Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Announcements
 Announcements: Security Related Bug Fixes
 New security fix, members.asp
 New Topic  Topic Locked
 Printer Friendly
Author  Topic Next Topic  

ruirib
Snitz Forums Admin

Portugal
26362 Posts

Posted - 12 December 2010 :  09:17:18  Show Profile  Send ruirib a Yahoo! Message
This security fix applies to all Snitz 3.4.x versions and can coexist with the previous fix, even if this one makes the previous fix redundant.

1. Around line #86, add this code:


If SearchName <> "" Then
	If Not IsValidString(SearchName) Then
		Err_Msg = "Invalid Name!"

		Response.Write	"      <table width=""100%"" border=""0"">" & vbNewLine & _
				"        <tr>" & vbNewLine & _
				"          <td><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """>" & vbNewLine & _
				"          " & getCurrentIcon(strIconFolderOpen,"","") & " <a href=""default.asp"">All Forums</a><br />" & vbNewLine & _
				"          " & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpenTopic,"","") & " Member Information</font></td>" & vbNewLine & _
				"        </tr>" & vbNewLine & _
				"      </table>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """ color=""" & strHiLiteFontColor & """>There Was A Problem!</font></p>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strHiLiteFontColor & """>" & Err_Msg & "</font></p>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """><a href=""JavaScript:history.go(-1)"">Back to Forum</a></font></p>" & vbNewLine & _
				"      <br />" & vbNewLine
	WriteFooter
	Response.End
	
	End If
End if


After adding the code, members.asp will look like this, near the point where the code will be added:


SearchName = trim(Request("M_NAME"))
if SearchName = "" then
	SearchName = trim(Request.Form("M_NAME"))
end If

If SearchName <> "" Then
	If Not IsValidString(SearchName) Then
		Err_Msg = "Invalid Name!"

		Response.Write	"      <table width=""100%"" border=""0"">" & vbNewLine & _
				"        <tr>" & vbNewLine & _
				"          <td><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """>" & vbNewLine & _
				"          " & getCurrentIcon(strIconFolderOpen,"","") & " <a href=""default.asp"">All Forums</a><br />" & vbNewLine & _
				"          " & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpenTopic,"","") & " Member Information</font></td>" & vbNewLine & _
				"        </tr>" & vbNewLine & _
				"      </table>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """ color=""" & strHiLiteFontColor & """>There Was A Problem!</font></p>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strHiLiteFontColor & """>" & Err_Msg & "</font></p>" & vbNewLine & _
				"      <p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """><a href=""JavaScript:history.go(-1)"">Back to Forum</a></font></p>" & vbNewLine & _
				"      <br />" & vbNewLine
	WriteFooter
	Response.End
	
	End If
End if


SearchNameDisplay = Server.HTMLEncode(SearchName)
SearchName = chkString(SearchName, "sqlstring")


2. Add function isValidString to the end of the file:

At line #598, add:


Function IsValidString(sValidate)
	Dim sInvalidChars
	Dim bTemp
	Dim i
	' Disallowed characters
	sInvalidChars = "!#$%^&*()=+{}[]|\.;:/?>,<@' "
	for i = 1 To Len(sInvalidChars)
		if InStr(sValidate, Mid(sInvalidChars, i, 1)) > 0 then bTemp = True
		if bTemp then Exit For
	next
	for i = 1 to Len(sValidate)
		if Asc(Mid(sValidate, i, 1)) = 160 then bTemp = True
		if bTemp then Exit For
	next

	' extra checks for double dots or double spaces
	' no two consecutive dots or spaces
	if not bTemp then
		bTemp = InStr(sValidate, "..") > 0
	end if
	if not bTemp then
		bTemp = InStr(sValidate, "  ") > 0
	end if
	if not bTemp then
		bTemp = (len(sValidate) <> len(Trim(sValidate)))
	end if 'Addition for leading and trailing spaces

	' if any of the above are true, invalid string
	IsValidString = Not bTemp
End Function


After adding the fix, the code will look like this:


Function sGetColspan(lIN, lOUT)
	if (mlev = "4" or mlev = "3") then lOut = lOut + 2
	If lOut > lIn then
		sGetColspan = lIN
	Else
		sGetColspan = lOUT
	End If
end Function

Function IsValidString(sValidate)
	Dim sInvalidChars
	Dim bTemp
	Dim i
	' Disallowed characters
	sInvalidChars = "!#$%^&*()=+{}[]|\.;:/?>,<@' "
	for i = 1 To Len(sInvalidChars)
		if InStr(sValidate, Mid(sInvalidChars, i, 1)) > 0 then bTemp = True
		if bTemp then Exit For
	next
	for i = 1 to Len(sValidate)
		if Asc(Mid(sValidate, i, 1)) = 160 then bTemp = True
		if bTemp then Exit For
	next

	' extra checks for double dots or double spaces
	' no two consecutive dots or spaces
	if not bTemp then
		bTemp = InStr(sValidate, "..") > 0
	end if
	if not bTemp then
		bTemp = InStr(sValidate, "  ") > 0
	end if
	if not bTemp then
		bTemp = (len(sValidate) <> len(Trim(sValidate)))
	end if 'Addition for leading and trailing spaces

	' if any of the above are true, invalid string
	IsValidString = Not bTemp
End Function
%>


If you need help with the fix, please post in the General Help forum.



Snitz 3.4 Readme | Like the support? Support Snitz too

ruirib
Snitz Forums Admin

Portugal
26362 Posts

Posted - 19 February 2011 :  10:15:20  Show Profile  Send ruirib a Yahoo! Message
For anyone wanting to be able to search names with spaces, this line can be changed from:


sInvalidChars = "!#$%^&*()=+{}[]|\.;:/?>,<@' "

to

sInvalidChars = "!#$%^&*()=+{}[]|\.;:/?>,<@'"


The change is just the removal of the space character at the end of the string.


Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page
   Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2019 Snitz™ Communications Go To Top Of Page
This page was generated in 0.09 seconds. Powered By: Snitz Forums 2000 Version 3.4.07