/ Information
February 13 2018

Security patch

The problem: data filtering.

Error in version: 12.1 and less

Severity: high

To fix this issue, open the file engine/classes/parse.class.php and find:
	function clear_url($url) {
		global $config;

below add:
	$url = str_replace(array("{", "}", "[", "]"),array("%7B", "%7D", "%5B", "%5D"), $url);

This fix is for version 12.1 and all versions less that 12.1.

The version 12.1 on our server updated.
August 11 2017

Security patch

The problem: data filtering.

Error in version: 11.3 and less

Severity: high

To fix, download and copy the patch to your server: https://dle-news.com/files/dle113_path.zip

Then clear the browser cache, and the script cache in the admin panel. This patch is for version 11.3 and all versions below 11.3.

The version 11.3 on our server updated.
March 06 2017

Security patch

The problem: data filtering.

Error in version: 11.2 and below

Severity: high

To fix, open the file: /engine/go.php and find:
$url = @str_replace ( "&", "&", $url );

add below:
$url = htmlspecialchars( $url, ENT_QUOTES, $config['charset'] );
$url = str_replace ( "&", "&", $url );

Open the file:: /engine/ajax/typograf.php and find:
$txt = trim( convert_unicode( $_POST['txt'], $config['charset'] ) );

add below:
require_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter();
$txt = $parse->process( $txt );
$txt = preg_replace( "/javascript:/i", "jаvascript:", $txt );
$txt = preg_replace( "/data:/i", "dаta:", $txt );
December 07 2016

Security patch

The problem: data filtering.

Error in version: 11.1 and below

Severity: high

To fix, open the file: /engine/classes/parse.class.php and find:
		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			if( $align != "" ) return "[img=" . $align . "]" . $url . "[/img]";
			else return "[img]" . $url . "[/img]";

		}

replace with:
		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			return $matches[0];

		}
July 26 2015

Changes in authorization with Facebook

Dear friends,

Social network Facebook has implemented a new API version 2.4, which amended the authorization of users on the sites. When creating new applications in this social network, they automatically receive this version of the API, whereby it was not possible to use authorization on your sites with Facebook, because e-mail address was not available.

To fix this problem you need to open a file engine/classes/social.class.php find in it:
$params = array('access_token' => $token['access_token']);
replace with:
$params = array('access_token' => $token['access_token'], 'fields' => "id,name,email,first_name,last_name");

The distribution on our server updated.
Calendar
«    December 2018    »
MonTueWedThuFriSatSun
 12
3456789
10111213141516
17181920212223
24252627282930
31 
Voting On The Website
Please, rate the engine

Top News
News Archive