Daily Lucky Numbers:
16
22
24
33
47
49

phg7.3 and above need help

Started by replikacep, February 14, 2022, 03:14:01 PM

Previous topic - Next topic

replikacep

#15
Quote from: Chen Zhen on February 21, 2022, 03:26:30 PM3 open what?
I don't use the mod so you'll have to be more specific.

Someone warned me that there may be an important open in the coding for 3 modes, that is, hacking, do you think there is any open in the codes?

Edit : Do you think there is a security vulnerability in the codes I posted, can you help me?

Chen Zhen

The mod seems to have been removed from the SMF mod site.
I've read about vulnerabilities due to non-sanitized URL input used for SQL injection.
However SMF's smcFunc should sanitize the data, I don't know if the mod uses it or does direct DB commands
I'll need your copy of the mod to look at it.

Unless you are willing to use an updated SEO mod from SMF?

replikacep

#17
BuyurunNot a valid attachment ID.


I don't think it's a security hole, but it's good to have a look.

Chen Zhen


I think the exploit flag for that mod may be for a prior version, perhaps when it was used on the SMF 1 branch.
At a glance I don't see any serious issue but I may not be seeing it if it exists.

For the attachment:

I added the DOM version of the copyright additions.
If you want line breaks instead of " | ", I can show you how to do that with that function.
I'm not sure if you're keeping that other mod installed so you can change it to look for that other URL if you want.
Also I removed the installation mysql file edit for no connection since I don't see the point of it.
I added a bit of code to ensure integer values from the URL request.
That's about it.
 


replikacep

#19
sitemap won't work
I think there is something wrong where you did it.

there is a problem with the lines you added


Chen Zhen

#20
It wasn't loading your language file plus the hooks weren't being removed when the mod is uninstalled but opt to keep settings.
Here is an amended package...

replikacep

i couldn't get the sitemap to work so i gave up on using it

Chen Zhen



Now I see what I did wrong because the function I added a DOM parser to doubles for HTML & XML content.

So when you click the sitemap link, it shows a list of boards in HTML and if you then opt the XML link it shows a bunch of topics in XML format. Is this correct?

I'd like you to try this copy...
 

replikacep

https://katmulkiyet.net/index.php?action=sitemap;xml

the sitemap does not work, it only has English support and moreover, it does not attract the topics.

Chen Zhen

#24
The way I tried to detect a XML string was not good.
Ok, try this package...

replikacep

this is working:  Disable XML Enhanced Look
If your XML sitemap is not working as expected try enabling this



this is not working : Enable XML Sitemap?

I'm throwing the admin password privately


sshot-1.png


https://katmulkiyet.net/index.php?action=sitemap;xml

Chen Zhen

I'll look at this later today.
With the admin access, I can now test it myself.

replikacep

Quote from: Chen Zhen on February 26, 2022, 12:41:30 PMI'll look at this later today.
With the admin access, I can now test it myself.

Sanırım unutma
Quote from: Chen Zhen on February 26, 2022, 12:41:30 PMI'll look at this later today.
With the admin access, I can now test it myself.

i think you forgot