auroraadmintraining.info > Fixes, Mods, Help etc.  > Aurora Security Updates > Security Fix: members/retract_credits_xsite.php
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Security Fix: members/retract_credits_xsite.php  (Read 238 times)
757jterrell
Administrator
Hero Member
*****
Offline Offline

Posts: 1637



View Profile WWW
« on: April 03, 2011, 03:40:39 AM »
It has come to our attention that people have been adding ad credits through their my ads pages. Here is the fix:

Go to your members/retract_credits_xsite.php   file around lines 24 to 40, remove what is in bold:

if($action == "retract") {
   if($credits < 1) {
      $error_msg="You must enter at least 1 credit!";
   }
   else if($thisad[username] != $username) {
      $error_msg="You do not have permission to edit this!!";
   }
   else {
      if($credits > $thisad[credits]) {
         $credits=$thisad[credits];
      }
      $sql=$Db1->query("UPDATE xsites SET credits=credits-$credits WHERE id='$id'");
      $sql=$Db1->query("UPDATE user SET xcredits=xcredits+$credits WHERE username='$username'");
      $Db1->sql_close();
      header("Location: index.php?view=account&ac=myads&adtype=xsites&".$url_variables."");
   }
}

and then add what is in bold so it looks like the code below:

if($action == "retract") {
   if($credits < 1) {
      $error_msg="You must enter at least 1 credit!";
   }
   else if($thisad[username] != $username) {
      $error_msg="You do not have permission to edit this!!";
   }
   else if( ereg("[^0-9]", $credits) ){
           $error_msg="You can only put in numbers 0 to 9";
      }
      else if($credits > $thisad[credits]) {
            $error_msg="You can not remove more credits than you have!!";
      }
   else {
                $credits=asql($credits);
                    $username=asql($username);
      $sql=$Db1->query("UPDATE xsites SET credits=credits-$credits WHERE id='$id'");
      $sql=$Db1->query("UPDATE user SET xcredits=xcredits+$credits WHERE username='$username'");
      $Db1->sql_close();
      header("Location: index.php?view=account&ac=myads&adtype=xsites&".$url_variables."");
   }
}
« Last Edit: April 10, 2011, 02:14:47 PM by 757jterrell » Logged
Upgrade to an SDR 3
757jterrell
Administrator
Hero Member
*****
Offline Offline

Posts: 1637



View Profile WWW
« Reply #1 on: April 10, 2011, 02:15:05 PM »
$credits=asql($credits);
$username=asql($username);

Added by Greg from Offerscript.

Thanks Greg

You will also need to add this functions to your includes/function.php file:
This is copyrighted by CODE COPYRIGHT TO GPSBLACK/OFFERSCRIPT

function asql($string)
{
  if(get_magic_quotes_gpc())
  {
     $string = strip_tags($string);
     $string = stripslashes($string);
  }
  if (phpversion() >= '4.3.0')
  {
     $string = strip_tags($string);
      $string = mysql_real_escape_string($string);
  }
  else
  {
     $string = mysql_escape_string($string);
  }
  return $string;
}
« Last Edit: April 10, 2011, 02:41:22 PM by 757jterrell » Logged
Get a SDR 3 NOW at http://ptcfactory.info

The best and most up to date Aurora script in the market!!
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to: