Err, what?
http://punbb.org/forums/profile.php?id=2
Avatars are shown
6,501 2005-11-01 23:26
Re: Avatars ?? (8 replies, posted in Feature requests)
6,502 2005-11-01 22:30
Re: Converting PHPBB to PunBB. Need help =( (8 replies, posted in PunBB 1.2 troubleshooting)
Well, I found the rule (or a ruleset containing it)
http://www.gotroot.com/downloads/ftp/mo … rules.conf
#PunBB version <= 1.2.2 auth bypass exploit
SecFilterSelective REQUEST_URI "profile\.php\?section=admin\&id=.*\&action=foo"I can't find any "auth bypass" that existed that would be prevented by that line.
6,503 2005-11-01 22:19
Re: PunBB 1.2.10 (69 replies, posted in News)
I think you'll have to do a complete re-install, just like 1.1 - 1.2: there would just be too many changes
6,504 2005-11-01 13:22
Re: Ban Exploit (4 replies, posted in PunBB 1.2 troubleshooting)
No, there is no such exploit, nor is it possible through PunBB's code as far as I can tell (especially with the protection Rickard added in 1.2.9)
A couple possibilities:
The guy figured out your password and is logging in as you to unban himself
The guy can access your DB
Your PunBB isn't fully updated. He's using an exploit that you didn't fully patch to gain access.
Now, three things that might help you:
1. Upgrade to 1.2.10
The removal of reliance on X_FORWARDED_FOR means it becomes harder for him to fake his IP
2. Change yout password to something complicated and hard to figure out
3. If you have access to the access_log, paste us the relevant parts and we can try and figure out if it was actually an exploit
6,505 2005-11-01 13:15
Re: PunBB 1.2.10 (69 replies, posted in News)
Connorhd wrote:
http://dev.punbb.org/changeset/286 - my IP address is now wrong
I can write a mod to store X_FORWARDED_FOR somewhere if you want 
6,506 2005-11-01 01:25
Re: punbb.org has some difficulties (5 replies, posted in PunBB 1.2 bug reports)
Yeah, Sulfur is the default error style 
6,507 2005-10-31 16:49
Re: Ultimate Arcade (2 replies, posted in PunBB 1.2 modifications, plugins and integrations)
Except that isn't an arcade and it isn't integrated, via the database or even via design, at all. All it is is a bunch of games hosted on a website
6,508 2005-10-30 16:46
Re: Add Page Script (5 replies, posted in PunBB 1.2 discussion)
There's not a script that lets you add a new page, but you can add links in Admin Options (additional navlinks)
6,509 2005-10-29 15:49
Re: What is planned for PunBB 1.3 then? (114 replies, posted in PunBB 1.2 discussion)
mariacallas.org wrote:
just add PM and poll systems to the core, please
Rickard wrote:
The subject is "What is planned for PunBB 1.3 then?", not "Post your feature requests here!".
And as has been said many times now, extensions will allow polls/PM to be installed much more easily
6,510 2005-10-28 22:33
Re: IM fields in another way (3 replies, posted in Feature requests)
I have ICQ and AIM (silly, I know, to run both when ICQ #s work with AIM and AIM nicknames work with ICQ), I know people who use that and Jabber (usually through Google Talk) and MSN
But most people don't need all of them at once: they just need some of them. But take a group of people, probably at least one person will have used each one
6,511 2005-10-28 22:08
Re: IM fields in another way (3 replies, posted in Feature requests)
They're there already
Just replace everywhere it says "Yahoo" or "AIM" with the name of your instant messenger in the language file
6,512 2005-10-28 20:38
Re: What is planned for PunBB 1.3 then? (114 replies, posted in PunBB 1.2 discussion)
Raybo: Like I said to you before, I wrote a plugin for you to do just that: and I wasn't the only one
6,513 2005-10-28 20:37
Re: BBCode [IMG] [/IMG ] Tag Vulnerability (21 replies, posted in PunBB 1.2 discussion)
Rickard said he was going to take a look at it
6,514 2005-10-27 22:11
Re: [quote] is not interpreted ... (13 replies, posted in PunBB 1.2 troubleshooting)
Paul: exactly my point, print out the whole post and let the stylesheet decide how much people "see"
6,515 2005-10-27 21:15
Re: [quote] is not interpreted ... (13 replies, posted in PunBB 1.2 troubleshooting)
Aha, I never actually checked the code, I just noticed that a lot less of the post is shown thanks to the div
and FYI: I made a really long post to test it, but when I did a strlen I found out that the number of characters shown was actually 1010.
What's the point of only showing part of the post though, if the div hides most of it?
6,516 2005-10-27 19:33
Re: [quote] is not interpreted ... (13 replies, posted in PunBB 1.2 troubleshooting)
Rickard: except all of the post is shown, it's just "hidden" by the div
6,517 2005-10-27 13:59
Re: Line 58 (6 replies, posted in PunBB 1.2 troubleshooting)
I think it did
You tried entering "localhost" as your database hostname. That doesn't work with Dreamhost, since they have external DB servers: you have to use the address they give you
6,518 2005-10-27 10:24
Re: What is planned for PunBB 1.3 then? (114 replies, posted in PunBB 1.2 discussion)
Probably something where you give it a user agent/IP list and if a guest matches that, they get fed a certain style and are marked as a certain bot
6,519 2005-10-26 23:38
Re: A New Punbb (Un Official) Forum (9 replies, posted in PunBB 1.2 discussion)
Well, just a link to PunRes would work then
6,520 2005-10-26 23:37
Re: Admin page not coming up (32 replies, posted in PunBB 1.2 troubleshooting)
Try this:
$data = shell_exec('uptime');
$uptime = explode(' up ', $data);
$uptime = explode(',', $uptime[1]);
$uptime = $uptime[0].', '.$uptime[1];6,521 2005-10-26 21:55
Re: Admin page not coming up (32 replies, posted in PunBB 1.2 troubleshooting)
Edit: new code
<?php
$s = explode( " ", exec("/sbin/sysctl -n kern.boottime") );
$a = str_replace( ",", "", $s[3]);
$uptime = time() - $a;
?>Oh, and what's your PHP_OS set as?
6,522 2005-10-26 21:12
Re: Admin page not coming up (32 replies, posted in PunBB 1.2 troubleshooting)
Edit: My mistake, basically $load_averages is filled with the results
Try removing the @ from exec('uptime')
6,523 2005-10-26 21:11
Re: My post dot indicator. Is this a mod? (2 replies, posted in PunBB 1.2 troubleshooting)
check out Admin Options and search the page for the word "dot"
I believe it's disabled by default
6,524 2005-10-26 20:48
Re: A New Punbb (Un Official) Forum (9 replies, posted in PunBB 1.2 discussion)
One question: why?
Oh, and this should be in Show Off
6,525 2005-10-26 20:46
Re: Admin page not coming up (32 replies, posted in PunBB 1.2 troubleshooting)
OK, run this in a test file then
var_export(preg_match('/averages?: ([0-9\.]+),[\s]+([0-9\.]+),[\s]+([0-9\.]+)/i', @exec('uptime'), $load_averages))