Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Bug Reports (Closed)
 (v3.4.03) XSS BUG+FIX: forum.asp
 Forum Locked  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 23 June 2003 :  21:03:34  Show Profile

forum.asp


around line #94 find the following:
if request("ARCHIVE") = "true" then
	strActivePrefix = strTablePrefix & "A_"
	ArchiveView = "true"
	ArchiveLink = "ARCHIVE=true&"
else
	strActivePrefix = strTablePrefix
	ArchiveView = ""
	ArchiveLink = ""
end if
replace that entire section of code with the following:
if request("ARCHIVE") = "true" then
	strActivePrefix = strTablePrefix & "A_"
	ArchiveView = "true"
	ArchiveLink = "ARCHIVE=true&"
elseif request("ARCHIVE") <> "" then
	Response.Redirect "default.asp"
	Response.End
else
	strActivePrefix = strTablePrefix
	ArchiveView = ""
	ArchiveLink = ""
end if


Then on line #384 find this:
		"          <form action=""" & Request.ServerVariables("SCRIPT_NAME") & "?" & Request.Querystring & """ method=""post"" name=""DaysFilter"">" & vbNewLine & _
and replace it with the following:
		"          <form action=""" & Request.ServerVariables("SCRIPT_NAME") & "?" & ChkString(Request.Querystring,"SQLString") & """ method=""post"" name=""DaysFilter"">" & vbNewLine & _

Doug G
Support Moderator

USA
6493 Posts

Posted - 23 June 2003 :  21:59:45  Show Profile
Thanks, Richard!

======
Doug G
======
Computer history and help at www.dougscode.com
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 24 June 2003 :  04:03:57  Show Profile
fixed in v3.4.04
Go to Top of Page
  Previous Topic Topic Next Topic  
 Forum Locked  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.13 seconds. Powered By: Snitz Forums 2000 Version 3.4.07