The following warnings occurred:
Warning [2] Undefined array key "threadviews_countguests" - Line: 745 - File: showthread.php PHP 8.1.31 (Linux)
File Line Function
/inc/class_error.php 153 errorHandler->error
/showthread.php 745 errorHandler->error_callback
Warning [2] Undefined array key "allowautourl" - Line: 584 - File: inc/class_parser.php PHP 8.1.31 (Linux)
File Line Function
/inc/class_error.php 153 errorHandler->error
/inc/class_parser.php 584 errorHandler->error_callback
/inc/class_parser.php 228 postParser->parse_mycode
/inc/functions_post.php 830 postParser->parse_message
/showthread.php 916 build_postbit
Warning [2] Undefined array key "allowautourl" - Line: 584 - File: inc/class_parser.php PHP 8.1.31 (Linux)
File Line Function
/inc/class_error.php 153 errorHandler->error
/inc/class_parser.php 584 errorHandler->error_callback
/inc/class_parser.php 228 postParser->parse_mycode
/inc/functions_post.php 861 postParser->parse_message
/showthread.php 916 build_postbit
Warning [2] Undefined property: MyLanguage::$thread_modes - Line: 46 - File: showthread.php(1650) : eval()'d code PHP 8.1.31 (Linux)
File Line Function
/inc/class_error.php 153 errorHandler->error
/showthread.php(1650) : eval()'d code 46 errorHandler->error_callback
/showthread.php 1650 eval



GetSimple Support Forum GetSimple General Questions and Problems v
Uploading files fails

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Uploading files fails
Zegnåt Offline
Posting Freak
*****
Posts: 972
Threads: 27
Joined: Aug 2009
#40
2010-02-02, 02:34:06
_dp Wrote:I suggest you remove any suggestion for using this workaround regardless of the context out of this forum, since many many people find this via google and think "hey my upload is working" but opening a very critical security flaw for anyone who is aware of this and knows how to abuse it.
But, you can’t upload with 1.71 or later any more. The most discussed workaround here is to take away the AJAX option all together, which will still keep it safe. So what exactly should we take away?
_dp Wrote:And think of an uploadscript who uploads everything you send it! The script doesn't even bother which extension it is!
You could have at least excluded *.php or *.sh files from being uploaded :/
I don’t agree. I’ve actually uploaded a couple of PHP files through the upload sextion already, just so I didn’t have to get on a FTP when I was away from my own computer. Are there many CMS systems that don’t allow uploading PHP files that you know of?
“Don’t forget the important ˚ (not °) on the a,” says the Unicode lover.
Help us test a key change for the core! ¶ Problems with GetSimple? Be sure to enable debug mode!
Website Find
Reply


Messages In This Thread
Uploading files fails - by exmethix - 2009-11-13, 01:01:07
Uploading files fails - by ccagle8 - 2009-11-13, 21:15:00
Uploading files fails - by GetSimple.RU - 2009-11-13, 23:52:33
Uploading files fails - by andyso66 - 2009-11-14, 08:24:10
Uploading files fails - by Zegnåt - 2009-11-14, 23:48:13
Uploading files fails - by exmethix - 2009-11-16, 04:59:41
Uploading files fails - by ccagle8 - 2009-11-16, 07:53:43
Uploading files fails - by Zegnåt - 2009-11-17, 01:16:41
Uploading files fails - by exmethix - 2009-11-17, 04:40:51
Uploading files fails - by ccagle8 - 2009-11-17, 11:18:54
Uploading files fails - by GetSimple.RU - 2009-11-17, 17:35:13
Uploading files fails - by Zegnåt - 2009-11-17, 22:54:41
Uploading files fails - by Pogodo - 2009-11-27, 23:49:29
Uploading files fails - by Zegnåt - 2009-11-28, 01:53:57
Uploading files fails - by Pogodo - 2009-11-28, 03:03:06
Uploading files fails - by PRAG - 2009-11-29, 07:42:42
Uploading files fails - by Head - 2009-12-07, 02:33:24
Uploading files fails - by ccagle8 - 2009-12-07, 10:10:58
Uploading files fails - by thkro - 2009-12-07, 19:44:32
Uploading files fails - by Zegnåt - 2009-12-07, 21:49:03
Uploading files fails - by internet54 - 2009-12-08, 03:38:14
Uploading files fails - by Zegnåt - 2009-12-08, 04:20:28
Uploading files fails - by internet54 - 2009-12-08, 06:57:22
Uploading files fails - by ccagle8 - 2009-12-08, 14:02:37
Uploading files fails - by internet54 - 2009-12-09, 01:16:17
Uploading files fails - by Zegnåt - 2009-12-09, 02:30:11
Uploading files fails - by ccagle8 - 2009-12-09, 08:11:41
Uploading files fails - by PRAG - 2009-12-09, 08:24:09
Uploading files fails - by Zegnåt - 2009-12-09, 18:50:06
Uploading files fails - by PRAG - 2009-12-09, 20:36:31
Uploading files fails - by Zegnåt - 2009-12-09, 23:33:30
Uploading files fails - by PRAG - 2009-12-10, 01:03:23
Uploading files fails - by Zegnåt - 2009-12-10, 02:26:12
Uploading files fails - by nikifor - 2009-12-15, 02:55:41
Uploading files fails - by Zegnåt - 2009-12-15, 07:05:34
Uploading files fails - by icare - 2009-12-30, 03:34:43
Uploading files fails - by _dp - 2010-02-01, 11:22:20
Uploading files fails - by ccagle8 - 2010-02-01, 13:41:49
Uploading files fails - by _dp - 2010-02-01, 23:05:45
Uploading files fails - by Zegnåt - 2010-02-02, 02:34:06
Uploading files fails - by internet54 - 2010-02-02, 02:44:36
Uploading files fails - by kt - 2010-02-05, 01:57:00
Uploading files fails - by BRen13 - 2010-06-12, 15:14:38
Uploading files fails - by Carlos - 2010-06-12, 16:23:54
Uploading files fails - by Carlos - 2010-06-12, 16:30:39
Uploading files fails - by SamWM - 2010-06-15, 18:51:23
Uploading files fails - by kpa - 2010-07-12, 02:32:35
Uploading files fails - by fseoer2010 - 2010-07-17, 17:28:14
Uploading files fails - by ccagle8 - 2010-08-10, 10:59:09
Uploading files fails - by john5 - 2010-09-17, 05:42:15
Uploading files fails - by john5 - 2010-09-17, 06:24:48
Uploading files fails - by ccagle8 - 2010-09-18, 06:56:12
Uploading files fails - by john5 - 2010-09-18, 07:02:45
Uploading files fails - by ccagle8 - 2010-09-21, 23:36:09



Users browsing this thread: 6 Guest(s)