Text only | Text with Images

coppermine-gallery.com/forum

Support => cpg1.3.x Support => Older/other versions => cpg1.3 (BBS) Integration / Bridging => Topic started by: Joe Belmaati on December 23, 2004, 02:45:21 AM

Title: serialize problem in bridge file (phpbb) related to security issue with php
Post by: Joe Belmaati on December 23, 2004, 02:45:21 AM
The security flaw in php <4.3.10 has caused me to add a fix to my phpbb per this hack:

http://phpbbstyles.com/viewtopic.php?t=1904

Supposedly it fixes the known seciurity problems with php<4.3.10 but it also breaks the bridge file. Is there a fix around for this...?

Sincerely, and thank you very much!
Joe Belmaati
Copenhagen Denmark
Title: Re: serialize problem in bridge file (phpbb) related to security issue with php
Post by: Nibbler on December 23, 2004, 01:22:33 PM
By the looks of it you can do the same with the bridge file, add the array
_unserialize function and change the call to unserialize to array_unserialize.
Title: Re: serialize problem in bridge file (phpbb) related to security issue with php
Post by: Joe Belmaati on December 23, 2004, 02:46:36 PM
Where would I add the function - in the bridge file right before the unserialize?
Title: Re: serialize problem in bridge file (phpbb) related to security issue with php
Post by: Nibbler on December 23, 2004, 02:51:01 PM
Add it just before function udb_authenticate()
Text only | Text with Images