Enthusiast Security Fix Available - Nov 2008

[Jackie]

Enthusiast has a security fix available at <a href="http://scripts.indisguise.org/" target="_blank"><a href="http://scripts.indisguise.org/" target="_blank"><a href="http://scripts.indisguise.org/" target="_blank">http://scripts.indisguise.org/[/url][/url][/url]

Edit: Angela's file currently has a problem.  On line 60 in the new show_join.php:

Code: [Select]

if( $_POST['email'] && ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $_POST['email'])
should be:

Code: [Select]

if( $_POST['email'] && ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $_POST['email']) )There seems to be missing an extra ) at the end.  So, if you download Angela's file, add in the extra ) before uploading.  I don't know if there're any other problems; Angela or one of the coding gurus will probably let us know. :]

In the meantime, if you still have problems, you can also edit the file show_join.php manually by following this tutorial.

UPDATE NOVEMBER 2008: See Indiscripts for the latest Enthusiast security upgrade (upgrade to version 3.1.5).

[Mitzrael]

updated  :/  thank you Jackie!

[Jackie]

Eek, it seems there's something wrong with the fix.  I wouldn't download the one from Angela's site at the moment.  You can manually fix the file show_join.php by following this tutorial.

[Mitzrael]

XD okay, I will do this after lunch  :/ meanwhile I re-uploaded the original file o.ó

[Mura]

Thanks for the heads up, Jackie.  :/

*will go through tutorial after lunch*

[Rainie]

thanks <3 I've upload it manually due to the error, and now it works !

[Lia]

Thanks for posting how to fix it. My joined forms seem fine after the upgrade. :/

[Meli]

Thanks, Jackie! I will definitely make sure to upgrade my file soon. :/

[Mitzrael]

:/ mines aren't working, i've done it manualy too ._.

never mind I get it now  

[Firefly]

Thanks!  I've been getting some of those lately, with odd fields, and I thought it was odd that Enth3 did not catch them.

[Mitzrael]

o.o by the way, I really hope the spam fix is going to work ^^U. Someone already emailed me back after two of his emails were added without him filling the form or even visit the site ^^;;

[Crystal]

I've done the fixes. Thanks for the heads up. :/

[Luinthoron]

Thanks, updated! :/

[Matx]

Thanks for posting the fix Jackie! Updated my Enth's forms... ^_^

[Michiru]

Angela has a new enth security fix for the login. You can find more info about it on codegrrl here.

If you haven't already updated it, here's the link to the download: http://scripts.indisguise.org/enthusiast/download/3/?cat=11