Update 2.0.20 auf 2.0.21 - Codepassagen unterschiedlich

PhoenixDH · Beitrag von **PhoenixDH** » 25.04.2007 14:34

Hi,

ich bin gerade dabei mein Board zu updaten.
Jetzt habe ich mit 2 Dateien meine Proble:
usercp_confirm.php und usercp_register.php

In den beiden Dateien kann ich die angesprochenen Passagen aus dem manuellen Update nicht finden, sieht bei mir ganz anders aus (manuelles Update da viele Mods)

Brauche ich diese beide Änderungen damit alles noch funktioniert? Wodurch könnten diese Codeänderungen kommen, hab z.B. den CrackerTracker drauf, was ich denke was die Ursache ist.

Welche Codeänderungen sind das die da gemacht werden von 20 auf 21 in den beiden Dateien?

Dank euch.

Beitrag von **Jan500** » 25.04.2007 15:33

wie sollen wir dir sagen ob du die änderungen noch einbauen musst?:roll:

es wäre hilfreich wenn du uns die beiden dateien verlinkst KB:datei

und den auszug der install, wo du nicht weiterkommst

Jan

PhoenixDH · Beitrag von **PhoenixDH** » 25.04.2007 15:50

Ok, danke für die schnelle Hilfe.
Die 2 Dateien liegen hier: http://www.bartagame-info.de/files/

Stelle der Installation:

Code: Alles auswählen

#-----[ OPEN ]--------------------------------------------- 
# 
includes/usercp_confirm.php

#
#-----[ FIND ]---------------------------------------------
# Line 64
// If we can we will generate a single filtered png else we will have to simply
// output six seperate original pngs ... first way is preferable!
if (@extension_loaded('zlib'))
{
	$_png = define_filtered_pngs();

	$total_width = 320;
	$total_height = 50;
	$img_height = 40;
	$img_width = 0;
	$l = 0;

	list($usec, $sec) = explode(' ', microtime()); 
	mt_srand($sec * $usec); 

	$char_widths = array();
	for ($i = 0; $i < strlen($code); $i++)
	{
		$char = $code{$i};

		$width = mt_rand(0, 4);
		$char_widths[] = $width;
		$img_width += $_png[$char]['width'] - $width;
	}

	$offset_x = mt_rand(0, $total_width - $img_width);
	$offset_y = mt_rand(0, $total_height - $img_height);

	$image = '';
	$hold_chars = array();
	for ($i = 0; $i < $total_height; $i++)
	{
		$image .= chr(0);

		if ($i > $offset_y && $i < $offset_y + $img_height)
		{
			$j = 0;

			for ($k = 0; $k < $offset_x; $k++)
			{
				$image .= chr(mt_rand(140, 255));
			}

			for ($k = 0; $k < strlen($code); $k++)
			{
				$char = $code{$k};

				if (empty($hold_chars[$char]))
				{
					$hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
				}
				$image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
				$j++;
			}

			for ($k = $offset_x + $img_width; $k < $total_width; $k++)
			{
				$image .= chr(mt_rand(140, 255));
			}

			$l++;
		}
		else
		{
			for ($k = 0; $k < $total_width; $k++)
			{
				$image .= chr(mt_rand(140, 255));
			}
		}

	}
	unset($hold);

	$image = create_png(gzcompress($image), $total_width, $total_height);

	// Output image
	header('Content-Type: image/png');
	header('Cache-control: no-cache, no-store');
	echo $image;

	unset($image);
	unset($_png);
	exit;

}
else
{
	$_png = define_raw_pngs();

	$c = intval($HTTP_GET_VARS['c']);
	$char = substr($code, $c - 1, 1);
	
	header('Content-Type: image/png');
	header('Cache-control: no-cache, no-store');
	echo base64_decode($_png[$char]);

	unset($_png);
	exit;
}

exit;

#
#-----[ REPLACE WITH ]---------------------------------------------
#
// We can we will generate a single filtered png 
// Thanks to DavidMJ for emulating zlib within the code :)
$_png = define_filtered_pngs();

$total_width = 320;
$total_height = 50;
$img_height = 40;
$img_width = 0;
$l = 0;

list($usec, $sec) = explode(' ', microtime()); 
mt_srand($sec * $usec); 

$char_widths = array();
for ($i = 0; $i < strlen($code); $i++)
{
	$char = $code{$i};

	$width = mt_rand(0, 4);
	$char_widths[] = $width;
	$img_width += $_png[$char]['width'] - $width;
}

$offset_x = mt_rand(0, $total_width - $img_width);
$offset_y = mt_rand(0, $total_height - $img_height);

$image = '';
$hold_chars = array();
for ($i = 0; $i < $total_height; $i++)
{
	$image .= chr(0);

	if ($i > $offset_y && $i < $offset_y + $img_height)
	{
		$j = 0;

		for ($k = 0; $k < $offset_x; $k++)
		{
			$image .= chr(mt_rand(140, 255));
		}

		for ($k = 0; $k < strlen($code); $k++)
		{
			$char = $code{$k};

			if (empty($hold_chars[$char]))
			{
				$hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
			}
			$image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
			$j++;
		}

		for ($k = $offset_x + $img_width; $k < $total_width; $k++)
		{
			$image .= chr(mt_rand(140, 255));
		}

		$l++;
	}
	else
	{
		for ($k = 0; $k < $total_width; $k++)
		{
			$image .= chr(mt_rand(140, 255));
		}
	}

}
unset($hold);

$image = create_png($image, $total_width, $total_height);

// Output image
header('Content-Type: image/png');
header('Cache-control: no-cache, no-store');
echo $image;

unset($image);
unset($_png);
exit;


#
#-----[ FIND ]---------------------------------------------
# Line 198
function create_png($gzimage, $width, $height)

#
#-----[ REPLACE WITH ]---------------------------------------------
#
function create_png($raw_image, $width, $height)

#
#-----[ FIND ]---------------------------------------------
# Line 202
	// IDAT
	$image .= png_chunk(strlen($gzimage), 'IDAT', $gzimage);

#
#-----[ REPLACE WITH ]---------------------------------------------
#

	if (@extension_loaded('zlib'))
	{
		$raw_image = gzcompress($raw_image);
		$length = strlen($raw_image);
	}
	else
	{
		// The total length of this image, uncompressed, is just a calculation of pixels
		$length = ($width + 1) * $height;

		// Adler-32 hash generation
		// Optimized Adler-32 loop ported from the GNU Classpath project
		$temp_length = $length;
		$s1 = 1;
		$s2 = $index = 0;

		while ($temp_length > 0)
		{
			// We can defer the modulo operation:
			// s1 maximally grows from 65521 to 65521 + 255 * 3800
			// s2 maximally grows by 3800 * median(s1) = 2090079800 < 2^31
			$substract_value = ($temp_length < 3800) ? $temp_length : 3800;
			$temp_length -= $substract_value;

			while (--$substract_value >= 0)
			{
				$s1 += ord($raw_image[$index]);
				$s2 += $s1;

				$index++;
			}

			$s1 %= 65521;
			$s2 %= 65521;
		}
		$adler_hash = pack('N', ($s2 << 16) | $s1);

		// This is the same thing as gzcompress($raw_image, 0) but does not need zlib
		$raw_image = pack('C3v2', 0x78, 0x01, 0x01, $length, ~$length) . $raw_image . $adler_hash;

		// The Zlib header + Adler hash make us add on 11
		$length += 11;
	}

	// IDAT
	$image .= png_chunk($length, 'IDAT', $raw_image);

# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/usercp_register.php

#
#-----[ FIND ]---------------------------------------------
# Line 989
		$code = strtoupper(str_replace('0', 'o', substr($code, 6)));

#
#-----[ REPLACE WITH ]---------------------------------------------
#
		$code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);

#
#-----[ FIND ]---------------------------------------------
# Line 1002
		$confirm_image = (@extension_loaded('zlib')) ? '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />' : '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=1") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=2") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=3") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=4") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=5") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=6") . '" alt="" title="" />';

#
#-----[ REPLACE WITH ]---------------------------------------------
#
		$confirm_image = '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />';

#

Danke!

------------

Des weiteren ist mir gerade nopch ein Problem mit der login.php augefallen mit folgender Stelle, der Rest hat alles geklappt:

Code: Alles auswählen

login.php

#
#-----[ FIND ]---------------------------------------------
# Line 116
					
					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
					$redirect = str_replace('?', '&', $redirect);

					if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
					{
						message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
					}

					$template->assign_vars(array(
						'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
					);

					$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

					message_die(GENERAL_MESSAGE, $message);
				}

#
#-----[ REPLACE WITH ]---------------------------------------------
#
				}

				$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
				$redirect = str_replace('?', '&', $redirect);

				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
				{
					message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
				}

				$template->assign_vars(array(
					'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
				);

				$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

				message_die(GENERAL_MESSAGE, $message);

#

PhoenixDH · Beitrag von **PhoenixDH** » 26.04.2007 12:10

Kann keiner helfen oder hatte das gleiche Problem?

Wäre euch sehr dankbar.