Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > Yuna Scatari Edition (YSE)
Reply
  #1  
Old 19th February 2009, 21:26
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Post YSE PRE7 - Security & Bugs
Post all security holes and bugs here!

Last edited by kp380lv; 20th February 2009 at 14:42.
Reply With Quote
The Following 4 Users Say Thank You to kp380lv For This Useful Post:
al-jodtv (22nd August 2009), BacKUP (2nd March 2009), bkkonline (4th August 2009), carphunter18 (24th February 2009)
  #2  
Old 22nd February 2009, 01:03
carphunter18's Avatar
carphunter18 carphunter18 is offline
Senior Member
 
Join Date: Dec 2008
Choose
Posts: 18
Default
Only found a few bugs:

1. in my.php if you add a avatar doesnt metter how big you set the size of the allowed avatar it always says its to big! With external avatar

2. also in my.php ive you add a new language such as dutch my.php cant see it and some language maps such as belgium works fine

3. The bug that new torrents shown as dead even ive they are seeded fine

Fixed: by changing line 90 in cleanup.php to sql_query("UPDATE torrents SET visible='no' WHERE visible='yes' AND last_action < $deadtime");

4. Bug in functions_announce.php there was missing } on line 195

Fixed: to at the }

5. Cant upload an avatar to the site gives me a strange error that i need to change the gif

Last edited by carphunter18; 22nd February 2009 at 16:45.
Reply With Quote
The Following 2 Users Say Thank You to carphunter18 For This Useful Post:
amstaff (4th March 2009), Masterdan (8th July 2009)
  #3  
Old 23rd February 2009, 23:38
BlackRazor's Avatar
BlackRazor BlackRazor is offline
Member
 
Join Date: Feb 2009
Latvia
Posts: 12
Default
Delete News
Are you sure you want to delete this news? Click <a href=?action=delete&newsid=2&returnto=&sure=1>here </a> If you are sure.

link don't works!
Reply With Quote
  #4  
Old 23rd February 2009, 23:47
Undefined's Avatar
Undefined Undefined is offline
Senior Member
 
Join Date: Jan 2009
Default
Posts: 27
Default
change $htmlstrip = true to false in function newerr :nosepick:
Reply With Quote
The Following 2 Users Say Thank You to Undefined For This Useful Post:
Masterdan (8th July 2009), TheBig (6th September 2010)
  #5  
Old 28th February 2009, 23:24
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Exclamation YSE PRE 7-liquidate bug
Excellent realiz YSE PRE 7 I in it is enamoured much prettily respect BoLaMN - kp380lv that promote the product and quality!
but plenty of bugs I itself with one head not in power to correct all bugs that there there is! hope on your community and your not mediocre help! please let's begin together correct and shall correct some bugs as here was already mentioned:

1. in my.php if you add a avatar doesnt metter how big you set the size of the allowed avatar it always says its to big! With external avatar
2. also in my.php ive you add a new language such as dutch my.php cant see it and some language maps such as belgium works fine
3. The bug that new torrents shown as dead even ive they are seeded fine
Fixed: by changing line 90 in cleanup.php to sql_query("UPDATE torrents SET visible='no' WHERE visible='yes' AND last_action < $deadtime");
4. Bug in functions_announce.php there was missing } on line 195
Fixed: to at the }
5. Cant upload an avatar to the site gives me a strange error that i need to change the gif
6.Are you sure you want to delete this news? Click <a href=?action=delete&newsid=2&returnto=&sure=1>here </a> If you are sure.
7.blocks.php
Fatal error: Cannot redeclare recache_blocks() (previously declared in C:\xampp\htdocs\TRACk\admin\modules\=blocks.php:31 ) in C:\xampp\htdocs\TRACk\admin\modules\blocks.php on line 37
8.Error in SQL
The response from the server MySQL: Column count doesn't match value count at row 1
в C:\xampp\htdocs\TRACk\admin\modules\=blocks.php, line 231
Запрос номер 11.
9.simpaty.php <p>Write to the reason why you feeled. Respect User:</p> <form action="/TRACk/simpaty.php?action=add&good&type=torrent122&target id=100" method="post"> <input type=text name=description maxlength=300 size=100></textarea> <input type="hidden" name="returnto" value="/TRACk/details.php?id=122" /> <input type=submit value=Respect> </form>
10.friends.php Вы хотите удалить друга. Нажмите <a href=?id=1&action=delete&type=friend&targetid=2&su re=1>сюда</a> если вы уверены.
11.stats.php -Category ActivityCategory Last Upload Torrents Perc. Peers Perc.Фильмы DVDRip 1235829550 (2043 week)
I think you not to ignore and raise the quality YSE PRE 7 on due level!
forgive for english


Quote:
Originally Posted by Undefined View Post
change $htmlstrip = true to false in function newerr :nosepick:
where exactly in what file?
Reply With Quote
  #6  
Old 28th February 2009, 23:29
Undefined's Avatar
Undefined Undefined is offline
Senior Member
 
Join Date: Jan 2009
Default
Posts: 27
Default
include/functions_global.php
Reply With Quote
The Following User Says Thank You to Undefined For This Useful Post:
Masterdan (8th July 2009)
  #7  
Old 1st March 2009, 00:19
carphunter18's Avatar
carphunter18 carphunter18 is offline
Senior Member
 
Join Date: Dec 2008
Choose
Posts: 18
Default
masterdan i think you need to remove =blocks.php from admin/modules

because is not in the normal source and that gives tou errors ;)
Reply With Quote
  #8  
Old 1st March 2009, 14:57
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Smile YSE PRE 7-liquidate bug
Quote:
Originally Posted by Undefined View Post
include/functions_global.php
thank you!
now bugs connected with removing and respect: simpaty.php-friends.php-news.php? has fallen off!
************************************************** ******************************
remain bugs with creation block if possible help with this bug-shortage
Error in SQL
Code:
The response from the server MySQL: Column count doesn't match value count at row 1
in C:\xampp\htdocs\TRACk\admin\modules\=blocks.php, line 231 Requests number 11.
stats.php-1235829550 (2043 week)

Bump:
Quote:
Originally Posted by carphunter18 View Post
masterdan i think you need to remove =blocks.php from admin/modules

because is not in the normal source and that gives tou errors ;)
yes I so and do!

blocks.php is replaced version YSE Yuna Pre7 RC v02.2 - YSE Yuna Pre7 RC v02.1 and Pre6 no effect swears here is on this!

Code:
sql_query("INSERT INTO ".$prefix."_blocks VALUES (NULL, ".implode(", ", array_map("sqlesc", array($bkey, $title, $content, $bposition, $weight, $active, $btime, $blockfile, $view, $expire, $action, $which))).")") or sqlerr(__FILE__,__LINE__);
Reply With Quote
  #9  
Old 2nd March 2009, 16:56
kp380lv's Avatar
kp380lv kp380lv is offline
Senior Member
 
Join Date: May 2008
Latvia
Posts: 388
Thumbs up
Keep search bugs guys!;)
Reply With Quote
  #10  
Old 3rd March 2009, 19:28
Masterdan's Avatar
Masterdan Masterdan is offline
Member
 
Join Date: Oct 2008
Russia
Posts: 6
Exclamation YSE PRE 7-liquidate bug
Quote:
Originally Posted by kp380lv View Post
Keep search bugs guys!;)
Searching for of the result and profits on my bug will not bring =(
Reply With Quote
Reply

Tags
bugs , pre7 , se , security , yuna

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
YS security and bug fix mazafaka Yuna Scatari Edition (YSE) 2 4th July 2009 16:37
security ? razvaneluu Template Shares 0 4th June 2009 14:34
YSE PRE7 Bugs and Holes! kp380lv Yuna Scatari Edition (YSE) 2 28th November 2008 17:24
3 Bugs in 4.3 (For me) D3SI Template Shares 7 19th July 2008 23:52



All times are GMT +2. The time now is 05:10. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.