thankyou
Donate to the B3 fund!

"even a small donation helps!"
Donate with PayPal!
Echelon v2 is not yet officially released! If you cannot get this dev-version installed, revert to version 1 as available in our download section.

Author Topic: [SECURITY] Version 2.0b.2  (Read 2493 times)

Offline WickedShell

  • Moderator
  • Sr. Member
  • *
  • Posts: 201
    • GitHub - WickedShell
[SECURITY] Version 2.0b.2
« on: October 25, 2011, 04:05:01 AM »
This is primarily a security bug motivated push of features that are not completely done. mash pointed out that the switching between games was not checked for valid contents.

Other features included here, a fix for a game switching issue having to do with plugins, and switching while on the index page, proper GUID checking for all games, (IE those games with EA_ prefixed to the GUId, etc) and linking IP's from the IP alias section to the search results for people with that IP, the way the last used IP is linked.

No changes were made to the database in this update, a change was made to the config file the supported games array now has the following contents;
Code: [Select]
$supported_games = array( // supported games
        "q3a" => "Quake 3 Arena",
        "cod" => "Call of Duty",
        "cod2" => "Call of Duty 2",
        "cod4" => "Call of Duty: Modern Warfare",
        "cod5" => "Call of Duty: World at War",
        "cod6" => "Call of Duty: Modern Warfare 2",
        "cod7" => "Call of Duty: Black Ops",
        "moh" => "Medal of Honor",
        "bfbc2" => "Battlefield: Bad Company 2",
        "iourt41" => "Urban Terror",
        "etpro" => "Enemy Territory",
        "wop" => "World of Padman",
        "smg" => "Smokin' Guns",
        "smg11" => "Smokin' Guns 1.1",
        "oa081" => "Open Arena",
        "alt" => "Altitude"
);

as well as bumping the version number.

If someone could bump the official number on the update address that would be helpful. I'm unsure how to do that, as the procedure appears to have changed.
« Last Edit: October 25, 2011, 04:07:32 AM by WickedShell »

Offline WickedShell

  • Moderator
  • Sr. Member
  • *
  • Posts: 201
    • GitHub - WickedShell
Re: [SECURITY] Version 2.0b.2
« Reply #1 on: October 25, 2011, 04:18:25 AM »
.... I should not fix these things late at night. If you downloaded the update before this, please redownload Txt echelon/classes/members-class.php a rather significant break in permissions was included.

Offline Mariodu62

  • Sr. Member
  • ****
  • Posts: 466
Re: [SECURITY] Version 2.0b.2
« Reply #2 on: October 25, 2011, 04:55:03 PM »
since the modifications, all guids are invalid....

cod waw

Offline WickedShell

  • Moderator
  • Sr. Member
  • *
  • Posts: 201
    • GitHub - WickedShell
Re: [SECURITY] Version 2.0b.2
« Reply #3 on: October 25, 2011, 07:52:06 PM »
What's a proper COD: waw GUID look like?

nevermind I know the problem fixed in < an hour or so from now.

pushed. Sorry bout that!
« Last Edit: October 25, 2011, 08:12:24 PM by WickedShell »

Offline Mariodu62

  • Sr. Member
  • ****
  • Posts: 466
Re: [SECURITY] Version 2.0b.2
« Reply #4 on: October 25, 2011, 09:35:57 PM »
What's a proper COD: waw GUID look like?

nevermind I know the problem fixed in < an hour or so from now.

pushed. Sorry bout that!

It was just for helping you.

It works now

Thx again
« Last Edit: October 25, 2011, 09:48:22 PM by Mariodu62 »

Offline WickedShell

  • Moderator
  • Sr. Member
  • *
  • Posts: 201
    • GitHub - WickedShell
Re: [SECURITY] Version 2.0b.2
« Reply #5 on: October 25, 2011, 09:43:29 PM »
Well unfortunately MordY's reporting that it's still failing on CoD 4, and I lack what a proper GUID looks like to be able to check my code against. Hopefully that will be fixed asap. I just went with some tentative numbers, that appear to be steering me wrong.

Offline Mariodu62

  • Sr. Member
  • ****
  • Posts: 466
Re: [SECURITY] Version 2.0b.2
« Reply #6 on: October 25, 2011, 10:30:53 PM »
Well unfortunately MordY's reporting that it's still failing on CoD 4, and I lack what a proper GUID looks like to be able to check my code against. Hopefully that will be fixed asap. I just went with some tentative numbers, that appear to be steering me wrong.

I don't have Cod4 sorry

 


Rate this page +1 at Google Search