Surferer`s Lose4

lose4.surferer.de

News: Updates November 09
News vom 24.11.2009:
Hi, Today you get this newsletter because I made some updates to the script and I decided it would be the fastest way to inform you. Don`t wonder why this newsletter is in english ... I just got the silly idea to improve or at least to train my english. Actually I have to read dozens of pages in english every week, but writing or speaking is a totally different thing. I expect, that if you get english mails, then they usually contain spam with the intention to sell viagra, fake watches, cheap software or penis enlargement sets. But I asure you, these things are no part of this newsletter :D If you don`t understand any english, then ... well then you won`t understand my advice to translate this text with Google Translator or whatever, so I don`t know - learn english. As I said, the reason of this newsletter is an update of the script due to security issues. This is the newsletter content: 1.) Security Update Xcontent 2.) Security Update Exportforce 3.) Addon Mobile Admin I won`t waste any more time, so let`s start: 1.) Security Update Xcontent Last week I detected a possibility to access information, that concern Xcontentaddons. These information should normally only be accessible by the admin. With some tricks anyone was able to see things, he actually was not allowed to see. This is no great problem, because these information were totally unimportant and because there was no chance to change saved data or any configuration. The only file you have to update to close this lack, is the index.php 2.) Security Update ExportForce As you probably read last week, some freaks made fun of using registration forms to expend a webmaster`s ExportForce request account. Due to this problem, Klamm made a change in his Api and introduced a new returncode (which doesn`t help so much, because it only occurs very late). To block this possibility I created a counter in the ef_check.php, which counts every request to the Klamm Api. You can set a maximum limit per day for these requests. So if this limit is exceeded, nobody can make any more requests. Set the value of the limit on Admin > Einstellungen > Transaktionen. The standard value is 100. 3.) Addon Mobile Admin Last week, I got a new mobile phone. It was the first time, I got one that is able to connect to webpages. So I decided to create an addon for the script SL4, that compresses some main functions on one site, so it could easily be accessed by a mobile phone. The resulted addon is called „Mobile Admin“. It provides you information about e.g. the amount of clicked paidbanner a day, tells you if there are new payoutrequests, shows you the last payoutactivites and some more. You also have three functions: These are: a) Sending a text, that gets published on the page Übersicht. b) Deactivating automatic payouts. And c) setting the page offline (and back online). If you like it, buy it :) >> at: http://www.klamm.de/forum/showthread.php?t=299963 That`s all. Make sure you install the update to avoid these security problems, that aren`t really bad and did never occur (on my page or on any I know), but better take these 2 minutes to install it, than getting into trouble. Of course, the whole script is updated, but you can also download the changed files in the upload area. Please use the forum for comments: http://lose4.surferer.de/?forum/ Have a nice day Surferer Philipp Walla Surferer`s Lose4 http://lose4.surferer.de