Navigation

Pligg Support

I'm not sure how but I think this module has security issue. When I log into my site I have it operating. I get a message "Webpage says Hii", so I am like??? What?

After looking at the code I see something has been added,

rss_import

Code Should Be

{literal}

function verify(){
msg = "Are you absolutely sure that you want to delete this feed?";
//all we have to do is return the return value of the confirm() method
return confirm(msg);
}

{/literal}

But it's showing like this,

{literal}

$(document).ready(function(){
alert('hii');
});

function verify(){
msg = "Are you sure that you want to delete this feed?";
//all we have to do is return the return value of the confirm() method
return confirm(msg);
}

{/literal}

Possible Answers

    Nope, that part of the code is in the core files.

    admin_rss_center.tpl lines 43-45

    You're mistaken.

    | Posted 142 days ago | Permalink | Hide Replies

    Are you saying you have two sites? Where one works but the other seems to have been hacked?

    Why don't you just copy over the RSS plugin files from the install that works to the broken one.

    If I misunderstood then download the RSS module again and reinstall it. Then check and compare the code.

    If they're different from new to old install I'd then check my permissions and passwords to make sure nobody can get into the site and mess with your files. Think about it!

    | Posted 142 days ago | Permalink | Hide Replies

    I'm sorry I don't know what you are talking abut,

    you say the page should say Hii with two ii's?

    $(document).ready(function(){

    alert('hii');

    });

    That is supposed to be there?

    | Posted 142 days ago | Permalink | Hide Replies

    What I am saying is that the code is in the core files. You can view it at the link below on Github. So it's neither a hack, nor a security issue. Why it was added? I haven't the slightest clue. I am not the author of that module.

    https://github.com/Pligg/modules/blob/master/rss_import/templates/admin_rss_center.tpl

    | Posted 142 days ago | Permalink | Hide Replies

    That is funny how I have another version without this code,

    $(document).ready(function(){

    alert('hii');

    });

    I don't think this belongs...

    | Posted 142 days ago | Permalink | Hide Replies

    You are always welcome to make a pull request on Github.

    | Posted 142 days ago | Permalink | Hide Replies

Who Upvoted this Story

Who Downvoted this Story