Author Topic: Security Fix: fadclick.php (Read 981 times)

757jterrell · « **on:** October 09, 2010, 05:34:18 PM »

With the cooperation of Scott Klarr (http://diffusionstudios.com/) we are pleased to release this security update:

This will prevent people from uploading free credits into your featured ads, also please use the security fix for the wizards/fad.php file.

EDIT: Link to wizards/fad.php fix is here:
http://auroraadmintraining.info/index.php/topic,1005.0.html

You will want to cut and paste the entire code into your file:

Code: [Select]

<?
$id=$_GET['id'];
include("config.php");
include("includes/mysql.php");
$Db1 = new DB_sql;
$Db1->connect($DBHost, $DBDatabase, $DBUser, $DBPassword);

$id = mysql_real_escape_string($_REQUEST['id']);

$sql=$Db1->query("SELECT * FROM fads WHERE id='$id'");
$banner=$Db1->fetch_array($sql);
$sql=$Db1->query("UPDATE fads SET clicks=clicks+1 WHERE id='$id'");


header("Location: $banner[target]");
?>

Addons · « **Reply #1 on:** October 13, 2010, 04:42:21 PM »

fixed ...

iamforyouraja · « **Reply #2 on:** May 08, 2011, 06:15:11 PM »

Hi,
I have cut the hole text and then deleted the hole text which was written in my file and pasted this there. But now i am having this error when someone try to buy f.ad:

"Fatal error: Cannot redeclare class DB_Sql in /home/goku/public_html/includes/mysql.php on line 19"

Please help me ASAP because no one will be able to buy it until it gets fixed.

Or even you can give me the old text which was in my file so that it can work.

757jterrell · « **Reply #3 on:** May 08, 2011, 06:30:31 PM »

Quote from: iamforyouraja on May 08, 2011, 06:15:11 PM

Hi,
I have cut the hole text and then deleted the hole text which was written in my file and pasted this there. But now i am having this error when someone try to buy f.ad:

"Fatal error: Cannot redeclare class DB_Sql in /home/goku/public_html/includes/mysql.php on line 19"

Please help me ASAP because no one will be able to buy it until it gets fixed. Or even you can give me the old text which was in my file so that it can work.

send me your email and I will send you the file

iamforyouraja · « **Reply #4 on:** May 08, 2011, 06:33:01 PM »

Quote from: 757jterrell on May 08, 2011, 06:30:31 PM

Quote from: iamforyouraja on May 08, 2011, 06:15:11 PM
Hi,
I have cut the hole text and then deleted the hole text which was written in my file and pasted this there. But now i am having this error when someone try to buy f.ad:

"Fatal error: Cannot redeclare class DB_Sql in /home/goku/public_html/includes/mysql.php on line 19"

Please help me ASAP because no one will be able to buy it until it gets fixed. Or even you can give me the old text which was in my file so that it can work.

send me your email and I will send you the file

PM sent.

EDIT: You can post that small code here as well if you want to.

auroraadmintraining.info

News:

Author Topic: Security Fix: fadclick.php (Read 981 times)

757jterrell

Security Fix: fadclick.php

Addons

Re: Security Fix: fadclick.php

iamforyouraja

Re: Security Fix: fadclick.php

757jterrell

Re: Security Fix: fadclick.php

iamforyouraja

Re: Security Fix: fadclick.php