swttch - Wed Sep 06, 2006 2:54 am Post subject: php problem On several of the links, (lazzby-www.crownofchaos.com, blackkie-world1.criminalsrpg.net, fika-Samurai War 2, Lady_of_Darkness-www.phantasyrpg.com, stulax18-www.outragerp.com) when the click is supposed to be counted, I get a download message for a php file, which i cananot open, and no credit is given for the click. wassup? the CRIMES links are not loading, either. Immortal43 - Wed Sep 06, 2006 5:22 am umm yeah, yarold, you might reallllly want to take these links down for a while, this is a MAJOR security issue... Thanatos - Wed Sep 06, 2006 7:11 am Links affected earlier are now going through ok - new links are being affected. 
Immortal43 - Wed Sep 06, 2006 7:46 am The link to this thread was giving me the problem. I don't think it's a problem with your code, i think someone is tampering. i got in here to post this another way, but yeah Immortal43 - Wed Sep 06, 2006 8:19 am I changed computers and am not getting the pop-ups anymore...i cleared the cookies on the other computer and no page will open. Maybe it's a problem with your cookies... problem is soley on FF too. Which leads to me think there's a possibility that it's a glitche instead of tampering, but i'm still leaning towards tampering involving cookies bella - Wed Sep 06, 2006 11:56 am i don't think it is browser related as it has also been occuring on internet explorer. We need Yarold to look into this. Metalteo - Wed Sep 06, 2006 12:16 pm It's the weirdest glitch I've seen on this site. It's not browser, user or link type related. We try to sort it out asap. Immortal43 - Wed Sep 06, 2006 4:40 pm Yeah, it's also the worst security breach the site has ever had, I'd have yarold change the pw or accesability to the server and ftp, and also check in his headers and includes to make sure none of them have been tampered with... MaMegakiller - Wed Sep 06, 2006 8:42 pm first i had the same problem on a few sites First with history and then with frames and an other time with login. Now I can't login to yarold with Mozilla at all.(It ask me what do do with the file php) With explorer the same problem so now and then I hope you find the problem soon Good luck MaMegakiller - Fri Sep 08, 2006 12:03 am I'm using windows XP with several accounts. loged in with my account i couldn't get login to yarold. But with another account ( on my pc) I could! After deleting the historyfiles from yesterday on my own account it was possible to login again on my own account! deleting internetfiles and cookies didn't do the trick Goto documents and settings ... user ... local settings.... history Maybe this will help some ppl to login again Grz Lady_of_Darkness mystery_mx - Fri Sep 08, 2006 1:27 am
i am having this prob too. whenever i go to yarold.ath.cx/swle/login.php, a download pops up for login.php. I was using Firefox, and i tried everything. Nothing worked. Then, i uninstalled it, and installed ie 7. after like 10 more tries on ie 7, it is working now. Please fix the problem. PaPPy - Sun Sep 10, 2006 9:19 am not much has been release as a security problem yes the table names and the coding has been viewed but alot still isnt known like what is in the include.php section yes some people can see the code and launch some attacks. but its happened in the past and im sure the site has had measures set up in advanced on, what could be having this problem, well even if someone downloads a php page, the server will still process the php code. but in this case the server isnt seeing the php code. something u can do is look into disabling downloading of pages, or images, i think its called leech protection, as a temp fix but as the root of the problem it seems like the php process is getting overloaded, by too many requests and shutting down, this could be a ddos or a buffer over flow, see what version yall have and make sure its current, if not patch/upgrade other than that, thats all i can think of hope the problem is resolved soon now its happening on logout, and login pages, and index page i cant even login without it offering me the login.php page Thanatos - Sun Sep 10, 2006 10:07 pm Also interesting to note: I got the php.file on a link on the main page - Yet can click the SAME link in history or dynasty page without getting it. Very strange.... 
All we can do is work around it until Yarold has a chance to check what's going on. Immortal43 - Mon Sep 11, 2006 9:30 pm
This is one of the slower times for the site, in the past we have had as many as 100+ members on most of every day, so unless some change has been made to his server host, unintentional overloading shouldn't be a problem... Which, after saying that, it is entirely possible that the host he uses has downgraded their servers, overloading their own servers or he has donwgraded his plan...But i wouldn't think so... So that would sort of lead to saying that either this is NOT unintentional overloading, or this isnt' the problem at all. If the site is actually still suseptical to Denial of Service attacks, then he's basically in the stone age lol, but i would doubt that... As to the actual problem, i don't really know, but i wish he'd fix it soon enough. PaPPy - Mon Sep 11, 2006 9:34 pm was just throwing that out there... *crawls back to his hole* Immortal43 - Tue Sep 12, 2006 2:47 am
no no no, was a great suggestion and it's clear you have a good amount of insight and knowledge so don't think i was raggin on ya lol 
Yarolds redirects now to a new server, so i have to assume it was a server problem, though this BB is still on the old server and i'm still getting the d/ls so yeah. mystery_mx - Mon Sep 18, 2006 4:20 am yay! its working for me now. they changed servers right? |
