Btit Tracker v.1.4.8
--------------------
FIXES:
------
- possibile SQL Injection (scrape.php)
LIST OF CHANGED FILES:
----------------------
- include/crk_protection.php
- include/functions.php
- install/index.php
- scrape.php
Btit Tracker v.1.4.7
--------------------
FIXES:
------
LIST OF CHANGED FILES:
----------------------
Btit Tracker v.1.4.6
--------------------
FIXES:
------
- cosmetic changes (blocks/lasttorrents_block.php, blocks/toptorrents_block.php, edit.php)
- Guest can shout (using external html code) (blocks/shoutbox_block.php)
- Added latest crk_protection.php (thanks to cobracrk) (include/crk_protection.php)
- fixed peers issue (details.php) (http://sourceforge.net/tracker/index.php?func=detail&aid=1828098&group_id=146822&atid=766508)
- default language in recover (recover.php)
- Possible SQL injection (torrents.php)
LIST OF CHANGED FILES:
----------------------
- blocks/lasttorrents_block.php
- blocks/shoutbox_block.php
- blocks/toptorrents_block.php
- include/crk_protection.php
- include/functions.php
- details.php
- edit.php
- recover.php
- torrents.php
Btit Tracker v.1.4.5
--------------------
FIXES:
------
- extend error messages on signup and XSS fix(account.php)
- guest can view torrent's details using full url and guest edit/delete guest's torrents (details.php) (https://sourceforge.net/tracker/index.php?func=detail&aid=1748243&group_id=146822&atid=766508)
- XSS fix (moresmiles.php)
- XSS fix (recover.php)
- external progress % (torrents.php)
- XSS fix (usercp.php) (https://sourceforge.net/tracker/index.php?func=detail&aid=1753797&group_id=146822&atid=766508)
- guest can shout (blocks/shoutbox_block.php) (https://sourceforge.net/tracker/index.php?func=detail&aid=1764809&group_id=146822&atid=766508)
- SQL Injection fix (include/functions.php)
LIST OF CHANGED FILES:
----------------------
account.php
details.php
moresmiles.php
recover.php
torrents.php
usercp.php
blocks/shoutbox_block.php
include/functions.php
Btit Tracker v.1.4.4
--------------------
FIXES:
------
- all externals torrents should update correctly now (functions.php).
- secured user's data change (email, etc.) in usercp.php
- upload/download bug (announce.php) (https://sourceforge.net/tracker/index.php?func=detail&aid=1729127&group_id=146822&atid=766508)
- syntax error (details.php)
- category fix (edit.php) (http://www.btiteam.org/smf/index.php?topic=8009.0)
- syntax error (login.php)
- correct error when image code is enabled (recover.php)(http://sourceforge.net/tracker/index.php?func=detail&aid=1733872&group_id=146822&atid=766508)
- correct problem with extras smilies (shoutbox_block.php)
- disabled the check "allow tracker to retrieve informations from torrent", so it'll always do it and fix category dropdown menu. (upload.php)
- pm outbox problem (usercp.php)(http://sourceforge.net/tracker/index.php?func=detail&aid=1723482&group_id=146822&atid=766508)
- syntax errors (userdetails.php) (http://sourceforge.net/tracker/index.php?func=detail&aid=1739546&group_id=146822&atid=766508)
LIST OF CHANGED FILES:
----------------------
announce.php
edit.php
login.php
recover.php
shoutbox_block.php
torrents.php
upload.php
usercp.php
userdetails.php
include/functions.php
Btit Tracker v.1.4.3
--------------------
FIXES:
------
- customized groups assignement (account.php) (https://sourceforge.net/tracker/index.php?func=detail&aid=1723234&group_id=146822&atid=766508)
- editing torrent with apostrophes names (https://sourceforge.net/tracker/index.php?func=detail&aid=1720513&group_id=146822&atid=766508)
- changed all max() functions with intval() function which is more secure.
LIST OF CHANGED FILES:
----------------------
account_change.php
account.php
comment.php
edit.php
forum.php
news.php
torrents.php
recover.php
admincp.php
announce.php
details.php
peers.php
torrent_history.php
usercp.php
userdetails.php
include/functions.php
Btit Tracker v.1.4.2
--------------------
FIXES:
------
- functions.php, alway turn off register global and simulate if not set.
- sanitized forum.php.
- download.php, fixed PID with multitracker's torrents.
LIST OF CHANGED FILES:
----------------------
download.php
forum.php
include/functions.php
Btit Tracker v.1.4.1
--------------------
if you update from previous version, DON'T upload install folder and
run the query upgrade/v14_to_v141.sql for upgrading your database.
NEW:
----
- Installation script (thanks JBoy).
FIXES:
------
- Admincp access by all authorized users and classes.
- Mysql stats (admincp) use tracker style.
- Delete comments from torrent's details.
- possible XSS injections in forum, usercp, users.
- problem in announce if php not compiled with bcmath support.
- Image code in recover
- changed password cookie.
- All problems found on 1.4 by users.
- Email verification when user change own email (usercp), hack by Petr1fied.
NEW LANGUAGES CONSTANTS (ALREADY DONE IN INCLUDED ENGLISH.PHP):
---------------------------------------------------------------
define("REVERIFY_MSG", "If you attempt to change your email address you will be sent a verification link to the email address you wish to change it to.
The email address on your record will not update until you verify the new address by clicking the link.");
define("EMAIL_VERIFY", "email account update at $SITENAME");
define("EMAIL_VERIFY_BLOCK", "Verification email sent");
define("EMAIL_VERIFY_MSG", "Hello,\n\nThis email has been sent because you have requested a change to the email address currently held on your record, please click the link below to complete the change.\n\nBest regards from the staff.");
define("EMAIL_VERIFY_SENT1","