*** BtiTracker 1.4.6 released ***

  • 15 Replies
  • 19873 Views
*

Offline Lupin

  • *****
  • 10,985
  • +0/-0
    • http://www.btiteam.org
*** BtiTracker 1.4.6 released ***
« on: November 23, 2007, 08:50:11 am »
Hi guys,

Here a new version, waiting xbtit :D


Btit Tracker v.1.4.6
--------------------
FIXES:
------
- cosmetic changes (blocks/lasttorrents_block.php, blocks/toptorrents_block.php, edit.php)
- Guest can shout (using external html code) (blocks/shoutbox_block.php)
- Added latest crk_protection.php (thanks to cobracrk) (include/crk_protection.php)
- fixed peers issue (details.php)
- default language in recover (recover.php)
- Possible SQL injection (torrents.php)

LIST OF CHANGED FILES:
----------------------
- blocks/lasttorrents_block.php
- blocks/shoutbox_block.php
- blocks/toptorrents_block.php
- include/crk_protection.php
- include/functions.php
- details.php
- edit.php
- recover.php
- torrents.php


download:
  • attached torrent
  • download area
  • Sourceforge.net
« Last Edit: December 02, 2007, 02:57:34 pm by Lupin »
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

*

eipmoc

Re: *** BtiTracker 1.4.6 released ***
« Reply #1 on: November 23, 2007, 11:01:20 am »
Again, compliments for a job wel done

*

mar0der

Re: *** BtiTracker 1.4.6 released ***
« Reply #2 on: November 23, 2007, 02:23:19 pm »
Hey guys,

Do you think that some of the fixes (about the SQL injections) will come soon for versions 1.5.xx

*

Offline Lupin

  • *****
  • 10,985
  • +0/-0
    • http://www.btiteam.org
Re: *** BtiTracker 1.4.6 released ***
« Reply #3 on: November 23, 2007, 03:09:52 pm »
Hey guys,

Do you think that some of the fixes (about the SQL injections) will come soon for versions 1.5.xx
what is version 1.5x?
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

*

Offline Liroy

  • *****
  • 939
  • +0/-0
Re: *** BtiTracker 1.4.6 released ***
« Reply #4 on: November 23, 2007, 03:25:44 pm »
i think is 1.5 PB edition

*

Offline monosgeri

  • *****
  • 678
  • +0/-0
Re: *** BtiTracker 1.4.6 released ***
« Reply #5 on: November 23, 2007, 03:29:25 pm »
At the installation the title still 1.45. But no problem, this security file is important. Thanks!
if(!$drunk)
$beer
++;


*

21h

Re: *** BtiTracker 1.4.6 released ***
« Reply #6 on: November 23, 2007, 03:41:18 pm »
Make FTP\HTTP mirror please. I cant download torrent.

*

Offline Lupin

  • *****
  • 10,985
  • +0/-0
    • http://www.btiteam.org
Re: *** BtiTracker 1.4.6 released ***
« Reply #7 on: November 23, 2007, 03:44:36 pm »
Make FTP\HTTP mirror please. I cant download torrent.
you haven't read the 1st post ;)
go to download section (here: http://www.btiteam.org/index.php?ind=downloads&op=entry_view&iden=88)
Please don't PM me about question already asked in forum!

Help or support requested using PM will be billed 50 euros/hour, minimum 1 hour; support on forum is free.

*

ginfoka

Re: *** BtiTracker 1.4.6 released ***
« Reply #8 on: November 23, 2007, 04:03:10 pm »
hungarian?

*

Offline monosgeri

  • *****
  • 678
  • +0/-0
Re: *** BtiTracker 1.4.6 released ***
« Reply #9 on: November 23, 2007, 05:40:04 pm »
if(!$drunk)
$beer
++;


*

DeltaCorp

Re: *** BtiTracker 1.4.6 released ***
« Reply #10 on: November 23, 2007, 09:29:50 pm »
Nice... I change to this version right now...


*

fyndler

Re: *** BtiTracker 1.4.6 released ***
« Reply #11 on: November 23, 2007, 11:31:26 pm »
Next release please do some work on staff page ;)

*

DopeShow

Re: *** BtiTracker 1.4.6 released ***
« Reply #12 on: November 23, 2007, 11:37:47 pm »
What`s the thing with the SQL injection, because I don`t wanna upgrade (tracker highly modified), but I also don`t want any back doors.

*

Offline Liroy

  • *****
  • 939
  • +0/-0
Re: *** BtiTracker 1.4.6 released ***
« Reply #13 on: November 23, 2007, 11:47:57 pm »
 in torrents.php

change this:
Code: [Select]
    // getting order
    if (isset($_GET["order"]))
         $order=htmlspecialchars(mysql_escape_string($_GET["order"]));
    else
        $order="data";

    if (isset($_GET["by"]))
        $by=htmlspecialchars(mysql_escape_string($_GET["by"]));
    else
        $by="DESC";

to this:
Code: [Select]
    // getting order
/******************************************************************************
    if (isset($_GET["order"]))
         $order=htmlspecialchars(mysql_escape_string($_GET["order"]));
    else
        $order="data";

    if (isset($_GET["by"]))
        $by=htmlspecialchars(mysql_escape_string($_GET["by"]));
    else
        $by="DESC";
******************************************************************************/

// Fixed possible SQL injection (thanks to jeremie78)
   $accepted_orders = array('speed', 'dwned', 'finished', 'leechers','seeds', 'size', 'data', 'filename', 'cname');
   $order = (isset($_GET['order']) && in_array($_GET['order'],$accepted_orders)) ? $_GET['order'] : 'data';
   $by = (isset($_GET["by"]) && $_GET["by"]=='ASC') ? 'ASC' : 'DESC';

//

*

djsenki

Re: *** BtiTracker 1.4.6 released ***
« Reply #14 on: November 27, 2007, 01:48:51 pm »
A trackerem starting soon might be also thank you for this version Jó will use . levve system inviting , bonus point , warn , free downloading in the following version . would be if

 


Powered by EzPortal