AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages! You are not logged in. Login here for full access privileges. |
Previous Message | Next Message | Back to VBBS/VADV Support <-- <--- | Return to Home Page |
|
||||||
From | To | Subject | Date/Time | |||
Steve Winn | Douglas Connor | Important Updates |
August 28, 2008 11:31 AM |
|||
Re: Important Updates > Steve Winn -> All wrote: > SW> I released two important updates today - both fixing the same bug. VA > SW> v3.11.080823 and VCleanDB v2.0.080823. The problem occurred while > SW> cleaning a > SW> deleted user's email. The databaases SNTEMAIL and ONELINE would becom > SW> corrupted and posed a security issue since it was possible users coul > SW> emails other users had sent. > > SW> I recommend that you delete SNTEMAIL.* and ONELINE.* from your DB dir > SW> after you update. > > SW> VCleanDB has also been converted into a console application. A new op > SW> (/COMPACT) has been added to compact databases which will improve acc > SW> speed. > > SW> Steve > Hey wow Steve > I got 3 updates quite close togather > Hey I hope you got all the bugs out Yeah after the first release I found another bug and killed it. The first bug was obvious once I looked into it and had been present for quite some time. The routine to cleanup user's email after you delete a user wasn't changing databases (it was always using the email database). So the SNTEMAIL and ONELINE would become corrupt because the BIN files would be from EMAIL.BIN. So if a user was deleted either using VADV32 or VCleanDB this would happen. The bad part was if you goto the sent emails in VADV-PHP or VMail then it was possible that content from other users emails would be shown. The second bug was trivial but needed to be fixed due to the new /COMPACT option. It was just a case of a CRLF being added to the BIN files after each time a deleted user was scanned. So the EMAIL, SNTEMAIL and ONELINE databases could have grown a few hundred bytes during the scan. This didn't cause any issues but when /COMPACT was performed it would fix it and show the discrepency in the log so it was a false positive. -- [AT2k] -- Your VBBS/VADV Support Center -- [www.at2k.org] -- [bbs.at2k.org] |
||||||
|
Previous Message | Next Message | Back to VBBS/VADV Support <-- <--- | Return to Home Page |
Execution Time: 0.0162 seconds If you experience any problems with this website or need help, contact the webmaster. VADV-PHP Copyright © 2002-2024 Steve Winn, Aspect Technologies. All Rights Reserved. Virtual Advanced Copyright © 1995-1997 Roland De Graaf. |