部分用7.3的用户有下面问题 : 用户组管理出错 Warning: mysql_fetch_assoc(): 13 is not a valid MySQL result resource in /usr/home/xxxxx/public_html/engine/classes/mysql.class.php on line 100 或者存在falsh文件上传和演示bug. 下面是解决方案. 下载补丁文件: http://www.downforall.com/file.php?file=6b59a821a060429885a48656596e762b 上传覆盖: engine/inc/usergroup.php engine/inc/files.php engine/classes/swfupload/swfupload.js engine/classes/swfupload/swfupload.swf 方法来自国外
保护备份的数据库
Step 1: – The .htaccess doesn’t provide a protection to anyone from downloading the backups. – The .htaccess doesn’t prevent search engines from entering this folder so: – Open .htaccess which in your backup folder and enter this code: <Files “*.sql”> Deny from all </Files> <Files “*.gz”> Deny from all </Files> Now you prevent the [...]
利用.htaccess保护你的.tpl模板、images文件夹、css文件
如何保护你的.tpl模板: – 打开一个文本编辑器,我通常用gedit ,复制下面文本: Order Deny,Allow Allow from all <Files “*.tpl”> Deny from all </Files> – 另存为 .htaccess – 上传到你的模板目录. -保护图片被盗链用下列代码保存为.htaccess传到图片目录 Order Deny,Allow Allow from all <Files “*.gif”> Deny from all </Files> <Files “*.jpg”> Deny from all </Files> – 方法同上,保护css用下面代码 <Files “*.css”> Deny from all </Files>
如何解决”Warning: Division by zero in /tagscloud.php on line xx”
作者:dle-support 翻译:站长帮 我们很多人在用datalife时会发前端现网页头部出现下面一行: warning: Division by zero in /home/xxxx/public_html/engine/modules/tagscloud.php on line xx XX 是数字 这是一个空tag的结果. 这里告诉你如何改善。 感谢 Apotikos 和 gjizaqi -打开engine目录下 engine/modules/tagscloud.php – 找到: foreach ($tags as $tag => $value) { $list[$tag]['tag'] = $tag; $list[$tag]['size'] = $sizes[sprintf("%d", ($value-$min)/$range*4)]; } – 把下面字符串: range*4 换成: range*2 好了。 站长测试了。
DLE7.2 版Xss跨站漏洞被发现(Exploit)
Author : Hadi Kiamarsi ——————————————- Discovered by : Hadi Kiamarsi ——————————————- Exploited By : Hadi Kiamarsi ——————————————- E-Mail : hadikiamarsi[at]hotmail.com ——————————————- CMS: Datalife Engine ( version 7.2 ) ——————————————- XSS Exploit : query : http://[www.example.com]/admin.php/%3E%22%3E%3CScRiPt%3Ealert(‘Hadi-Kiam arsi’)%3C/ScRiPt%3E
