Daimon
New Management
Posts: 17
Joined: 01 February 2008
|
Thursday, Aug 14, 2008 23:52
I'll be slapping this into a file later and updating the release but I want this out there now as it's a big problem I hadn't caught until someone exploited it.
Open the file: /includes/pages/register.php
change the line that read $name = $_POST['name']; to read $name = htmlentities(strip_tags($_POST['name'])); Replace every (there are several) occurrence after that of $_POST['name'] to $name. If anyone is having problems, email me at admin[at]babbleboard[dot]co[dot]uk and I will help you through it.
It is recommended you make this change ASAP!
-Daimon
Last edited by: Daimon
- Thursday, Aug 14, 2008 23:53.
|
