Author Topic: Security Fix: fbannerclick.php  (Read 1287 times)

0 Members and 1 Guest are viewing this topic.

Offline 757jterrell

  • Hero Member
  • *****
  • Posts: 1629
    • View Profile
    • PTC Factory
Security Fix: fbannerclick.php
« on: October 09, 2010, 05:29:50 PM »
With the cooperation of Scott Klarr (http://diffusionstudios.com/) we are pleased to release this security update:

This will prevent people from uploading free credits into your featured banners, also please use the security fix for the wizards/fbanners.php file.

EDIT: Link for wizards/fbanners.php fix:
http://auroraadmintraining.info/index.php/topic,1002.0.html

You will want to cut and paste this entire code into your file:

Code: [Select]
<?
$id=$_GET['id'];
include("config.php");
include("includes/mysql.php");
$Db1 = new DB_sql;
$Db1->connect($DBHost, $DBDatabase, $DBUser, $DBPassword);

$id = mysql_real_escape_string($_REQUEST['id']);

$sql2=$Db1->query("SELECT * FROM fbanners WHERE id='$id'");
$banner=$Db1->fetch_array($sql2);
$sql=$Db1->query("UPDATE fbanners SET clicks=clicks+1 WHERE id='$id'");

$Db1->sql_close();
header("Location: $banner[target]");

?>
« Last Edit: November 03, 2010, 09:48:55 PM by 757jterrell »

Addons

  • Guest
Re: Security Fix: fbannerclick.php
« Reply #1 on: October 13, 2010, 04:37:24 PM »
fixed...  ;D

Have u forgot it ? or it will must removed ?

$id=$_GET['id'];
« Last Edit: October 13, 2010, 04:43:09 PM by Addons »

Offline 757jterrell

  • Hero Member
  • *****
  • Posts: 1629
    • View Profile
    • PTC Factory
Re: Security Fix: fbannerclick.php
« Reply #2 on: October 14, 2010, 09:22:06 PM »
yeap I forgot, I fixed the op

Offline bwbrown

  • Newbie
  • *
  • Posts: 19
    • View Profile
Re: Security Fix: fbannerclick.php
« Reply #3 on: November 02, 2010, 04:05:00 PM »
what code do you use for fbanner.php file?

Could you make a new postings showing exactly what needs to be in the following files?

fbannerclick.php

fadclick.php

fbanner.php

« Last Edit: November 02, 2010, 04:49:11 PM by bwbrown »

Offline 757jterrell

  • Hero Member
  • *****
  • Posts: 1629
    • View Profile
    • PTC Factory
Re: Security Fix: fbannerclick.php
« Reply #4 on: November 03, 2010, 09:49:11 PM »
OP updated per your request.