Daha sonra sitemize daha önceden kurduğumuz phpBB Security 1.0.2 MOD'unu 1.0.3'e yükseltmek için güncelleme değişiklikleri yapacağız:
Kod: Tümünü seç
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
common.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.2 =========================================================== |
#====
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
$ps_check = phpBBSecurity_Blocks();
if ($ps_check)
phpBBSecurity_Ban(phpBBSecurity_IP(), $board_config['phpBBSecurity_auto_ban'], $ps_check);
phpBBSecurity_MaxSessions($board_config['phpBBSecurity_allowed_sessions']);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUNUNLA DEĞİŞTİR ]---------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
$ps_check = phpBBSecurity_Blocks();
if ($ps_check)
phpBBSecurity_Ban(phpBBSecurity_IP(), $board_config['phpBBSecurity_auto_ban'], $ps_check);
phpBBSecurity_MaxSessions($board_config['phpBBSecurity_allowed_sessions']);
phpBBSecurity_Guests();
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
modcp.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
// session id check
if ($sid == '' || $sid != $userdata['session_id'])
{
message_die(GENERAL_ERROR, 'Invalid_session');
}
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
if ( ($mode == 'delete') && ($confirm) )
{
$pass_one = isset($HTTP_POST_VARS['phpBBSecurity_verify']) ? $HTTP_POST_VARS['phpBBSecurity_verify'] : '';
$pass_two = $userdata['user_password'];
if (md5($pass_one) != $pass_two)
message_die(GENERAL_ERROR, $lang['PS_modcp_verify_fail']);
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
'MESSAGE_TEXT' => $lang['Confirm_delete_topic'],
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
'L_VERIFY' => '<br><br><span class="genmed">'. $lang['PS_modcp_verify'] .' <input type="password" class="post" name="phpBBSecurity_verify" value=""></span>',
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
admin/admin_ug_auth.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
$user_id = intval($user_id);
$group_id = intval($group_id);
$adv = intval($adv);
$mode = htmlspecialchars($mode);
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
$owner = '2';
if (isset($HTTP_POST_VARS['submit']))
{
if ( ($user_id == $owner) && ($userdata['user_id'] != $owner) )
message_die(GENERAL_ERROR, $lang['PS_admin_not_authed']);
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
admin/admin_users.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
$html_entities_match = array('#<#', '#>#');
$html_entities_replace = array('<', '>');
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
$owner = '2';
if (isset($HTTP_POST_VARS['submit']))
{
$user_id = intval($HTTP_POST_VARS['id']);
if ( ($user_id == $owner) && ($userdata['user_id'] != $owner) )
message_die(GENERAL_ERROR, $lang['PS_admin_not_authed']);
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
admin/index.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
$template->set_filenames(array(
"body" => "admin/index_body.tpl")
);
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
$secfile = @file('http://phpbb-tweaks.com/secver.txt');
$msg = '';
$msg .= '<table align="top" class="forumline" width="100%">';
$msg .= ' <tr>';
$msg .= ' <th align="center" valign="middle" class="thTop" width="100%">';
$msg .= ' phpBB Security Status';
$msg .= ' </th>';
$msg .= ' </tr>';
$msg .= ' <tr>';
$msg .= ' <td align="left" width="100%" class="row2">';
$msg .= ' <span class="genmed">';
if (!$secfile)
$msg .= 'Sorry, I was unable to get version data at this time. Please try later.';
if ($secfile)
{
$newest_ver = $secfile[0];
$this_ver = $board_config['phpBBSecurity_version'];
if ($newest_ver == $this_ver)
$msg .= 'The newest release is <b>'. $newest_ver .'</b>. The version you are using is
<b>'. $this_ver .'</b>. So I would have to say you are up to date!';
else
$msg .= 'The newest release is <b>'. $newest_ver .'</b>. The version you are using is
<b>'. $this_ver .'</b>. So I would have to say you need to upgrade ASAP!';
}
$msg .= ' </span>';
$msg .= ' </td>';
$msg .= ' </tr>';
$msg .= ' <tr>';
$msg .= ' <th align="center" valign="middle" class="thTop" width="100%"> </th>';
$msg .= ' </tr>';
$msg .= '</table>';
echo $msg;
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
includes/page_header.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.2 =========================================================== |
#====
phpBBSecurity_Cookies();
phpBBSecurity_FinalSet();
phpBBSecurity_DBBackup();
# Only allow them to login & view profile to update it
if ($_SERVER['PHP_SELF'] == $board_config['script_path'] .'profile.'. $phpEx)
$is_valid = TRUE;
elseif ($_SERVER['PHP_SELF'] == $board_config['script_path'] .'login.'. $phpEx)
$is_valid = TRUE;
else
$is_valid = '';
if ( (!$is_valid) && (!$gen_simple_header) )
{
# Make sure they are not a guest
if ($userdata['user_id'] != ANONYMOUS)
{
# Do the check
if (!$userdata['phpBBSecurity_answer'] || !$userdata['phpBBSecurity_question'])
phpBBSecurity_Force();
}
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUNUNLA DEĞİŞTİR ]---------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
phpBBSecurity_FinalSet();
phpBBSecurity_DBBackup();
# Only allow them to login & view profile to update it
if ($HTTP_SERVER_VARS['PHP_SELF'] == $board_config['script_path'] .'profile.'. $phpEx)
$is_valid = TRUE;
elseif ($HTTP_SERVER_VARS['PHP_SELF'] == $board_config['script_path'] .'login.'. $phpEx)
$is_valid = TRUE;
else
$is_valid = '';
if ( (!$is_valid) && (!$gen_simple_header) )
{
# Make sure they are not a guest
if ($userdata['user_id'] != ANONYMOUS)
{
# Do the check
if (!$userdata['phpBBSecurity_answer'] || !$userdata['phpBBSecurity_question'])
phpBBSecurity_Force();
if ($userdata['phpBBSecurity_force_pw_update'] != 1)
message_die(GENERAL_ERROR, sprintf($lang['PS_pass_force'], '<a href="profile.'. $phpEx .'?mode=editprofile&infrom=phpBBSecurity&sid='. $userdata['session_id'] .'">', '</a>'));
}
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
includes/usercp_register.php
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
$unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
$unhtml_specialchars_replace = array('>', '<', '"', '&');
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
$in_from = (isset($HTTP_GET_VARS['infrom'])) ? $HTTP_GET_VARS['infrom'] : $HTTP_POST_VARS['infrom'];
if ( (isset($HTTP_POST_VARS['submit'])) && ($HTTP_POST_VARS['mode'] == 'editprofile') && ($HTTP_POST_VARS['infrom'] == 'phpBBSecurity') )
{
if ( (empty($HTTP_POST_VARS['cur_password'])) || (empty($HTTP_POST_VARS['new_password'])) || (empty($HTTP_POST_VARS['password_confirm'])) )
message_die(GENERAL_ERROR, $lang['PS_pass_force_error']);
elseif ( ($userdata['user_password'] == md5($HTTP_POST_VARS['cur_password'])) && (isset($HTTP_POST_VARS['new_password'])) )
{
$q = "UPDATE ". USERS_TABLE ."
SET phpBBSecurity_force_pw_update = '1'
WHERE user_id = '". $userdata['user_id'] ."'";
$db->sql_query($q);
}
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
//
// Did the user submit? In this case build a query to update the users profile in the DB
//
if ( isset($HTTP_POST_VARS['submit']) )
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
if ($mode == 'editprofile' || $mode == 'register')
{
if ( ($username == $password_confirm) && (isset($board_config['phpBBSecurity_use_password_match'])) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['PS_pass_match_error'];
}
if ( (strlen($password_confirm) < $baord_config['phpBBSecurity_password_min_length']) && (isset($board_config['phpBBSecurity_use_password_length'])) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['PS_pass_length_error'];
}
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
if ( !$error )
{
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
if ($userdata['user_password'] != $pass_check)
{
$sessiondata = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) : array();
$sessiondata['autologinid'] = ($sessiondata['autologinid'] == $userdata['user_password']) ? $pass_check : '';
$sessiondata['userid'] = $userdata['user_id'];
$sessionmethod = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) ) ? SESSION_METHOD_COOKIE : SESSION_METHOD_GET;
setcookie($board_config['cookie_name'] .'_data', serialize($sessiondata), (time() + 31536000), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
setcookie($board_config['cookie_name'] .'_sid', $userdata['session_id'], 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
$s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
-----------------------------------
----[ ALTINA EKLE ]-----------------
-----------------------------------
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
$s_hidden_fields .= ($in_from == 'phpBBSecurity') ? '<input type="hidden" name="infrom" value="phpBBSecurity">' : '';
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
templates/tema_adı/confirm_body.tpl
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
</form>
-----------------------------------
----[ ÜZERİNE EKLE ]----------------
-----------------------------------
{L_VERIFY}
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
-----------------------------------
----[ AÇ ]-----------------------
-----------------------------------
templates/tema_adı/overall_footer.tpl
-----------------------------------
----[ BUL ]-----------------------
-----------------------------------
#
# Eğer saldırı girişimleri penceresini herkese göstermiyorsanız:
Protected by phpBB Security © <a href="http://phpbb-amod.com" class="copyright" target="_blank">phpBB-Amod</a><br />{BLOCKED}<br />
#
# Eğer saldırı girişimleri penceresini herkese gösteriyorsanız:
<a href="login_security.php?phpBBSecurity=caught" class="copyright">Protected</a> by phpBB Security © <a href="http://phpbb-amod.com" class="copyright" target="_blank">phpBB-Amod</a><br>{BLOCKED}<br>
-----------------------------------
----[ BUNUNLA DEĞİŞTİR ]---------------
-----------------------------------
#
# Eğer saldırı girişimleri penceresini herkese göstermiyorsanız:
Protected by phpBB Security © <a href="http://phpbb-tweaks.com" class="copyright" target="_blank">phpBB-TweakS</a><br />{BLOCKED}<br />
#
# Eğer saldırı girişimleri penceresini herkese gösteriyorsanız
<a href="login_security.php?phpBBSecurity=caught" class="copyright">Protected</a> by phpBB Security © <a href="http://phpbb-tweaks.com" class="copyright" target="_blank">phpBB-TweakS</a><br>{BLOCKED}<br>
-----------------------------------
----[ KAYDET & KAPAT ]---------------
-----------------------------------
#==== Dosya değişikliklerinin sonu
Kod: Tümünü seç
BUL
return 'phpBBSecurity_max_admins';
Kod: Tümünü seç
BUNUNLA DEĞİŞTİR
return 'admins_allowed';
Kod: Tümünü seç
BUL
return 'phpBBSecurity_max_mods';
Kod: Tümünü seç
BUNUNLA DEĞİŞTİR
return 'mods_allowed';
Kod: Tümünü seç
BUL
return 'phpBBSecurity_use_max';
Kod: Tümünü seç
BUNUNLA DEĞİŞTİR
return 'block_unwanted';
#==== YÜKLEDİĞİMİZ MOD DOSYASINDAKİ BU DOSYALARI ESKİLERİYLE DEĞİŞTİRİYORUZ
login_security.php => Ana dizin/
admin/admin_security.php => Ana dizin/admin/
includes/phpbb_security.php => Ana dizin/includes/
language/lang_*/lang_phpbb_security.php => Root/language/lang_*/
templates/subSilver/* => Ana dizin/templates/tema_adı/
templates/subSilver/admin/* => Root/templates/tema_adı/admin/
phpBB Security 1.0.3 için Türkçe dil dosyasınıda buradan indirebilirsiniz: http://download.phpbbturkey.com/phpbbse ... turkce.zip
Bu dosyayı da Ana dizin/language/lang_turkish klasörünün içerisine gönderiyoruz.
#==== GÜNCELLEME DOSYASI
Yüklediğimiz MOD dosyasının içerisindeki Upgrade klasörü altındaki ps_upgrade.php dosyasını Ana dizinimize gönderiyoruz ve çalıştırıyoruz.
ÖRNEK: http://www.siteadresiniz.com/Ana_dizin/ps_upgrade.php
Bu dosyayı çalıştırınca daha önce veritabanınızda yüklü olan tabloları bulup bazı hatalar (Error) verebilir.Bu hatalar önemli değildir.
Son olarak ps_upgrade.php dosyasını KESİNLİKLE ana dizinimizden siliyoruz.
#====
SoN
Yazar: taNGo (emeğe saygı açıksından kaynak göstermeden lütfen başka sitelerde yayınlamayınız)