
| Post #4 |
|
|
|
Sat Apr 16, 2005 12:51 pm |
|
| Author |
Message |
ChaosBringer
Amature TweakeR
Joined: 15 Apr 2005
Posts: 43
Words Posted: 29,160
Average Post: 678.14
|
| Post subject: |
|
|
| Ptirhiik - RPGnet-fr wrote: | | On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements. | |
|
| Post #5 |
|
|
|
Sat Apr 16, 2005 1:21 pm |
|
| Author |
Message |
 SGD
Site Supporter
Joined: 07 Jan 2005
Posts: 64
Words Posted: 11,067
Average Post: 172.92
Location: Washington
|
| Post subject: |
|
|
| I saw that also by, Ptirhiik. So, I added the 2 sql requests before instead of after. I also noticed that when there is an update there is little or no moderator involvement with the update. it is pretty much run by all the members. Makes it hard to figure out what should be changed. I usually go with the more expierianced members like, Ptirhiik. He is very reliable. |
|
| Post #6 |
|
|
|
Sat Apr 16, 2005 2:03 pm |
|
| Author |
Message |
SGD
Site Supporter
Joined: 07 Jan 2005
Posts: 64
Words Posted: 11,067
Average Post: 172.92
Location: Washington
|
| Post subject: |
|
|
| Ptirhiik - RPGnet-fr wrote: | | it seems my post was quite comfusing, so let's try to reword it. The real problem is not the fix here : setting after or before on a correct database will do exactly the same, so the phpBB.com spot is perfectly valid. Though, I have quite often encounter a flew on many phpBB install, where the users table row ANONYMOUS (user_id = -1 in users table) was missing. Here stands the problem : prior this fix, it wasn't too harsh, as the user_id was forced. With the latest version, it is no more in this case. The real answer is to create the missing row (or to fix it), what I posted is only half-the-way (to keep the same level of data prior the 2.0.14 version). If you have the user_id = -1 users table row, nothing to worry, just apply the upgrade as is. If you miss this row, IMHO better is to set temporaly the code before rather than after, then - and this is the most important - ask in the support forum here @ phpBB.com how to fix your install for this issue. Once done, just get back to the original upgrade. | |
|
| Post #7 |
|
|
|
Sat Apr 16, 2005 2:24 pm |
|
| Author |
Message |
aUsTiN
Webmaster
Joined: 05 Jan 2005
Posts: 3684
Words Posted: 144,671
Average Post: 39.27
Location: USA
|
| Post subject: |
|
|
I havn't looked at the actual file changes for .14 but to think about it, if its set to ANONYMOUS, the account existing doesn't matter.
define('ANONYMOUS', -1);
Its a defined variable so it will be set to -1 regardless. The only thing is if the -1 account doesnt exist on a site, then it will populate $userdata with empty data, so in the end it still doesn't matter because it was reset to empty info instead of someone elses info.
So in short, the account existing or not doesn't matter when resetting the $userdata array, it just matters if its populated with the Anonymous accounts info or if its populated with a bunch of empty strings.
So no other changes should be needed, simply put. |
|
| Post #8 |
|
|
|
Sat Apr 16, 2005 4:48 pm |
|
|
Sat Apr 16, 2005 6:48 pm |
|
| Author |
Message |
Seteo-Bloke
Support Team
Joined: 07 Jan 2005
Posts: 34
Words Posted: 1,097
Average Post: 32.26
|
| Post subject: |
|
|
| aUsTiN wrote: | | It wont matter, and of course they fixed it, but look how long it took them to address it & i love the reference to 'we didn't give some people credit for the fixes' that Acyd Burn posted in his Announcement post.... lol |
Yeah I laughed when I saw that over at phpbb.com. They certainly did take their time getting their arses into gear over it.
Given the fact phpbb is an open source project it's laughable the lack of respect many of the phpbb team show towards contributing authors. |
|
| Post #10 |
|
|
|
Sat Apr 16, 2005 7:09 pm |
|
| Author |
Message |
ChaosBringer
Amature TweakeR
Joined: 15 Apr 2005
Posts: 43
Words Posted: 29,160
Average Post: 678.14
|
| Post subject: |
|
|
| SGD wrote: | | I saw that also by, Ptirhiik. So, I added the 2 sql requests before instead of after. I also noticed that when there is an update there is little or no moderator involvement with the update. it is pretty much run by all the members. Makes it hard to figure out what should be changed. I usually go with the more expierianced members like, Ptirhiik. He is very reliable. |
It doesnt matter where you put them, anyways, I agree with Seteo on that one.
i guess that is what a big ego does to you... |
|
| Post #11 |
|
|
|
Sat Apr 16, 2005 8:30 pm |
|
| Author |
Message |
SGD
Site Supporter
Joined: 07 Jan 2005
Posts: 64
Words Posted: 11,067
Average Post: 172.92
Location: Washington
|
| Post subject: |
|
|
| ChaosBringer wrote: | | SGD wrote: | | I saw that also by, Ptirhiik. So, I added the 2 sql requests before instead of after. I also noticed that when there is an update there is little or no moderator involvement with the update. it is pretty much run by all the members. Makes it hard to figure out what should be changed. I usually go with the more expierianced members like, Ptirhiik. He is very reliable. |
It doesnt matter where you put them, anyways, I agree with Seteo on that one.
i guess that is what a big ego does to you... |
I figured that out after a few more posts were made clearing that up. |
|
| Post #12 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Protected by phpBB Security © phpBB-TweakS
phpBB Security Has Blocked 3,237 Exploit Attempts.
· Archive · Sitemap: Index · Sitemap: Forums · Sitemap: Topics · Sitemap: Posts ·
:: [ Load Time: 2.8 Seconds ] :: [ 29 Queries ] :: [ 1,504 Page(s) Viewed Today ] ::
:: [ Todays Queries: 42,172 ] :: [ Highest Load: 1,396,429 Queries On May. 08, 2007 ] ::
:: [ SQL Load: 60% Time: 1.7 ] :: [ PHP Load: 40% Time: 1.1 ] :: [ Debug: On ] :: [ GZIP: Enabled ] ::
:: The server last rebooted 79 days, 19 hours, 39 minutes, 33 seconds ago. ::
|
|
|
Feedback 
