|
Quote:
- v0id |
Quote:
demo.linkex.dk/linkex/data/output/1001 - v0id |
Code:
<!-- Output generated by LinkEX (+http://linkex.dk/) --> |
So has this issue been solved or not.....
|
Quote:
So that code you just posted cannot be harmful because < is replaced with <. You might know this and I might have missed the point of your post but I told this just in case. |
Quote:
|
Doh. I was including the wrong file.
So yes, linkex.20070827.tar.gz fixes the hole. |
so, now everyone have to update their linex!!
|
Quote:
|
Quote:
|
Quote:
|
Quote:
The only thing I regret is the trouble people is going to have, since they have to update their installations, because of a stupid mistake. There are properly many more bugs in LinkEX, but you get what you pay for, and I don't feel like apologise for every one of them. You get the script for free, and in return help me come up with ideas and report bugs. :thumbsup - v0id |
Quote:
|
does the uodate still use this path for cron to check backlinks?
my-site.com/linkex/index.php > /dev/null |
Quote:
Code:
/path/to/php /path/to/your/linkex/index.php[ --verbose] |
Quote:
When you release code for people to use across hundreds of sites, it's common courtesy to ensure your code is readable and not full of major security holes. People with no scripting knowledge trust that YOU know what you're doing and that the code will be safe. |
Quote:
Quote:
Of course it should not have security holes, no doubt about that, but this is the first major security hole since the first release, which is dated 20060311. I have no intension of putting security holes into the script, but it's human made, errors are bound to occur. I can think of some blogging platform used on many many more sites that also has security holes found every now and then. I don't tell people to use my script, and I never said it's bug free. It's free and you get what you pay for. One more thing, I diden't intend it to be used across hundres of sites, it should be used across one hundred millions of sites! :thumbsup |
Quote:
Would you stick the spacing back in ? Please ? |
Sure thing.. I'll just have to clean up my messy comments. I'll let you know
|
Quote:
|
that's probably the most nub security flaw you could write into a program. i'd expect it says something about the rest of the code. this thread is totally deserving, a public service and probably the quickest way to get it fixed. though i'd not be running that script at all anymore until i'd read through it myself.
|
Quote:
|
released a new version with the spaces, I'll make it better formatted in the future, but this will do for now.
Have fun, and please report any bugs you encounter :) |
Quote:
|
Quote:
anyways, ive just upgraded my linkEx to 6 of my sites. heh when will you release a paid linkEx which we can manage linkEx sites in one directory? upgrade/add/check links in one dmin would be awesome man. i won't hesitate to pay for the script. |
the fix is retardedly easy. if you are using linkex and it concerns you, go fix it.
|
I'm impressed by LinkEX's attitude, seems like a really good guy :thumbsup:thumbsup
|
Thanks for the use of the FREE script. Some applications call for a simple easy solution. LinkEx fills a need.
Your thick skin in taking the abuse is also appreciated and respected. :thumbsup |
can linkex handle a large site??
|
Bump for those who have not yet seen this and fixed their shit... :-)
|
bump again
|
| All times are GMT -7. The time now is 02:44 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123