Use pun_include to a file in the user directory that simply includes your coppermine file relative to PUN_ROOT
2,001 2007-11-06 00:39
Re: how to add php to the main site (6 replies, posted in PunBB 1.2 troubleshooting)
2,002 2007-11-05 21:53
Re: is there a way to see which mod banned an IP (2 replies, posted in PunBB 1.2 troubleshooting)
Your Apache access logs may help you, and PunBB 1.3 stores who creates a ban, but other than that there isn't a way.
2,003 2007-11-05 01:46
Re: Graphics and web design (3 replies, posted in PunBB 1.2 show off)
Moved to Show Off
2,004 2007-11-04 22:38
Re: [Mod] Project List 1.0 (Removed for fixing) (2 replies, posted in PunBB 1.2 modifications, plugins and integrations)
A bit of feedback for you:
In the admin plugin:
while (list($id, $set) = @each($allow_read))
{
$db->query('UPDATE '.$db->prefix.'groups SET g_read_project='.$set.' WHERE g_id=\''.$id.'\'') or error('Unable to change permissions.', __FILE__, __LINE__, $db->error());
}$set is not intval'ed like everywhere else: SQL inject
For all the code like that, $id is a number as well but is treated like a string (and not escaped properly, which allows for SQL injects).
$less=0;
$db->query("DELETE FROM {$db->prefix}project WHERE id>{$less}")
or error('Unable to delete a type', __FILE__, __LINE__, $db->error());A. Out of curiosity, what's up with the use of {}?
B. Why not just do >0 instead of defining a variable to be a constant and using it in the next line?
<th scope="row"><?php echo $cur_group['g_title'] ?></th>XSS, pun_htmlspecialchars needs to be called on the title
---
Now, project.php
if ($is_admmod)I see that used a lot, but I never see it initialized anywhere. Where is it initialized?
if (isset($_POST['form_add']))
{
$result = $db->query('SELECT * FROM '.$db->prefix.'project') or error('Unable to fetch project list', __FILE__, __LINE__, $db->error());
$cur_todo = $db->fetch_assoc($result);
$id = $cur_todo['id'];if (isset($_POST['form_del']))
{
$result = $db->query('SELECT * FROM '.$db->prefix.'project') or error('Unable to fetch project list', __FILE__, __LINE__, $db->error());
$cur_todo = $db->fetch_assoc($result);
$id = $cur_todo['id'];As far as I can see, this code is entirely unnecessary (not the if/else if, the query).
if (isset($_POST['form_edit']))
{
$project_id = $_POST['id'];
$result = $db->query('SELECT * FROM '.$db->prefix.'project WHERE id='.$project_id.'') or error('Unable to fetch project list', __FILE__, __LINE__, $db->error());
$cur_project = $db->fetch_assoc($result);
$id = $cur_project['id'];SQL inject, $project_id is never properly sanitized
$result = $db->query('SELECT id, owner FROM '.$db->prefix.'project WHERE id='.$_GET['del'].'') or error('Unable to fetch project list', __FILE__, __LINE__, $db->error());Another SQL inject, $_GET['del'] is being used directly. You sanitize it for $del a few lines later: that should be moved up and you should use $del.
The actual form processing stuff (add, edit, delete) never checks for permission. That's only done when displaying the HTML. It needs to be done in both places.
<input type="hidden" name="delete_project" value="<?php echo $_GET['del']?>"><h2><?php echo $lang_project['edit'] ?> - <?php echo $cur_project['subject']?></h2><input type="hidden" name="id" value="<?php echo $_GET['edit']?>"/> if ($project_data['owner'] == $pun_user['id'] || ($pun_user['g_id'] == PUN_ADMIN || ($pun_group['g_project_edit'] == '1'))){
echo '<p><a href="project.php?edit='.$_GET['adv'].'">'.$lang_project['edit'].'</a></p>';
}
if ($project_data['owner'] == $pun_user['id'] || ($pun_user['g_id'] == PUN_ADMIN || ($pun_group['g_project_delete'] == '1'))){
echo '<p><a href="project.php?del='.$_GET['adv'].'">'.$lang_project['delete'].'</a></p>';
}<h2><span><?php echo $lang_project['current work'].' - '.$project_data['subject'] ?></span></h2><div class="block" style="width:15%;">
<h2><?php echo $lang_project['workers'] ?></h2>
<div class="box">
<div class="inbox">
<div>
<?php
echo '<p>'.$project_data['workers'].'</p>';
?>
</div>
</div>
</div>
</div><td class="tcl"><h3 class="toggler introduction"><a><?php echo $project_data['subject'] ?></a></h3></td>
<td><?php echo $project_data['workers'];?></td><p><?php echo "$newtext\n"; ?></p> <td class="tcl"><h3 class="toggler introduction"><a><?php echo $project_data['subject'] ?></a></h3></td>
<td><?php echo $project_data['workers']; ?></td><p><strong><?php echo $lang_project['description'] ?>:</strong></p>
<p><?php echo "$project_info_short\n"; ?></p>XSS
I don't think I caught everything, so don't take this as a comprehensive review 
I also think you could benefit from splitting project.php into several files (create_project.php, edit_project.php, delete_project.php, etc).
2,005 2007-11-04 22:05
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
I can't tell any more about it without actually having access to the forum. Email me, smartys at this domain.
2,006 2007-11-04 21:47
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
Try removing all the cache files then
What does the URL look like when you click that link?
2,007 2007-11-04 21:19
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
Try uploading a fresh copy of admin_forums.php and header.php
2,008 2007-11-04 20:44
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
I have no idea what it would be, I would need to see a screenshot.
And you haven't edited admin_forums.php, right?
2,009 2007-11-04 20:26
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
When you actually click the edit link, as opposed to just visiting the page?
2,010 2007-11-04 17:45
Re: Can a user delete their own account? (16 replies, posted in PunBB 1.2 troubleshooting)
FIND
if ($pun_user['g_id'] > PUN_ADMIN)
message($lang_common['No permission']);REPLACE WITH
if ($pun_user['g_id'] > PUN_ADMIN && $pun_user['id'] != $id)
message($lang_common['No permission']);FIND
if (isset($_POST['delete_posts']))REPLACE WITH
if (isset($_POST['delete_posts']) && $pun_user['g_id'] == PUN_ADMIN)That way, you can only delete a user if you're an administrator or it's your account, and you can only delete posts if you're an administrator.
2,011 2007-11-04 16:31
Re: Can a user delete their own account? (16 replies, posted in PunBB 1.2 troubleshooting)
Or you could allow users to delete their own accounts without deleting their posts by editing two lines of the code you pasted above. You could then either provide a proper form setup on your own or alter profile.php more to show the delete option.
And I have to agree with Paul, I wouldn't equate not being able to delete an account to being trapped. Nobody forces you to keep visiting a website.
2,012 2007-11-04 14:03
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
Did you fix both problems?
2,013 2007-11-04 12:51
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
From install.php
$sql = 'CREATE TABLE '.$db_prefix."search_words (
id MEDIUMINT(8) UNSIGNED NOT NULL AUTO_INCREMENT,
word VARCHAR(20) BINARY NOT NULL DEFAULT '',
PRIMARY KEY (word),
KEY ".$db_prefix."search_words_id_idx (id)Sounds like you're missing auto_increment, and the primary key is set incorrectly.
2,014 2007-11-04 12:42
Re: New Exploit For PunBB v1.2.15 (15 replies, posted in PunBB 1.2 bug reports)
I do too, I'm still waiting for a reply
2,015 2007-11-04 11:46
Re: Can a user delete their own account? (16 replies, posted in PunBB 1.2 troubleshooting)
Peter wrote:
Why isn't there a delete option for users?
Because deleting is an administrative/maintenance action that can have effects on the entire board.
2,016 2007-11-04 03:51
Re: Can a user delete their own account? (16 replies, posted in PunBB 1.2 troubleshooting)
Don't do what Matt said. That would mean anybody could delete anybody.
You can't just remove the admin restriction from the permissions check, you need to also allow a user to delete his/her own account.
And when I said copy/paste the code, I meant copy/paste the code to your own script, since I assumed that was what you were doing.
You're right that there's no delete option for users: because there isn't 
2,017 2007-11-04 03:03
Re: Can a user delete their own account? (16 replies, posted in PunBB 1.2 troubleshooting)
Just copy/paste it?
2,018 2007-11-04 01:04
Re: An update (124 replies, posted in News)
NyteOwl wrote:
teh giveaway was just a comment that it was the same folks. I see your point. Just the red flagging raised some concerns - especially from a company that appears to have no other presence that comes up and is (though it shouldn't be a concern) from a relatively obscure part of the world
Oh, I completely understand: like I said, we bought up the same issues with them 
2,019 2007-11-04 00:52
Re: An update (124 replies, posted in News)
NyteOwl wrote:
Intereesting because the freedownloadmanager.org site also is(was?) geting flagged red by McAfee's SiteAdvisor. Same folks then as giveawayoftheday.com.
And that's another issue we noticed and brought up beforehand
Read the comments for freedownloadmanager.com. Also, try viewing some of the "red" files and looking at the "download publisher url." It's a site for people to upload shareware, and some people upload malware. They have software in place to detect and deal with malware and from everything I can see, it's working: if you try and go to those URLs, you can't access the malware through their site. And giveawayoftheday comes up green for me.
2,020 2007-11-04 00:31
Re: Weird... i cant insert any data (17 replies, posted in PunBB 1.2 troubleshooting)
Enable debug mode, paste the full error
2,021 2007-11-04 00:09
Re: An update (124 replies, posted in News)
NyteOwl wrote:
What I would like to ask is whether the new owner is the same SoftDeluxe that owns the Free Download Manager product (also GPLed) that is listed on SpyWare Guide?
Yes. That's actually a site we came across as well, when we were first discussing the agreement. Paul pointed out that there are similar company listings on that site for Opera, Macromedia, Mozilla, Agnitum, Kaspersky, Kerio, Iomega, mIRC, MySpace, Netscape, Sun Microsystems, SpyBot, steganos, Toshiba, Winzip, ZoneLabs, etc.
In other words, a company listing there is not indicative of spyware. In this case, it's indicative that the software "phones home" at some point (to check for updates, validate a license key, etc).
2,022 2007-11-03 18:36
Re: Smartys come in,about guest flood protection. (10 replies, posted in PunBB 1.2 troubleshooting)
Oh, right. 9999 probably won't work because it's greater than the timeout for an entry in the online table. As soon as the online table entry goes away, the last posted time goes away.
2,023 2007-11-03 18:29
Re: Spam Limiting with Custom Question? (6 replies, posted in General discussion)
Are you sure you have PunBB? That sounds like phpBB.
2,024 2007-11-03 17:01
Re: New Exploit For PunBB v1.2.15 (15 replies, posted in PunBB 1.2 bug reports)
I've also sent you an email about this.
2,025 2007-11-03 12:45
Re: photojojo forum... punBB totally tweaked (15 replies, posted in PunBB 1.2 show off)
pingme wrote:
intedinmamma wrote:Awesome looks (and functionality), but what happened to the PunBB copyright notice? Or am I missing something?
As per Rick, it is optional and he did not mind removing it. At least in old days
Rickard wrote:
As I have been getting a few questions about this, I thought it would be a good idea to straighten a few things out. FAQ inspired by a post in the phpBB community forums.
Q: May I remove the copyright from the page footer?
Yes, but please don't. If you must, please try to keep at least "Powered by PunBB" with the link to this site intact.
Q: May I add my own copyright to the page footer?
Yes, but you may not alter the original copyright in such a way that it loses it's original "meaning". It must, in other words, still be absolutely clear who is the copyright holder of PunBB. Adding an additional line with your copyright notice is ok.
Q: May I remove the copyright from the source code?
No. The copyright notice in all the source files must be left intact. Any modification or removal of this copyright is illegal under the terms of the GNU General Public Licence.