I love how you were so quick to re-release such a shit content management system. You didn’t even fix the exploit(s). Thank god Hejula is actually nice enough to help you out (people who use this), I wouldn’t have told you.
I love how you were so quick to re-release such a shit content management system. You didn’t even fix the exploit(s). Thank god Hejula is actually nice enough to help you out (people who use this), I wouldn’t have told you.
Cheers, my hotel has been vulnerable this whole time!Originally Posted by Hejula
My rival hotel as well....
As Oliver has said in his own post it was a demonstration of why you shouldn’t just let people spoon-feed you without actually checking what you’re consuming. For someone that believes he is a mega-skilled coder it is actually quite funny to see how much they actually know about the language they proclaim to be an expert at. It should be basic knowledge to either use exit or die after a redirect.
Last edited by Delici0us; 01-06-13 at 11:09 PM.
Yeah, I had to put it like that while I was doing somethings and could not just put it on maintenance. Except some ignorant people still decided to register. Its like some people can't read.
Last edited by Trillx; 31-05-13 at 01:06 AM.
Because a few people wanted it, if it wasn't for people wanting it i wouldn't of put it out there, it's a piece of shit CMS, that was coded by a noob that thinks hes god.
And why should i fix simple exploits that people can fix there self.
If they look in the right place they can find the patch anyway.
Hejula, do you have a patch that doesn't require you to replace the whole CMS and just the parts that are fucked?
Err well you can patch it manually of course, I just went through all the php files and wherever there was a 302 redirect (header('Location: <x>');) I just added "exit;" after it. That stops the page from carrying on if you disable redirects.
Did you do this with the TPL files or the PHP ones?
Just the PHP ones, there shouldn't be any code inside the template files (I didn't check though)
Alright thank you so much for this :) I want to see some nice releases from you in the future ;)
Add ModelMe to your list of fixed hotels
Last edited by Mithex; 31-05-13 at 01:39 AM.
Sorry for posting here, I need to contact you urgently and the forum just isn't letting me PM as it has sent me no verification email. Is there anyway I can contact you without the forum? Steam, skype etc...?
Left a comment on your reputation with my Skype. Go onto http://forum.ragezone.com/usercp.php and it is there!
If anyone else requires assistance feel free to send me a private message.
Last edited by Hejula; 31-05-13 at 02:06 AM.
Thank you, I have sent you a request.
Are there any exploit fixes inside /engine/?
Last edited by Dan822; 31-05-13 at 03:57 AM.
Same problem..
