Bravo List
Register
Go Back   > Bravo List > Sourcecode > YSE
Reply
  #1  
Old 19-02-09, 21:26
kp380lv's Avatar
kp380lv kp380lv is offline
Support
 
Join Date: May 2008
Latvia
Posts: 388
Post YSE PRE7 - Security & Bugs
Post all security holes and bugs here!
__________________
http://img20.imageshack.us/img20/8788/23418.gif

Click the image to open in full size.

Last edited by kp380lv; 20-02-09 at 14:42.
Reply With Quote
The Following 4 Users Say Thank You to kp380lv For This Useful Post:
al-jodtv (22-08-09), BacKUP (02-03-09), bkkonline (04-08-09), carphunter18 (24-02-09)
  #2  
Old 22-02-09, 01:03
carphunter18's Avatar
carphunter18 carphunter18 is offline
Senior Member
 
Join Date: Dec 2008
Choose
Posts: 18
Default
Only found a few bugs:

1. in my.php if you add a avatar doesnt metter how big you set the size of the allowed avatar it always says its to big! With external avatar

2. also in my.php ive you add a new language such as dutch my.php cant see it and some language maps such as belgium works fine

3. The bug that new torrents shown as dead even ive they are seeded fine

Fixed: by changing line 90 in cleanup.php to sql_query("UPDATE torrents SET visible='no' WHERE visible='yes' AND last_action < $deadtime");

4. Bug in functions_announce.php there was missing } on line 195

Fixed: to at the }

5. Cant upload an avatar to the site gives me a strange error that i need to change the gif

Last edited by carphunter18; 22-02-09 at 16:45.
Reply With Quote
The Following 2 Users Say Thank You to carphunter18 For This Useful Post:
amstaff (04-03-09), Masterdan (08-07-09)
  #3  
Old 23-02-09, 23:38
BlackRazor's Avatar
BlackRazor BlackRazor is offline
Elite Member
 
Join Date: Feb 2009
Latvia
Posts: 12
Default
Delete News
Are you sure you want to delete this news? Click <a href=?action=delete&newsid=2&returnto=&sure=1>here </a> If you are sure.

link don't works!
Reply With Quote
  #4  
Old 23-02-09, 23:47
Undefined's Avatar
Undefined Undefined is offline
Senior Member
 
Join Date: Jan 2009
Default
Posts: 27
Default
change $htmlstrip = true to false in function newerr :nosepick:
Reply With Quote
The Following 2 Users Say Thank You to Undefined For This Useful Post:
Masterdan (08-07-09), TheBig (06-09-10)
  #5  
Old 28-02-09, 23:24
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Exclamation YSE PRE 7-liquidate bug
Excellent realiz YSE PRE 7 I in it is enamoured much prettily respect BoLaMN - kp380lv that promote the product and quality!
but plenty of bugs I itself with one head not in power to correct all bugs that there there is! hope on your community and your not mediocre help! please let's begin together correct and shall correct some bugs as here was already mentioned:

1. in my.php if you add a avatar doesnt metter how big you set the size of the allowed avatar it always says its to big! With external avatar
2. also in my.php ive you add a new language such as dutch my.php cant see it and some language maps such as belgium works fine
3. The bug that new torrents shown as dead even ive they are seeded fine
Fixed: by changing line 90 in cleanup.php to sql_query("UPDATE torrents SET visible='no' WHERE visible='yes' AND last_action < $deadtime");
4. Bug in functions_announce.php there was missing } on line 195
Fixed: to at the }
5. Cant upload an avatar to the site gives me a strange error that i need to change the gif
6.Are you sure you want to delete this news? Click <a href=?action=delete&newsid=2&returnto=&sure=1>here </a> If you are sure.
7.blocks.php
Fatal error: Cannot redeclare recache_blocks() (previously declared in C:\xampp\htdocs\TRACk\admin\modules\=blocks.php:31 ) in C:\xampp\htdocs\TRACk\admin\modules\blocks.php on line 37
8.Error in SQL
The response from the server MySQL: Column count doesn't match value count at row 1
в C:\xampp\htdocs\TRACk\admin\modules\=blocks.php, line 231
Запрос номер 11.
9.simpaty.php <p>Write to the reason why you feeled. Respect User:</p> <form action="/TRACk/simpaty.php?action=add&good&type=torrent122&target id=100" method="post"> <input type=text name=description maxlength=300 size=100></textarea> <input type="hidden" name="returnto" value="/TRACk/details.php?id=122" /> <input type=submit value=Respect> </form>
10.friends.php Вы хотите удалить друга. Нажмите <a href=?id=1&action=delete&type=friend&targetid=2&su re=1>сюда</a> если вы уверены.
11.stats.php -Category ActivityCategory Last Upload Torrents Perc. Peers Perc.Фильмы DVDRip 1235829550 (2043 week)
I think you not to ignore and raise the quality YSE PRE 7 on due level!
forgive for english


Quote:
Originally Posted by Undefined View Post
change $htmlstrip = true to false in function newerr :nosepick:
where exactly in what file?
Reply With Quote
  #6  
Old 28-02-09, 23:29
Undefined's Avatar
Undefined Undefined is offline
Senior Member
 
Join Date: Jan 2009
Default
Posts: 27
Default
include/functions_global.php
Reply With Quote
The Following User Says Thank You to Undefined For This Useful Post:
Masterdan (08-07-09)
  #7  
Old 01-03-09, 00:19
carphunter18's Avatar
carphunter18 carphunter18 is offline
Senior Member
 
Join Date: Dec 2008
Choose
Posts: 18
Default
masterdan i think you need to remove =blocks.php from admin/modules

because is not in the normal source and that gives tou errors ;)
Reply With Quote
  #8  
Old 01-03-09, 14:57
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Smile YSE PRE 7-liquidate bug
Quote:
Originally Posted by Undefined View Post
include/functions_global.php
thank you!
now bugs connected with removing and respect: simpaty.php-friends.php-news.php? has fallen off!
************************************************** ******************************
remain bugs with creation block if possible help with this bug-shortage
Error in SQL
Code:
The response from the server MySQL: Column count doesn't match value count at row 1
in C:\xampp\htdocs\TRACk\admin\modules\=blocks.php, line 231 Requests number 11.
stats.php-1235829550 (2043 week)

Bump:
Quote:
Originally Posted by carphunter18 View Post
masterdan i think you need to remove =blocks.php from admin/modules

because is not in the normal source and that gives tou errors ;)
yes I so and do!

blocks.php is replaced version YSE Yuna Pre7 RC v02.2 - YSE Yuna Pre7 RC v02.1 and Pre6 no effect swears here is on this!

Code:
sql_query("INSERT INTO ".$prefix."_blocks VALUES (NULL, ".implode(", ", array_map("sqlesc", array($bkey, $title, $content, $bposition, $weight, $active, $btime, $blockfile, $view, $expire, $action, $which))).")") or sqlerr(__FILE__,__LINE__);
Reply With Quote
  #9  
Old 02-03-09, 16:56
kp380lv's Avatar
kp380lv kp380lv is offline
Support
 
Join Date: May 2008
Latvia
Posts: 388
Thumbs up
Keep search bugs guys!;)
__________________
http://img20.imageshack.us/img20/8788/23418.gif

Click the image to open in full size.
Reply With Quote
  #10  
Old 03-03-09, 19:28
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Exclamation YSE PRE 7-liquidate bug
Quote:
Originally Posted by kp380lv View Post
Keep search bugs guys!;)
Searching for of the result and profits on my bug will not bring =(
Reply With Quote
Reply

Tags
bugs , pre7 , se , security , yuna

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
YS security and bug fix mazafaka YSE 2 04-07-09 16:37
security ? razvaneluu Template Shares 0 04-06-09 14:34
YSE PRE7 Bugs and Holes! kp380lv YSE 2 28-11-08 17:24
3 Bugs in 4.3 (For me) D3SI Template Shares 7 19-07-08 23:52



All times are GMT +2. The time now is 19:27. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2017, vBulletin Solutions Inc.