NOTE: Always state software name and version number you have
when asking questions, so you will get the correct answer!!

USANet Creations Discussion Forums

Subject: "Software Security Update/Fix"   Previous Topic | Next Topic
Printer-friendly copy     Email this topic to a friend    
Conferences MakeBid Auction bugs and fixes Topic #126
Reading page 1 of 1 pages
Richardadmin click here to view user rating
Charter Member
467 posts, 6 feedbacks, 12 points		 Feb-08-02, 03:36 PM (GMT)
Click to EMail Richard Click to send private message to Richard Click to view user profileClick to add this user to your buddy list  
"Software Security Update/Fix"
 
   LAST EDITED ON Feb-13-02 AT 04:51 PM (GMT)
 
This is an update/fix to help stop possible hackers from injecting code in the form fields that could disable the sotfware and or retrieve sensitive user info.

Attachments
http://www.usanetcreations.com/dcforum/User_files/3c6adff23eb633b1.txt

  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
Mark
unregistered user
 Feb-16-02, 09:31 PM (GMT)
 
1. "RE: Software Security Update/Fix"
 
   Richard:
The security patch for the Cookie Login is causing an internal server error (500). Any suggestions?

Mark


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
auctilla click here to view user rating
Member since Jan-23-02
107 posts, 1 feedbacks, 1 points		 Feb-16-02, 11:23 PM (GMT)
Click to EMail auctilla Click to send private message to auctilla Click to add this user to your buddy list  
2. "RE: Software Security Update/Fix"
 
   The update works fine on my auction site. Thanks Richard!

http://www.bidroo.com/images/bidroosmall.gif

Auctilla.com - Online Auction Community!
http://www.auctilla.com


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
Romahawk click here to view user rating
Member since Dec-27-01
217 posts, 2 feedbacks, 4 points		 Feb-17-02, 01:26 AM (GMT)
Click to EMail Romahawk Click to send private message to Romahawk Click to view user profileClick to add this user to your buddy list  
3. "RE: Software Security Update/Fix"
 
   Unless I'm missing something it seems to be working fine on my site also. I just tried the cookie login with my user name and a bad password and I got a (error: wrong password) message not a server error message..

http://romahawk.com


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
Mark
unregistered user
 Feb-17-02, 11:37 AM (GMT)
 
4. "RE: Software Security Update/Fix"
 
   Richard:
I tried again and still the same Internal Server Error message. I get it on both my test system (Win98 with Apache server) and my live site (Linux with Apache).

Not sure why I'd be the only one experiencing this but apparently I am. I'll stick with original code.

By the way, the other fixes work fine.

Mark


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
Mark
unregistered user
 Feb-17-02, 11:54 AM (GMT)
 
5. "RE: Software Security Update/Fix"
 
   Richard:
I found the problem. I compared my config file with a newer one and see you've made a change. I was overwriting the following code which was causing the error:

local %form = &get_form_data unless %form;
use vars qw/%cookie $loginalias $loginpassword/;

You've moved the code to a different location.

The update works fine now.

Mark


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
welby1970
unregistered user
 Feb-23-02, 00:49 AM (GMT)
 
6. "RE: Software Security Update/Fix"
 
   LAST EDITED ON Feb-23-02 AT 00:50 AM (GMT)
 
Does this fix work for users that run the classified software too? Or is it exclusive to the auction software???

Thanks

Mark


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote
Richardadmin
unregistered user
 Feb-23-02, 00:58 AM (GMT)
 
7. "RE: Software Security Update/Fix"
 
   This is good for all versions auction and classified


  Alert | IP Printer-friendly page | Edit | Reply | Reply With Quote


Conferences | Topics | Previous Topic | Next Topic
Rate this topic Rate this topic