Jump to content

Community

Fisana.

Members
  • Content Count

    514
  • Joined

  • Last visited

About Fisana.

  • Rank
    Community Regular
  • Birthday September 1

IPS Marketplace

  • Resources Contributor
    Total file submissions: 1

Recent Profile Visitors

35,871 profile views
  1. What will happen if you go directly to the link? Will be removed the notification of the current user. That is, one way or another, can call the address and run the function of the current user without verifying that the request came from him. For example posting the directly link, shortened link or dynamic image. You don't check CSRF key and it is in this case is a potential vulnerability (see cross site request forgery attack). Suppose that in this case a small, but if it came to the removal of personal correspondence? This is serious.
  2. It is not so much a bug as CSRF vulnerability. No checking CSRF key. Thus malitious user may in some way to follow the link and delete all user notifications. We created a similar plugin without reloading the page on Ajax http://ipbskins.ru/forum/files/file/341-siv41-delete-all-notifications/ Uplaod to the marketplace, but for some unknown reason the file is not approved..
  3. All skins have been updated to 3.4.5/6

  4. You can revert the defaultHeader
  5. All skins have been updated to 3.4.3

  6. All skins have been updated to 3.4.2

  7. It's my issue Open and revert Forum View > forumIndexTemplate
  8. Thank you! I has been updated this skin to 3.4.1. Unfortunately all customizations will have to be transferred manually: ( The list of changed files (3.3.4 -> 3.4.1): Global Templates > globalTemplate Profiles > customizeProfile ipb_styles.css ipblog.css ipdownloads.css ipgallery.css ipb_ckeditor.css ipcontent.css ipb_common.css ipblog.print.css ipb_search.css
×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy