If it was a PHP script, it can only see what the webserver can see (unless it was abusing a bug in PHP, Apache, or the OS to give itself elevated permissions)
I've seen some pretty powerful backdoor/hack scripts in PHP, but I don't think most of their functions abused holes in Apache, PHP, or the OS
4,351 2007-01-20 02:18
Re: Cl0wn S4t4n1c_S0uls hacked my site (18 replies, posted in PunBB 1.2 discussion)
4,352 2007-01-20 01:03
Re: 1.3 multi-lingual ? (9 replies, posted in PunBB 1.2 discussion)
Yes, PunBB currently supports multiple languages (or using a language other than English) everywhere except the admin interface
4,353 2007-01-19 22:41
Re: Cl0wn S4t4n1c_S0uls hacked my site (18 replies, posted in PunBB 1.2 discussion)
I doubt that would help anything.
When I was in school they gave us personal websites, and some time after I graduated I went back to the one I had. there was a place I had made for group collaboration for some of my classes that let folks upload team documents. somebody had uploaded a script that allowed them to gain IO access to all the sites hosted on that web server. I downloaded it and tried it on one of those free hosting servers and was able to have pretty much root access to every site hosted on that server. It was a pretty dangerous script, and if somebody else hosted on the same box as yours allowed somebody to upload a script like that, they could deface every site on that box from their web browser (including changing directory acl's).
most hosts have scanners for that kind of stuff, so your best bet is to contact them or access your logs to see what was going on.
Proper chmodding would help there (as Apache should only be reading index.php)
4,354 2007-01-19 21:32
Re: Problems with Spoiler Tag from PunBB Wiki (5 replies, posted in PunBB 1.2 troubleshooting)
You did the PHP, CSS, and Javascript parts?
4,355 2007-01-19 14:04
Re: Cl0wn S4t4n1c_S0uls hacked my site (18 replies, posted in PunBB 1.2 discussion)
Smartys wrote:OK, first off, what exactly did he do? Did he modify config.php, did he edit the database, what?
NO he modified only my index and not the config file!!!
I'd suggest reporting the incident to your host and asking them for help: they're more likely to be able to identify the issue.
4,356 2007-01-19 13:58
Re: Cl0wn S4t4n1c_S0uls hacked my site (18 replies, posted in PunBB 1.2 discussion)
OK, first off, what exactly did he do? Did he modify config.php, did he edit the database, what?
4,357 2007-01-19 13:42
Re: Cl0wn S4t4n1c_S0uls hacked my site (18 replies, posted in PunBB 1.2 discussion)
Moved to PunBB Discussion
It depends on how he managed to hack your site and what he did to your database.
4,358 2007-01-19 11:53
Re: Attachment Mod 2.0.1 by Frank H (500 replies, posted in PunBB 1.2 modifications, plugins and integrations)
http://cms.frankh.shacknet.nu/index.php … ;Itemid=32
The documentation, which Frank linked to above
Secondly, step 43 & 44 is altered. Just change the true to false after the query (and add the comment behind , so you have a mark that the attachment mod has altered that line)
4,359 2007-01-19 11:32
Re: Attachment Mod 2.0.1 by Frank H (500 replies, posted in PunBB 1.2 modifications, plugins and integrations)
You messed up in the install, apply this changeset again
http://dev.punbb.org/changeset/172
4,360 2007-01-19 03:09
Re: Query Issue with AP_News_Generator.php and SQLite (3 replies, posted in PunBB 1.2 modifications, plugins and integrations)
UNIX_TIMESTAMP is the issue
Here's a fix though:
http://punbb.org/forums/viewtopic.php?pid=35109#p35109
4,361 2007-01-19 00:38
Re: Trouble with (my) search action links (12 replies, posted in PunBB 1.2 troubleshooting)
Try clearing your cache?
4,362 2007-01-18 22:41
Re: Register.php: Timezone converted to intval? But list has +3.5 on it. (1 replies, posted in PunBB 1.2 bug reports)
Right
This bug has already been noticed before and has been fixed in SVN: nice catch though
http://dev.punbb.org/changeset/768
4,363 2007-01-18 20:22
Re: possible - last visited not updating (4 replies, posted in PunBB 1.2 troubleshooting)
Right, you have to not request pages for however many minutes.
4,364 2007-01-18 17:45
Re: Mediawiki intergration (14 replies, posted in PunBB 1.2 modifications, plugins and integrations)
It seems like there is no intergration with teh Mediawiki software and that is an pitty. This forum software should be the perfect add on for Mediawiki sites to discuss items on the wiki.
Anyone knows something about this?
I thought I saw one, I'll take a look later
4,365 2007-01-18 17:43
Re: version 1.3 (9 replies, posted in PunBB 1.2 discussion)
1.3 will come with a script that updates the 1.2 database to work with 1.3
It's already available for download, just not finished yet.
It isn't avaliable for download (at least by my definition, which would mean an officially provided zip/tar). The current revision can be checked out using SVN, but it's testing at your own risk.
4,366 2007-01-18 17:42
Re: 1.3 multi-lingual ? (9 replies, posted in PunBB 1.2 discussion)
The language support is no different than it is in 1.2, unless I'm missing something (with the exception of the admin interface, which can now be translated)
4,367 2007-01-18 17:40
Re: show full text of (recent) entries (1 replies, posted in PunBB 1.2 modifications, plugins and integrations)
Moved to Modifications
4,368 2007-01-18 17:40
Re: possible - last visited not updating (4 replies, posted in PunBB 1.2 troubleshooting)
That's the right type.
Are you the only person visiting the forum?
Moved to Troubleshooting, since this looks like a config issue
4,369 2007-01-18 11:31
Re: Query Issue with AP_News_Generator.php and SQLite (3 replies, posted in PunBB 1.2 modifications, plugins and integrations)
Replace the call to UNIX_TIMESTAMP() to a call to PHP's mktime function (the first 3 arguments should be 0 for obvious reasons)
4,370 2007-01-18 01:29
Re: .htacces? (11 replies, posted in Programming)
4,371 2007-01-18 00:58
Re: Ranks/Member Groups (2 replies, posted in PunBB 1.2 discussion)
That's just a custom title
As an admin, look in profile under Personal
Also, a group option is to give all group members a tag
4,372 2007-01-17 23:25
Re: Bounce Emails - Unable To Deliver To Recepient (19 replies, posted in PunBB 1.2 troubleshooting)
Err, there's nothing to change out, you add that code after the define call
What it does is disable the time limit PHP imposes on the script before it halts the execution. Hopefully, that way, all the emails will get sent
4,373 2007-01-17 17:47
Re: corrupted database (2 replies, posted in PunBB 1.2 troubleshooting)
That is not common: I'd talk to your host. The last time I saw tables getting corrupted too often, I believe it was traced back to some corrupted MySQL libs.
4,374 2007-01-17 17:46
Re: PunBB & mod_security (1 replies, posted in PunBB 1.2 troubleshooting)
If the culprit is mod_security, ask the admin to update his/her ruleset: no current ruleset should pose an issue.
However, I'd check error.log and see what error it is giving you.
4,375 2007-01-17 11:25
Re: How do you clean your variables? (21 replies, posted in Programming)
http://shiflett.org/archive/184
Yes, depending on the character set you're using. Therefore, it's always a good idea to use mysql_real_escape_string.