/ Information
February 13 2018

Security patch

The problem: data filtering.

Error in version: 12.1 and less

Severity: high

To fix this issue, open the file engine/classes/parse.class.php and find:
	function clear_url($url) {
		global $config;

below add:
	$url = str_replace(array("{", "}", "[", "]"),array("%7B", "%7D", "%5B", "%5D"), $url);

This fix is for version 12.1 and all versions less that 12.1.

The version 12.1 on our server updated.
August 11 2017

Security patch

The problem: data filtering.

Error in version: 11.3 and less

Severity: high

To fix, download and copy the patch to your server: https://dle-news.com/files/dle113_path.zip

Then clear the browser cache, and the script cache in the admin panel. This patch is for version 11.3 and all versions below 11.3.

The version 11.3 on our server updated.
March 06 2017

Security patch

The problem: data filtering.

Error in version: 11.2 and below

Severity: high

To fix, open the file: /engine/go.php and find:
$url = @str_replace ( "&", "&", $url );

add below:
$url = htmlspecialchars( $url, ENT_QUOTES, $config['charset'] );
$url = str_replace ( "&", "&", $url );

Open the file:: /engine/ajax/typograf.php and find:
$txt = trim( convert_unicode( $_POST['txt'], $config['charset'] ) );

add below:
require_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter();
$txt = $parse->process( $txt );
$txt = preg_replace( "/javascript:/i", "jаvascript:", $txt );
$txt = preg_replace( "/data:/i", "dаta:", $txt );
December 07 2016

Security patch

The problem: data filtering.

Error in version: 11.1 and below

Severity: high

To fix, open the file: /engine/classes/parse.class.php and find:
		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			if( $align != "" ) return "[img=" . $align . "]" . $url . "[/img]";
			else return "[img]" . $url . "[/img]";

		}

replace with:
		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			return $matches[0];

		}
July 26 2015

Changes in authorization with Facebook

Dear friends,

Social network Facebook has implemented a new API version 2.4, which amended the authorization of users on the sites. When creating new applications in this social network, they automatically receive this version of the API, whereby it was not possible to use authorization on your sites with Facebook, because e-mail address was not available.

To fix this problem you need to open a file engine/classes/social.class.php find in it:
$params = array('access_token' => $token['access_token']);
replace with:
$params = array('access_token' => $token['access_token'], 'fields' => "id,name,email,first_name,last_name");

The distribution on our server updated.
Calendar
«    October 2018    »
MonTueWedThuFriSatSun
1234567
891011121314
15161718192021
22232425262728
293031 
Voting On The Website
Please, rate the engine

Top News
News Archive