Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
0d00adb2cb |
@@ -1,3 +1,6 @@
|
|||||||
|
Version 1.15.1 - Dec. 19, 2015
|
||||||
|
Fix XSS vulnerability in change nickname + make it available for registered users only
|
||||||
|
|
||||||
Version 1.15 - Dec. 17, 2015
|
Version 1.15 - Dec. 17, 2015
|
||||||
Made code reading easier for newbies
|
Made code reading easier for newbies
|
||||||
Removed inefficient memcached caching of members and ignored
|
Removed inefficient memcached caching of members and ignored
|
||||||
|
|||||||
9
chat.php
9
chat.php
@@ -1721,13 +1721,13 @@ function send_profile($arg=''){
|
|||||||
echo "<tr><td> </td><td>$I[confirmpass]</td><td><input type=\"password\" name=\"confirmpass\" size=\"20\"></td></tr>";
|
echo "<tr><td> </td><td>$I[confirmpass]</td><td><input type=\"password\" name=\"confirmpass\" size=\"20\"></td></tr>";
|
||||||
echo '</table></td></tr></table></td></tr>';
|
echo '</table></td></tr></table></td></tr>';
|
||||||
thr();
|
thr();
|
||||||
}
|
|
||||||
echo "<tr><td><table style=\"width:100%;text-align:left;\"><tr><th>$I[changenickname]</th></tr>";
|
echo "<tr><td><table style=\"width:100%;text-align:left;\"><tr><th>$I[changenickname]</th></tr>";
|
||||||
echo '<tr><td><table style="border-spacing:0px;margin-left:auto;">';
|
echo '<tr><td><table style="border-spacing:0px;margin-left:auto;">';
|
||||||
echo "<tr><td> </td><td>$I[newnickname]</td><td><input type=\"text\" name=\"newnickname\" size=\"20\"></td></tr>";
|
echo "<tr><td> </td><td>$I[newnickname]</td><td><input type=\"text\" name=\"newnickname\" size=\"20\"></td></tr>";
|
||||||
echo "<tr><td> </td><td>$I[newpass]</td><td><input type=\"password\" name=\"new_pass\" size=\"20\"></td></tr>";
|
echo "<tr><td> </td><td>$I[newpass]</td><td><input type=\"password\" name=\"new_pass\" size=\"20\"></td></tr>";
|
||||||
echo '</table></td></tr></table></td></tr>';
|
echo '</table></td></tr></table></td></tr>';
|
||||||
thr();
|
thr();
|
||||||
|
}
|
||||||
echo '<tr><td>'.submit($I['savechanges'])."</td></tr></table></form><br>$H[backtochat]</div>";
|
echo '<tr><td>'.submit($I['savechanges'])."</td></tr></table></form><br>$H[backtochat]</div>";
|
||||||
print_end();
|
print_end();
|
||||||
}
|
}
|
||||||
@@ -2432,7 +2432,7 @@ function save_profile(){
|
|||||||
$stmt=$db->prepare("INSERT INTO $C[prefix]ignored (ign, ignby) VALUES (?, ?);");
|
$stmt=$db->prepare("INSERT INTO $C[prefix]ignored (ign, ignby) VALUES (?, ?);");
|
||||||
$stmt->execute(array($_REQUEST['ignore'], $U['nickname']));
|
$stmt->execute(array($_REQUEST['ignore'], $U['nickname']));
|
||||||
}
|
}
|
||||||
if(!empty($_REQUEST['newnickname'])){
|
if($U['status']>1 && !empty($_REQUEST['newnickname'])){
|
||||||
set_new_nickname();
|
set_new_nickname();
|
||||||
}
|
}
|
||||||
if(!empty($_REQUEST['newpass']) && !valid_pass($_REQUEST['newpass'])){
|
if(!empty($_REQUEST['newpass']) && !valid_pass($_REQUEST['newpass'])){
|
||||||
@@ -2446,6 +2446,9 @@ function set_new_nickname(){
|
|||||||
if(!isSet($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])){
|
if(!isSet($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])){
|
||||||
send_profile(sprintf($I['nopass'], get_setting('minpass')));
|
send_profile(sprintf($I['nopass'], get_setting('minpass')));
|
||||||
}
|
}
|
||||||
|
if(!valid_nick($_REQUEST['newnickname'])){
|
||||||
|
send_profile(sprintf($I['invalnick'], get_setting('maxname')));
|
||||||
|
}
|
||||||
$U['passhash']=md5(sha1(md5($_REQUEST['newnickname'].$_REQUEST['new_pass'])));
|
$U['passhash']=md5(sha1(md5($_REQUEST['newnickname'].$_REQUEST['new_pass'])));
|
||||||
$stmt=$db->prepare("SELECT id FROM $C[prefix]sessions WHERE nickname=? UNION SELECT id FROM $C[prefix]members WHERE nickname=?;");
|
$stmt=$db->prepare("SELECT id FROM $C[prefix]sessions WHERE nickname=? UNION SELECT id FROM $C[prefix]members WHERE nickname=?;");
|
||||||
$stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname']));
|
$stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname']));
|
||||||
@@ -3369,7 +3372,7 @@ function load_lang(){
|
|||||||
function load_config(){
|
function load_config(){
|
||||||
global $C;
|
global $C;
|
||||||
$C=array(
|
$C=array(
|
||||||
'version' =>'1.15', // Script version
|
'version' =>'1.15.1', // Script version
|
||||||
'dbversion' =>14, // Database version
|
'dbversion' =>14, // Database version
|
||||||
'keeplimit' =>3, // Amount of messages to keep in the database (multiplied with max messages displayed) - increase if you have many private messages
|
'keeplimit' =>3, // Amount of messages to keep in the database (multiplied with max messages displayed) - increase if you have many private messages
|
||||||
'msgencrypted' =>false, // Store messages encrypted in the database to prevent other database users from reading them - true/false - visit the setup page after editing!
|
'msgencrypted' =>false, // Store messages encrypted in the database to prevent other database users from reading them - true/false - visit the setup page after editing!
|
||||||
|
|||||||
Reference in New Issue
Block a user