The AnimeFanlistings Network Message Board
Fanlisting Management => Fanlistings Chit-Chat => Topic started by: Jackie on April 29, 2006, 12:09:20 PM
-
Enthusiast has a security fix available at <a href="http://scripts.indisguise.org/" target="_blank"><a href="http://scripts.indisguise.org/" target="_blank"><a href="http://scripts.indisguise.org/" target="_blank">http://scripts.indisguise.org/ (http://\"http://scripts.indisguise.org/\")[/url][/url][/url]
Edit: Angela's file currently has a problem. On line 60 in the new show_join.php:
if( $_POST['email'] && ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $_POST['email'])
should be:
if( $_POST['email'] && ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $_POST['email']) )There seems to be missing an extra ) at the end. So, if you download Angela's file, add in the extra ) before uploading. I don't know if there're any other problems; Angela or one of the coding gurus will probably let us know. :]
In the meantime, if you still have problems, you can also edit the file show_join.php manually by following this tutorial (http://\"http://www.jemjabella.co.uk/post.php?title=20060427_enthusiast3_potential_security_risk\").
UPDATE NOVEMBER 2008: See Indiscripts (http://\"http://scripts.indisguise.org/\") for the latest Enthusiast security upgrade (upgrade to version 3.1.5).
-
updated :/ thank you Jackie!
-
Eek, it seems there's something wrong with the fix. I wouldn't download the one from Angela's site at the moment. You can manually fix the file show_join.php by following this tutorial (http://\"http://www.jemjabella.co.uk/post.php?title=20060427_enthusiast3_potential_security_risk\").
-
XD okay, I will do this after lunch :/ meanwhile I re-uploaded the original file o.รณ
-
Thanks for the heads up, Jackie. :/
*will go through tutorial after lunch*
-
thanks <3 I've upload it manually due to the error, and now it works ;D !
-
Thanks for posting how to fix it. My joined forms seem fine after the upgrade. :/
-
Thanks, Jackie! :) I will definitely make sure to upgrade my file soon. :/
-
:/ mines aren't working, i've done it manualy too ._.
never mind I get it now :)
-
Thanks! I've been getting some of those lately, with odd fields, and I thought it was odd that Enth3 did not catch them.
-
o.o by the way, I really hope the spam fix is going to work ^^U. Someone already emailed me back after two of his emails were added without him filling the form or even visit the site ^^;;
-
I've done the fixes. Thanks for the heads up. :/
-
Thanks, updated! :/
-
Thanks for posting the fix Jackie! Updated my Enth's forms... ^_^
-
Angela has a new enth security fix for the login. You can find more info about it on codegrrl here (http://\"http://codegrrl.com/forums/index.php?s=&showtopic=12815&view=findpost&p=68649\").
If you haven't already updated it, here's the link to the download: http://scripts.indisguise.org/enthusiast/download/3/?cat=11 (http://\"http://scripts.indisguise.org/enthusiast/download/3/?cat=11\")
-
I know some of us miss those news although we've got a seed to keep up-to-date *looks at self* :D :D so i hope it's okay to bring this thread back to life xD; *clings on Marie* thanks lady!
URGENT : Security Upgrade this way~ (http://\"http://scripts.indisguise.org/2008/11/13/enthusiast-315-urgent-security-upgrade/\")