phpBB-TweakS
The easiest way to 'tweak' your phpBB!
  
Advanced Search
    
 
Home Downloads FAQ Register FAQ Memberlist Usergroups Ranks
  Log in to check your private messages Log in  
   
 

Please help us to develop!

 
It appears you are using a browser that is not based on Internet Explorer, this means you are not viewing the web as good as you should be. Other browsers might try to immitate Internet Explorer, but none can parse the web as it should like Internet Explorer can. So view the web as it was meant to be with Avant Browser!
         

phpBB-TweakS Forum Index Feedback [Better Session Handling] hidden content is displayed
Display posts from previous:   
Half Thread Topic  Fully Thread Topic  Download Topic
      All times are GMT - 5 Hours  
Post new topic  Reply to topic

Sat Aug 13, 2005 2:23 pm
Author Message
SirH
New TweakeR
New TweakeR


Joined: 13 Aug 2005
Posts: 7
Words Posted: 462
Average Post: 66.00
Post subject: [Better Session Handling] hidden content is displayed Reply with quote
Hi, sorry to bother you again ;-)

I noticed, that users (and even guests!) will see hidden threads and hidden boards - although the links won´t lead them to the content, these informations should not be displayed.

Imagine a thread in a hidden administration subforum: "User x behaves strange"... Nobody should be able to read the this title.
Post #1
      Back To Top  

Sat Aug 13, 2005 2:58 pm
Author Message
aUsTiN
Webmaster
Webmaster


Usa Georgia

Joined: 05 Jan 2005
Posts: 3684
Words Posted: 144,671
Average Post: 39.27
Location: USA
Post subject: Reply with quote
Gotcha, will look into changing that.
Post #2
      Back To Top  

Sat Aug 13, 2005 3:01 pm
Author Message
SirH
New TweakeR
New TweakeR


Joined: 13 Aug 2005
Posts: 7
Words Posted: 462
Average Post: 66.00
Post subject: Reply with quote
great, thanks!
Post #3
      Back To Top  

Sat Aug 13, 2005 3:12 pm
Author Message
SirH
New TweakeR
New TweakeR


Joined: 13 Aug 2005
Posts: 7
Words Posted: 462
Average Post: 66.00
Post subject: Reply with quote
I noticed another security related thing:

Sometimes the action is displayed as "Index" with a link like that:

http: //forum.urlxy/index.php?sid=8574f2fe1814c2727b7e251329201f7f

Is this the session-Id of the specific user and shouldn´t it be secret?
Post #4
      Back To Top  

Tue Aug 16, 2005 5:38 pm
Author Message
Reddaggerz
Amature TweakeR
Amature TweakeR


Joined: 07 Jun 2005
Posts: 49
Words Posted: 3,603
Average Post: 73.53
Post subject: Reply with quote
I just noticed this too. I appreciate you looking into this, Austin, I have alot of hidden forums. Smile
Post #5
      Back To Top  

Fri Sep 23, 2005 3:32 pm
Author Message
SirH
New TweakeR
New TweakeR


Joined: 13 Aug 2005
Posts: 7
Words Posted: 462
Average Post: 66.00
Post subject: Reply with quote
Hi Smile
Any news here?
Post #6
      Back To Top  

Fri Sep 23, 2005 7:13 pm
Author Message
aUsTiN
Webmaster
Webmaster


Usa Georgia

Joined: 05 Jan 2005
Posts: 3684
Words Posted: 144,671
Average Post: 39.27
Location: USA
Post subject: Reply with quote
As in the other post, i am aware of the problems & sorry its taking so long, but i'll get to it when i get time.
Post #7
      Back To Top  

 
         

Post new topic  Reply to topic

phpBB-TweakS Forum Index Feedback [Better Session Handling] hidden content is displayed
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

      Back To Top  

Page 1 of 1
Jump to:  
 
Protected by phpBB Security © phpBB-TweakS
phpBB Security Has Blocked 3,237 Exploit Attempts.

· Archive · Sitemap: Index · Sitemap: Forums · Sitemap: Topics · Sitemap: Posts ·

:: [ Load Time: 2.8 Seconds ] :: [ 29 Queries ] :: [ 4,592 Page(s) Viewed Today ] ::
:: [ Todays Queries: 137,972 ] :: [ Highest Load: 1,396,429 Queries On May. 08, 2007 ] ::
:: [ SQL Load: 60% Time: 1.7 ] :: [ PHP Load: 40% Time: 1.1 ] :: [ Debug: On ] :: [ GZIP: Enabled ] ::
:: The server last rebooted 81 days, 8 hours, 55 minutes, 21 seconds ago. ::
The phpBB[Network]!
       


This page has been viewed 4,930,146 times, last viewed: Sat Sep 06, 2008 5:26 pm.
Powered by phpBB 2.0.* © 2001, 2002 phpBB Group
Avalanche style by What Is Real © 2004