[en] How to fix security bug in Quick.Cms v0.3

wewior (OpenSolution)

Avatar: wewior

2007-03-08 12:47

In file "config/general.php" replace lines:

if( isset( $sLang ) && is_file$config['dir_lang'].$sLang.'.php' ) ){
  setCookie'sLanguage'$sLangtime( ) + 86400 );
  define'LANGUAGE'$sLang );
}
else{
  if( isset( $_COOKIE['sLanguage'] ) )
    define'LANGUAGE'$_COOKIE['sLanguage'] );
  else
    define'LANGUAGE'$config['default_lang'] );
}



to:

if( isset( $sLang ) && is_file$config['dir_lang'].$sLang.'.php' ) && strlen$sLang ) == ){
  setCookie'sLanguage'$sLangtime( ) + 86400 );
  define'LANGUAGE'$sLang );
}
else{
  if( !empty( $_COOKIE['sLanguage'] ) && strlen$_COOKIE['sLanguage'] ) == )
    define'LANGUAGE'$_COOKIE['sLanguage'] );
  else
    define'LANGUAGE'$config['default_lang'] );
}

Back to top

Over 32 thousand websites based on Quick.Cart and Quick.Cms. See the most interesting ones...

  • Screenshot of website aparperfume.pl
  • Screenshot of website sportowcydzieciom.pl
  • Screenshot of website jezykipodroze.pl
  • Screenshot of website powiat-wieruszowski.pl
  • Screenshot of website 4carriers.com
about us | contact