| Author |
Message |
|
|
|
Everything looks fine. I would recommend getting your PHP updated as 4.3.10 was released to fix some major security holes. I wil look more into this problem. I wonder if it's not a GD problem.
|
 |
|
|
middleeastfacts wrote:Hi guys,
Thanks for your assistance. What I did, that seemed to work, was change up, in the lib/add.class.php file:
With:
It worked like a charm!
Thanks again - your assistance helped me locate approximately where I could make the change.
Sometimes you can't see the wood for the trees. Your fix is the correct way as it is simple.
|
|
|
|
|
Fixed and you have email.
|
|
|
|
D.A. wrote:You people are amazing! If it's such a lousy program, why are you using it? So basically what you're saying is like if you go to the store and the clerk isn't behind the counter, it's okay to steal the candybar. If you expect credit, compensation, whatever for what you've done, then you shouldn't volunteer. You can make whatever excuses you want, but ET is right. You ought to at least have a little respect.
I never said it was lousy, I said it had exploits and needed updating. I have patched the exploits and updated the guestbook for myself and many others. I have racked up 1000 posts on this forum helping people with guestbook problems as the guestbooks maker seems to have turned his back on it. Am I justified in removing the copyright from the bottom? I'd say yes. Want to argue with me abotu it? Use my forum.
|
|
|
|
|
Pebe try www.carbonize.co.uk/reset.zip to change your username and password in the guestbook.
|
|
|
|
pimmer wrote:Go to you're SQL manager (for example phpMyAdmin)
Go to you're guestbook
Go to the table: book_auth
And change the password field into 773359240eb9a1d9
now you can login with you're username and password=123
the above will not work with the latest versions of MySQL as they have apparently changed the password encryption. I made www.carbonize.co.uk/reset.zip to let people change their password simply regardless of their MySQL version.
|
|
|
|
|
Did you install the script from here or did your hosts provide it?
|
|
|
|
|
make ?????? a blacklisted word in the badword filter.
|
|
|
|
|
You're the second person with this problem. What version of PHP, Apache and MySQL are you running?
|
|
|
|
|
the error it describes should not be in line 1. Email me your install.php file.
|
|
|
|
|
Sounds liek your friend is using a site made using CSS layouts. If you use CSS layouts and an external style sheet you can use javascript ot PHP or let users select a different CSS sheet. The script is the simple part, designing the site and multiple layouts isn't. A perfect example is http://www.csszengarden.com/ which has hundreds of looks but the (X)HTML never changes, each different look is done via a different style sheet.
|
|
|
|
|
exec is a call to run an external program hence it being a risk. Did you tell the script you had imagemagik installed?
|
|
|
|
|
I deelted the post. You can find simple instructions on patching the exploit in my sites forum.
|
|
|
|
|
I removed it from mine. I only readded it to make people think I was running Advanced guestbook 2.2. so they would try and exploit it so i can report them. I feel I am justified in removing the copyright as I've done enough bloody work on it.
|
|
|
|
|
www.carbonize.co.uk/reset.zip
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login