Search found 2039 matches

by Wo1f
Sat Jul 02, 2005 3:58 pm
Forum: 2.0.x Support Forum
Topic: How do i BAN people from posting as a GUEST
Replies: 8
Views: 334

Go to the ACP, in the left pane under "Forum Admin" select "Permissions". This will display the "Forum Permissions Control", select a forum in the pull-down list and then specify what you want for each category. Guests are included in the "All" group, so for the post category make sure it's set to "...
by Wo1f
Sat Jul 02, 2005 3:43 pm
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

Both lines are correct and involve NO security risk . The longer line directs a user to the member page instead of the index page AFTER login . Version 1.0.7 of the mod Redirect anonymous users to login used the following line, which was a bit risky because of an unparsed query string - don't do th...
by Wo1f
Sat Jul 02, 2005 1:18 am
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

His problem. And he knows better, since it's his MOD. I'll see if I can get his attention and contribution to this thread. I take security very seriously as I'm sure you do also. Perhaps that is not what he meant when he said security risk failed Speculation... I haven't looked at the MOD so idk. T...
by Wo1f
Sat Jul 02, 2005 12:53 am
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

Unless I am VERY MUCH mistaken, there is no way that can cause a security hole. It is simply standard code. There is nothing there It might be a good idea to inform the mod author, so the code could be revised in it's shorter form and we could all save some bandwidth - if it's not a security risk. ...
by Wo1f
Sat Jul 02, 2005 12:41 am
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

Re: Hide Memberlist

570 - you mean - you think that a guest can email a registered user? That has never been the case since 2.0.5 at least 8O Please feel free to correct me. I installed the mod in question a while back for many reasons, and because I noticed that guests could access a member's viewprofile and pick up ...
by Wo1f
Sat Jul 02, 2005 12:28 am
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

How is that a security risk? I failed to find that in the thread RTT - on page 7. Also, in the latest version package: 2005-05-21 - Version 1.0.8 ## - Security risk fixed: use values instead of QUERY_STRING for redirect. From which version did you copy that snippet in your first post? Peace Wolf
by Wo1f
Fri Jul 01, 2005 10:11 pm
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

Your welcome! :wink:
by Wo1f
Fri Jul 01, 2005 9:38 pm
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

This will redirect all non registered members to the login page. Open up memberlist.php Find: init_userprefs($userdata); After add: if ($userdata['user_id'] == ANONYMOUS) { redirect(append_sid('login.'.$phpEx)); } And that's... a SECURITY risk!! which has been identified in the mod thread that I me...
by Wo1f
Fri Jul 01, 2005 9:13 pm
Forum: [2.0.x] MOD Requests
Topic: Hide Memberlist
Replies: 25
Views: 1595

Hello 570thusaag! You could manually adjust "index_body.tpl" to hide access to the memberlist when a visitor is not logged in, by moving the "<!-- BEGIN switch_user_logged_out -->" and "<!-- END switch_user_logged_out -->" switch to include or exclude what you want. BUT, there is a simple solution t...
by Wo1f
Fri Jul 01, 2005 2:25 am
Forum: 2.0.x Support Forum
Topic: Lost Date/Time of last post
Replies: 7
Views: 203

Re: I hear you

Thanks for the effort, it is much appreciated. While I was hoping for the "magic bullet" I understand that quite often it can't be find. I'll take you advice to heart. For now the board "appears" to be running fine. The reason I upgraded was that we got hacked. We had proper backups (go backups go!...
by Wo1f
Fri Jul 01, 2005 1:09 am
Forum: 2.0.x Support Forum
Topic: Lost Date/Time of last post
Replies: 7
Views: 203

Re: take for granted?

I inherited ownership of the board so I'm not taking anything for granted. I had some trouble after the upgrade but, based on another message, i replaced a common.php file with an older one and almost everything worked. I would strongly suggest at this point to install a brand new phpBB2 v2.0.16......
by Wo1f
Thu Jun 30, 2005 11:21 pm
Forum: 2.0.x Support Forum
Topic: Lost Date/Time of last post
Replies: 7
Views: 203

Did you have any mods installed prior to the upgrade? Can I take for granted that this info was displayed as it should before the upgrade and that you haven't made any changes whatsoever since then, with the exception of the upgrade? Also, did you do a thorough check to see if anything else on your ...
by Wo1f
Thu Jun 30, 2005 8:34 pm
Forum: 2.0.x Support Forum
Topic: Lost Date/Time of last post
Replies: 7
Views: 203

Hello dhacker! As a first step, look for the following line in "index_body.tpl": <td class="row2" align="center" valign="middle" height="50" nowrap="nowrap"> <span class="gensmall">{catrow.forumrow.LAST_POST}</span></td> If you can't find it, how did you upgrade from v2.0.10 and do you have many mod...
by Wo1f
Thu Jun 30, 2005 8:24 pm
Forum: 2.0.x Support Forum
Topic: How to Unregister oneself
Replies: 5
Views: 504

Hello phpcc!

A board Administrator or someone with admin. rights can delete a user, and that's as far as it goes. As a user, there is no built-in means of doing this.

Hope this helps,
Wolf
by Wo1f
Thu Jun 30, 2005 7:17 pm
Forum: 2.0.x Support Forum
Topic: Can ADMIN Read Private messages?
Replies: 10
Views: 600

Admin Private Message Viewer -->> http://www.phpbbhacks.com/download/200 I was not aware of this, and to tell you the truth I don't agree with this type of mod being offered in the first place. It's unethical unless it also rename's the private messaging feature to something else. Also, it does not...

Go to advanced search