this iz what a guy said:
"Posted: Fri Oct 21, 2005 12:44 am
Post subject:
As I read in another topic about the code in mainfile.php. I try to replace this
Code:
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
} else {
die($posttags);
}
}
with this
Code:
/*
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
} else {
die($posttags);
}
}
*/
And it worked! Well, also in the mainfile.php, it shows that that code is used for against posting from other sites!
Any ideas? Is it risky? "
i can't find that code in any of my files, especialy in my mainfile.php any thoughts?
forahobby Administrator
Joined: May 22, 2003 Posts: 23948 Location: NSW, Australia
Posted: Fri Feb 17, 2006 1:58 am Post subject:
put it this way.. I dont see it as risky at all coz xbox-hq doesnt check for posting either.. lol.. The admin scripts are the main problem with security.. I have no issues with other areas of my site.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
HQ Network: 13,310 | 
Guests: 5211 | 
Members: 1 
Forums 
any thoughts?
