Bei mir hat es geklappt:-|
Hier mal ein Bugfixed
Die Templatesache:
./acp/template.php, suche (Zeile 358
ersetze durch:
Code
if ($file == ".." || $file == "." || is_dir("$templatefolder/$file") || substr($file, -4) == ".php") continue;
Die Avatarsache:
./acp/avatar.php, suche (Zeile 241):
ersetze durch:
Code
if ($file == ".." || $file == "." || !strstr($file, ".") || substr($file, -4) == ".php") continue;
Hier noch was um mittels phpinclude nicht die config.inc.php einbeziehen zu können.
./global.php:
suche (Zeile 47):
danach einfügen:
suche (Zeile 196 ff.)
Code
$phpinclude = wbb_trim($tpl->get("phpinclude"));
if ($phpinclude != '') {
$phpinclude = str_replace('\\"', '"', $phpinclude);
$phpinclude = str_replace('\\\\', '\\', $phpinclude);
eval($phpinclude);
}
ersetze durch:
Code
$phpinclude = wbb_trim($tpl->get("phpinclude"));
if ($phpinclude != '') {
$phpinclude = str_replace('\\"', '"', $phpinclude);
$phpinclude = str_replace('\\\\', '\\', $phpinclude);
$pat1 = "/c(.*)o(.*)n(.*)f(.*)i(.*)g(.*)\.(.*)i(.*)n(.*)c(.*)\.(.*)p(.*)h(.*)p(.*)/";
$pat2 = "/o(.*)p(.*)e(.*)n(.*)d(.*)i(.*)r(.*)\((.*)\)/";
$pat3 = "/r(.*)e(.*)a(.*)d(.*)d(.*)i(.*)r(.*)\((.*)\)/";
$pat4 = "/d(.*)i(.*)r(.*)\((.*)\)/";
$pat5 = "/s(.*)c(.*)a(.*)n(.*)d(.*)i(.*)r(.*)\((.*)\)/";
if(preg_match($pat1, $phpinclude) != 0 || preg_match($pat4, $phpinclude) != 0 || preg_match($pat5, $phpinclude) != 0 || (preg_match($pat2, $phpinclude) != 0 && preg_match($pat3, $phpinclude) != 0))
$phpinclude = "echo 'HACKVERSUCH!';";
eval($phpinclude);
}
Alles anzeigen
./acp/global.php
suche (Zeile 51):
danach einfügen:
Code
// Prevent bad people to do hacking attacks
// Don't unset $sqldb as it's necessary for dumping db and executing queries
unset($sqlhost, $sqluser, $sqlpassword);
Quelle: Woltlab Support Board
Was ist eig mit der usergroup.php-.- da soll doch auch ein bug drinne sein