Navigation

Pligg Support

I'm not sure how but I think this module has security issue. When I log into my site I have it operating. I get a message "Webpage says Hii", so I am like??? What?

After looking at the code I see something has been added,

rss_import

Code Should Be

{literal}

function verify(){
msg = "Are you absolutely sure that you want to delete this feed?";
//all we have to do is return the return value of the confirm() method
return confirm(msg);
}

{/literal}

But it's showing like this,

{literal}

$(document).ready(function(){
alert('hii');
});

function verify(){
msg = "Are you sure that you want to delete this feed?";
//all we have to do is return the return value of the confirm() method
return confirm(msg);
}

{/literal}

Possible Answers

    Nope, that part of the code is in the core files.

    admin_rss_center.tpl lines 43-45

    You're mistaken.

    | Posted 271 days ago | Permalink | Hide Replies

    Are you saying you have two sites? Where one works but the other seems to have been hacked?

    Why don't you just copy over the RSS plugin files from the install that works to the broken one.

    If I misunderstood then download the RSS module again and reinstall it. Then check and compare the code.

    If they're different from new to old install I'd then check my permissions and passwords to make sure nobody can get into the site and mess with your files. Think about it!

    | Posted 271 days ago | Permalink | Hide Replies

    I'm sorry I don't know what you are talking abut,

    you say the page should say Hii with two ii's?

    $(document).ready(function(){

    alert('hii');

    });

    That is supposed to be there?

    | Posted 271 days ago | Permalink | Hide Replies

    What I am saying is that the code is in the core files. You can view it at the link below on Github. So it's neither a hack, nor a security issue. Why it was added? I haven't the slightest clue. I am not the author of that module.

    https://github.com/Pligg/modules/blob/master/rss_import/templates/admin_rss_center.tpl

    | Posted 271 days ago | Permalink | Hide Replies

    That is funny how I have another version without this code,

    $(document).ready(function(){

    alert('hii');

    });

    I don't think this belongs...

    | Posted 271 days ago | Permalink | Hide Replies

    You are always welcome to make a pull request on Github.

    | Posted 271 days ago | Permalink | Hide Replies

Who Upvoted this Story

Who Downvoted this Story

Pligg.com's Support area is where you can ask questions and get answers. Just getting started with the Support area? This section describes tips for participating.

Submitting a Question or Comment

By taking a minute to research previous posts you may receive an answer much faster than waiting for a response to a new question. Begin by searching the support section for an answer. Sometimes you may even want to extend your search to the entire pligg.com domain.

If you are unable to find a relevant answer, submit a new question or comment here. Please provide a detailed description and, when necessary, debugging information such as your server environment (a link to a <?php phypinfo(); ?> .php page would be very helpful), your web browser, and any steps necessary to reproduce your issue.

Submitting an Answer

If you have an answer or useful response that you would like to add to a post, you can submit it as a comment which other users will then vote on. Answers are sorted by most popular to least, allowing the best information to climb to the top of the page.

Please read and vote for existing answers before submitting your own, as there may already be an acceptable answer provided. You can use the "Reply" link found within an answer to submit a response to it, in case you want to expand or comment on someone else's contribution.

Including Files or Code

Sometimes it is necessary for you to attach a file or include a snippet of code for others to reference in your response. In most cases, you can .zip up files and attach them to a question or answer using Pligg's file manager. At times though this may fail, and in these circumstances we recommend using a third party host. Below we are including a list of recommended websites where you can share easily share file uploads (or snippets of code) through the web.