Author Topic: *** BtiTracker 1.4.6 released ***  (Read 12560 times)

Offline Lupin

  • Administrator
  • Hero Member
  • *****
  • Posts: 10,950
    • http://www.btiteam.org
*** BtiTracker 1.4.6 released ***
« on: November 23, 2007, 08:50:11 AM »
Hi guys,

Here a new version, waiting xbtit :D


Btit Tracker v.1.4.6
--------------------
FIXES:
------
- cosmetic changes (blocks/lasttorrents_block.php, blocks/toptorrents_block.php, edit.php)
- Guest can shout (using external html code) (blocks/shoutbox_block.php)
- Added latest crk_protection.php (thanks to cobracrk) (include/crk_protection.php)
- fixed peers issue (details.php)
- default language in recover (recover.php)
- Possible SQL injection (torrents.php)

LIST OF CHANGED FILES:
----------------------
- blocks/lasttorrents_block.php
- blocks/shoutbox_block.php
- blocks/toptorrents_block.php
- include/crk_protection.php
- include/functions.php
- details.php
- edit.php
- recover.php
- torrents.php


download:
  • attached torrent
  • download area
  • Sourceforge.net
« Last Edit: December 02, 2007, 02:57:34 PM by Lupin »
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

eipmoc

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #1 on: November 23, 2007, 11:01:20 AM »
Again, compliments for a job wel done

mar0der

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #2 on: November 23, 2007, 02:23:19 PM »
Hey guys,

Do you think that some of the fixes (about the SQL injections) will come soon for versions 1.5.xx

Offline Lupin

  • Administrator
  • Hero Member
  • *****
  • Posts: 10,950
    • http://www.btiteam.org
Re: *** BtiTracker 1.4.6 released ***
« Reply #3 on: November 23, 2007, 03:09:52 PM »
Hey guys,

Do you think that some of the fixes (about the SQL injections) will come soon for versions 1.5.xx
what is version 1.5x?
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

Offline Liroy

  • Forum Admin
  • Hero Member
  • *****
  • Posts: 939
Re: *** BtiTracker 1.4.6 released ***
« Reply #4 on: November 23, 2007, 03:25:44 PM »
i think is 1.5 PB edition

Offline monosgeri

  • Hero Member
  • *****
  • Posts: 682
Re: *** BtiTracker 1.4.6 released ***
« Reply #5 on: November 23, 2007, 03:29:25 PM »
At the installation the title still 1.45. But no problem, this security file is important. Thanks!
if(!$drunk)
$beer
++;

(http://dvd-plaza.org)

21h

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #6 on: November 23, 2007, 03:41:18 PM »
Make FTP\HTTP mirror please. I cant download torrent.

Offline Lupin

  • Administrator
  • Hero Member
  • *****
  • Posts: 10,950
    • http://www.btiteam.org
Re: *** BtiTracker 1.4.6 released ***
« Reply #7 on: November 23, 2007, 03:44:36 PM »
Make FTP\HTTP mirror please. I cant download torrent.
you haven't read the 1st post ;)
go to download section (here: http://www.btiteam.org/index.php?ind=downloads&op=entry_view&iden=88)
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

ginfoka

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #8 on: November 23, 2007, 04:03:10 PM »
hungarian?

Offline monosgeri

  • Hero Member
  • *****
  • Posts: 682
Re: *** BtiTracker 1.4.6 released ***
« Reply #9 on: November 23, 2007, 05:40:04 PM »
hungarian?

No, it's not the hungarian section of the forum...
http://www.btiteam.org/smf/index.php?board=107.0
if(!$drunk)
$beer
++;

(http://dvd-plaza.org)

DeltaCorp

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #10 on: November 23, 2007, 09:29:50 PM »
Nice... I change to this version right now...


fyndler

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #11 on: November 23, 2007, 11:31:26 PM »
Next release please do some work on staff page ;)

DopeShow

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #12 on: November 23, 2007, 11:37:47 PM »
What`s the thing with the SQL injection, because I don`t wanna upgrade (tracker highly modified), but I also don`t want any back doors.

Offline Liroy

  • Forum Admin
  • Hero Member
  • *****
  • Posts: 939
Re: *** BtiTracker 1.4.6 released ***
« Reply #13 on: November 23, 2007, 11:47:57 PM »
 in torrents.php

change this:
Code: [Select]
    // getting order
    if (isset($_GET["order"]))
         $order=htmlspecialchars(mysql_escape_string($_GET["order"]));
    else
        $order="data";

    if (isset($_GET["by"]))
        $by=htmlspecialchars(mysql_escape_string($_GET["by"]));
    else
        $by="DESC";

to this:
Code: [Select]
    // getting order
/******************************************************************************
    if (isset($_GET["order"]))
         $order=htmlspecialchars(mysql_escape_string($_GET["order"]));
    else
        $order="data";

    if (isset($_GET["by"]))
        $by=htmlspecialchars(mysql_escape_string($_GET["by"]));
    else
        $by="DESC";
******************************************************************************/

// Fixed possible SQL injection (thanks to jeremie78)
   $accepted_orders = array('speed', 'dwned', 'finished', 'leechers','seeds', 'size', 'data', 'filename', 'cname');
   $order = (isset($_GET['order']) && in_array($_GET['order'],$accepted_orders)) ? $_GET['order'] : 'data';
   $by = (isset($_GET["by"]) && $_GET["by"]=='ASC') ? 'ASC' : 'DESC';

//

djsenki

  • Guest
Re: *** BtiTracker 1.4.6 released ***
« Reply #14 on: November 27, 2007, 01:48:51 PM »
A trackerem starting soon might be also thank you for this version Jó will use . levve system inviting , bonus point , warn , free downloading in the following version . would be if