Hotfix for toplist 1.x
Posted on 2006-04-30 11:21:08


Version 2.1 has been released of the toplist for phpBB2, please upgrade a.s.a.p.! \r\n

\r\n Hi, \r\n

\r\n

ALl toplist users read this!!!

\r\n

\r\n Yesterday phpbbfm.net and also my site got hacked. \r\n

\r\n \r\n

\r\n In response to that here is a hotfix for toplist 1.x wich contains the bug they used to exploid it and hack the board. \r\n

\r\n \r\n

\r\n To fix this problme foloow these instructions: \r\n

\r\n \r\n

\r\n OPEN: toplist.php \r\n

\r\n \r\n

\r\n FIND: \r\n

\r\n \r\n

\r\n if(!defined("IN_ADMIN"))
\r\n{
\r\n \$in_admin = false;
\r\n}
\r\nelse
\r\n{
\r\n \$in_admin = true;
\r\n
} \r\n

\r\n \r\n

\r\n REPLACE, WITH: \r\n

\r\n \r\n

\r\n if(!defined("IN_ADMIN"))
\r\n{
\r\n \$in_admin = false;
\r\n \$phpbb_root_path = ''./'';
\r\n}
\r\nelse
\r\n{
\r\n \$in_admin = true;
\r\n \$phpbb_root_path = ''../'';
\r\n
} \r\n

\r\n \r\n

\r\n Note: Register globlass must be on to exploid this bug. So once again turn it off!!!
\r\n \r\n

\r\n \r\n

\r\n Greetings, \r\n

\r\n \r\n

\r\n \r\n

\r\n \r\n

\r\n WyriHaximus \r\n

\r\n