Your Time:
Our Time:

Version 5: warning – prepared statements are not working & UTF-8 issue

    • Topics: 5
    • Replies: 23
    • Total posts: 28
    pddv
    Member
    July 22, 2016 at 8:07 pm #15545

    Hi,

    1. the prepared statements are not working correctly. If you upload a php file instead a photo, then you are able to hijack the server. Please rework the prepared statements for the upload function and check if the file is a jpg, png or a gif-file. If the file is not a image file, then stop uploading the file.

    2. I localized the advanced testimonials manager into german language, but all special characters where not shown correctly, e.g. f�r instead of für, Vollst�ndige instead of Vollständige and so on. Could you please provide a solution?

    Thanks in advanced!

    Best regards
    Norman from pddv

    P.S.: I am able to upload a php file, e.g. a php file with phpinfo();
    Therefore I could do a lot of other things…
    http://www.bannersmonster.com/scripts/advtestm/upload/141113teste.php

    • This topic was modified 2 years by  pddv.
    • This topic was modified 2 years by  pddv.
    • This topic was modified 2 years by  pddv.

    Sorry, this forum is for verified users only. Please Login or Register to continue

Comments are closed.