Author Topic: ดำเนินการ Update ระบบ SMF 1.1.16 to 1.1.17  (Read 13535 times)

0 Members and 1 Guest are viewing this topic.

Offline Nick

  • Administrator
  • Platinum Member
  • *
  • Posts: 46028
  • Karma: +1000/-0
  • Gender: Male
  • NickCS
    • http://www.facebook.com/nickcomputerservices
    • http://www.twitter.com/nickcomputer
    • Computer Chiangmai

รายละเอียดการอัพเดท ระบบ SMF 1.1.16 to 1.1.17 เพื่อความปลอดภัย

Quote
<edit file>
$boarddir/index.php
</edit file>

<search for>
* =============================================================================== *
* Software Version:           SMF 1.1.16                                          *
</search for>

<replace>
* =============================================================================== *
* Software Version:           SMF 1.1.17                                          *
</replace>

<search for>
$forum_version = 'SMF 1.1.16';
</search for>

<replace>
$forum_version = 'SMF 1.1.17';
</replace>


<edit file>
$boarddir/SSI.php
</edit file>

<search for>
* =============================================================================== *
* Software Version:           SMF 1.1.13                                          *
</search for>

<replace>
* =============================================================================== *
* Software Version:           SMF 1.1.17                                          *
</replace>

<search for>
function ssi_boardNews($board = null, $limit = null, $start = null, $length = null, $output_method = 'echo')
{
   global $scripturl, $db_prefix, $txt, $settings, $modSettings, $context;
</search for>

<replace>
function ssi_boardNews($board = null, $limit = null, $start = null, $length = null, $output_method = 'echo')
{
   global $scripturl, $db_prefix, $txt, $settings, $modSettings, $context, $user_info;
</replace>

<search for>
      SELECT ID_FIRST_MSG
      FROM {$db_prefix}topics
      WHERE ID_BOARD = $board
      ORDER BY ID_FIRST_MSG DESC
</search for>

<replace>
      SELECT t.ID_FIRST_MSG
      FROM {$db_prefix}topics as t
         LEFT JOIN {$db_prefix}boards as b ON (b.ID_BOARD = t.ID_BOARD)
      WHERE t.ID_BOARD = $board
         AND $user_info[query_see_board]
      ORDER BY t.ID_FIRST_MSG DESC
</replace>


<edit file>
$sourcedir/Security.php
</edit file>

<search for>
* =============================================================================== *
* Software Version:           SMF 1.1.9                                           *
</search for>

<replace>
* =============================================================================== *
* Software Version:           SMF 1.1.17                                          *
</replace>

<search for>
      if ($good_password || $_POST['admin_hash_pass'] == sha1($user_info['passwd'] . $sc))
      {
         $_SESSION['admin_time'] = time();
         return;
      }
</search for>

<replace>
      if ($good_password || $_POST['admin_hash_pass'] == sha1($user_info['passwd'] . $sc))
      {
         $_SESSION['admin_time'] = time();
         unset($_SESSION['request_referer']);
         return;
      }
</replace>

<search for>
      if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
      {
         $_SESSION['admin_time'] = time();
         return;
      }
   }

</search for>

<replace>
      if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
      {
         $_SESSION['admin_time'] = time();
         unset($_SESSION['request_referer']);
         return;
      }
   }

   // Better be sure to remember the real referer
   if (empty($_SESSION['request_referer']))
      $_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
   elseif (empty($_POST))
      unset($_SESSION['request_referer']);
</replace>

<search for>
   $referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
</search for>

<replace>
   if (isset($_SESSION['request_referer']))
      $referrer = $_SESSION['request_referer'];
   else
      $referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
</replace>



ตามประกาศจาก SMF ให้ดำเนินการ อัพเดท ระบบ เพื่อความปลอดภัย

Quote
SMF 2.0.3, 1.1.17 and 1.0.23 security patches released
« on: December 16, 2012, 05:05:30 PM »
Dear users,

Simple Machines Forum has released a security patch with version numbers: SMF 1.0.23, SMF 1.1.17 and SMF 2.0.3.
A security issue has been identified in all versions and is fixed with this patch, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe.
In addition to the security patch, a few bug fixes to SMF 2.0.2 are also included within the patch for 2.0.x.
The most relevant bug fix is an issue that will arise in few months with PayPal: starting on February 1, 2013 PayPal will only accept headers which comply with the HTTP 1.1 specification.

If you are running 2.0.2, you can update your forum to 2.0.3 using the package manager. You should see the upgrade notification in the Admin panel and in the package manager, allowing you to download and install seamlessly. If you don't have a notification about the update, please run the scheduled task "Fetch Simple Machines files".
You can also download the patch for 2.0.2 from the customize site: smf_patch_2.0.3.tar.gz patch, and install it using the package manager.

If you are running 1.1.16, you can update to 1.1.17 with the smf_patch_1.0.23_1.1.17.tar.gz patch, also using the package manager.
If you are running SMF 1.0.22, take into consideration that this will most likely be the last patch for this version of SMF, which is reaching its "end of life". You can update to 1.0.23 with the smf_patch_1.0.23_1.1.17.tar.gz patch, also using the package manager.

If you use older versions of SMF, you can upgrade with the full upgrade packages from the downloads page.
Please find the changelog for the latest release, as usual, on the downloads page as well:
http://download.simplemachines.org/
If you are having problems downloading the patch from the admin panel, you can download the package from the upgrades page here:
http://custom.simplemachines.org/upgrades/
and install it like a mod.
Please refer also to the Online Manual for more details about:
* upgrading http://wiki.simplemachines.org/smf/Upgrading
* updating http://wiki.simplemachines.org/smf/Updating
* patching http://wiki.simplemachines.org/smf/Patching

Please do not use this topic for support requests. You will get a much quicker and better response by posting in the relevant support board!


Regards,
Simple Machines Forum


 
Share this topic...
In a forum
(BBCode)
In a site/blog
(HTML)


Related Topics

  Subject / Started by Replies Last post
0 Replies
3134 Views
Last post February 04, 2012, 08:41:13 AM
by Nick
0 Replies
4136 Views
Last post March 16, 2012, 08:44:34 PM
by Nick
0 Replies
12433 Views
Last post October 29, 2013, 12:55:42 PM
by Nick
0 Replies
2317 Views
Last post January 31, 2014, 01:26:25 PM
by Nick
0 Replies
2283 Views
Last post October 18, 2014, 12:44:11 AM
by tsunami09
67 Replies
12354 Views
Last post March 26, 2015, 12:51:25 PM
by sandeejung
0 Replies
2341 Views
Last post August 05, 2016, 01:30:41 PM
by Nick
0 Replies
5836 Views
Last post December 25, 2016, 03:06:28 PM
by Nick
0 Replies
6403 Views
Last post March 03, 2017, 03:28:41 PM
by Nick
0 Replies
13829 Views
Last post November 29, 2017, 01:57:11 PM
by Nick