Missing checks and a misplaced parenthesis. Sad.
Just wanted to mention that unless you have admins you don't trust with access to submissions and members or get targeted for exploitation in a very hard way at network level you should not worry.
To fix this:
open administration/submissions.php and add after/below require_once "../maincore.php"; this line
Need help? Having trouble?
» View our Documentation for guides, functions and more - including the Getting Started section!
» Attach Log Files and Screenshots when reporting issues
» Name and Organize your content correctly for best results - use good grammar
Who the hell thought "erectus" was a good species name for our ancestors?
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Please read and comply with the Code of Conduct
The members.php one is OK but the other one no. It has to be properly fixed. Or even better, we change they way we check GETs from no on, when we have a page with GETs we check right at the top (as I did in submission.php fix) if a given GET is set and if the value is valid, if not add a fallback or in worse cases redirect. This way not only we don't have to check GETs every time we do IFs and ELSEs and worry about forgetting a check but will also make it so much easier to maintain.
You can view all discussion threads in this forum. You cannot set up a bounty in this discussion thread. You can start a new discussion thread in this forum. You cannot reply in this discussion thread. You cannot start on a poll in this forum. You cannot upload attachments in this forum. You can download attachments in this forum. You cannot up or down-vote on the post in this discussion thread.