I've added a bit more to the security patch from 8/24/06. If you have not already updated, you can just grab this .zip as it contains all three files from the first patch.
This patch affects user.php and header.php. Manual instructions below:
08/28/06 - Manual instructions
- Find:
unset($check_url);
after it add:
$output = "";
if(empty($useruid)) {
$adminloggedin = 0;
$loggedin = 0;
$level = 0;
}
if(ini_get('register_globals')) {
foreach($_SESSION as $k => $v) {
unset($GLOBALS[$k]);
}
}
If you updated earlier in the week part of this will already be there.
I'm just listing it here again for those who requested a clarification.
- In user.php find this section around line 78:
if($passwd[level] != 0) {
$_SESSION['adminloggedin'] = 1;
$_SESSION['email'] = $passwd['email'];
$_SESSION['admincats'] = $passwd['categories'];
}
Directly beneath it add:
else {
$_SESSION['adminloggedin'] = 0;
}
I just patched the files (uploaded this new header.php and manually patched user.php) but now nothing appears on the user.php file ... people cannot access their account or anything because all the links disappeared.
Anyone else having this issue? I had not patched with the previous patch released on the 24th, simply grabbed the patch released on the 28th. Am running the latest version of eFiction.
URL: http://fanfics.suethomasfbeye.net
Thank you.
Jacynthe
Archives: http://fanfics.e-authors.net
Version: 3.5.3
Modified? Somewhat...
PHP: 5.3.3
MySQL: 5.0.91-community
I reverted the header.php file to what it previously was and now it works again so... there seems to be some coding problem with the added stuff...
Jacynthe
Archives: http://fanfics.e-authors.net
Version: 3.5.3
Modified? Somewhat...
PHP: 5.3.3
MySQL: 5.0.91-community
I suggest you didn't get the manual patch of the user.php right then because it does work. I pulled the files from the patch .zip and put them on my site and it's working.
ETA: I believe the part you missed was changing $output to $loginoutput everwhere above the main function in user.php. In fact, if I were you I'd just replace everything above the main function in user.php.
ETA: I believe the part you missed was changing $output to $loginoutput everwhere above the main function in user.php. In fact, if I were you I'd just replace everything above the main function in user.php.
I missed doing that in fact because it was not in the readme telling us to do it. Thank you for that. It works perfectly now.
Jacynthe
Archives: http://fanfics.e-authors.net
Version: 3.5.3
Modified? Somewhat...
PHP: 5.3.3
MySQL: 5.0.91-community
Does this security vulnerability affect 1.1 as well? This site - http://www.securityfocus.com/bid/19717/info - says that it does, but the patch it links to is the patch for 2.0.7 and I don't seem to have the code you want to replace about in either my header.php or user.php files. I'd far rather, if possible, wait for a stable release of 3.0 before I upgrade.
Thanks in advance.
Yes, it affects 1.1. There's been no patch for 1.1 released. There's really very little chance of making 1.1 secure.
