From 0fa5dac3aa034e01e4e1c99e6c4610085a4ff382 Mon Sep 17 00:00:00 2001 From: e107steved Date: Mon, 5 Apr 2010 21:35:09 +0000 Subject: [PATCH] Bugtracker #4929 XHTML compliance. --- e107_languages/English/admin/lan_admin.php | 10 +++++----- news.php | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/e107_languages/English/admin/lan_admin.php b/e107_languages/English/admin/lan_admin.php index 8f3739dfb..916f69af9 100644 --- a/e107_languages/English/admin/lan_admin.php +++ b/e107_languages/English/admin/lan_admin.php @@ -206,11 +206,11 @@ define("ADLAN_LAT_7", "File uploads"); define("ADLAN_LAT_8", "There are unmoderated administrator messages"); //LAN_WARNING define("ADLAN_ERR_1", "Warning!"); -define("ADLAN_ERR_2", "There are files on your server that are known to be exploitable. These must be removed immediately. The files are related to the older 0.6xx branch of e107. Please delete the following directories and all their contents:"); -define("ADLAN_ERR_3", "There are one or more files in your public upload directories that are not in your allowed upload filetypes list. These may have been placed here by an attacker and if so should be removed immediately. You should not open these files as this may execute any malicious code the file might contain; i.e. do not open them with your browser.

If you recognise these files as being legitimate, it is likely that due to the recent allowed filetypes changes, the filetype you allowed is no longer in the allowed filetypes list and you will need to re-add it (see admin => uploads). You should not allow the upload of .html, .txt, etc as an attacker may upload a file of this type which includes malicious javascript. You should also, of course, not allow the upload of .php files or any other type of executable script.

Below is the list of files that could potentially be malicious:"); -define("ADLAN_ERR_4", "Deprecated plugin file(s) found"); -define("ADLAN_ERR_5", "The following files need to be renamed to"); -define("ADLAN_ERR_6", "Then, click here to re-scan your plugin folders."); +//define("ADLAN_ERR_2", "There are files on your server that are known to be exploitable. These must be removed immediately. The files are related to the older 0.6xx branch of e107. Please delete the following directories and all their contents:"); +define("ADLAN_ERR_3", "There are one or more files in your public upload directories that are not in your allowed upload filetypes list. These may have been placed here by an attacker and if so should be removed immediately. You should not open these files as this may execute any malicious code the file might contain; e.g. do not open them with your browser.

If you recognise these files as being legitimate, it is likely that the filetype is no longer in the allowed filetypes list for some reason, and you will need to re-add it (see admin => uploads). You should not allow the upload of .html, .txt, etc as an attacker may upload a file of this type which includes malicious javascript. You should also, of course, not allow the upload of .php files or any other type of executable script.

Below is the list of files that could potentially be malicious:"); +//define("ADLAN_ERR_4", "Deprecated plugin file(s) found"); +//define("ADLAN_ERR_5", "The following files need to be renamed to"); +//define("ADLAN_ERR_6", "Then, click here to re-scan your plugin folders."); // Common Terms diff --git a/news.php b/news.php index 1e2d08513..540778a74 100644 --- a/news.php +++ b/news.php @@ -225,7 +225,7 @@ if ($action == 'cat' || $action == 'all') { $NEWSLISTTITLE = str_replace("{NEWSCATEGORY}",$tp->toHTML($category_name,FALSE,'TITLE'),$NEWSLISTTITLE); } - $text .= "
".LAN_NEWS_84."
"; + $text .= "
".LAN_NEWS_84."
"; ob_start(); $ns->tablerender($NEWSLISTTITLE, $text); $cache_data = ob_get_flush();