|
|
Joined: Apr 2011
Posts: 136
member
|
member
Joined: Apr 2011
Posts: 136 |
Does anybody know how this person got past the limit for subject text?
|
|
|
|
Joined: Dec 2003
Posts: 6,628 Likes: 85
|
Joined: Dec 2003
Posts: 6,628 Likes: 85 |
Must be a different forum than the url you gave me before. But anyway possibly you have html enabled for that board
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
|
Joined: Apr 2011
Posts: 136
member
|
member
Joined: Apr 2011
Posts: 136 |
I looked at the source but I didnt see any HTML changes in the span
<span id="subject0">megapixel game site megapixels memory cards megapixels 14 conversion megapixels to megabytes canon cameras 12.1 megapixels megapixels studio rates megapixel and photo size megapixels and image sizes kodak 12.2 megapixels md41 megapixel lens calculator megapixel video camera bold 9700 megapixels megapixels 12.1 how many megapixels do i need for a poster megapixels memory chart</span> </b>
|
|
|
|
Joined: Dec 2003
Posts: 6,628 Likes: 85
|
Joined: Dec 2003
Posts: 6,628 Likes: 85 |
Not sure where you got that from. Possibly view source in a browser? But it is html and <span id="subject0"> does not look native to ubb. Try editing the post and see if you can see what is embedded in the topic and post.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
|
Joined: Jul 2006
Posts: 2,143
Pooh-Bah
|
Pooh-Bah
Joined: Jul 2006
Posts: 2,143 |
version 6.5 is pretty put of date. Currently the topic title field in the database is varchar(255). I suspect it was back then too. Any restrictions in topic length via the form can be bypassed, and there surely was nothing in the actual scripts back then that would have limited it.
In other words, no, it wasn't hacked.
Last edited by David Dreezer; 06/11/2011 5:24 PM.
|
|
|
|
Joined: Apr 2011
Posts: 136
member
|
member
Joined: Apr 2011
Posts: 136 |
I know from experience that you can only use about 40 chars or less for the subject title so its got to be a script.
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
fairly easy to hack 6.5, or if you will, bypass perceived safety of the forum software and break the rules... matter of fact, up until 7.4 there were some holes that could be breached.
|
|
|
|
Joined: Apr 2011
Posts: 136
member
|
member
Joined: Apr 2011
Posts: 136 |
so you are saying its probably very easy to get admin passwords etc as well?
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
i know there was a flaw in how certain form submitted data was handled.
rather than go into details, the prudent thing would be to upgrade to 7.5.6, imho
then there are no questions
and 'very easy' is a relative term. 'joe blow' off the street would never get in, but....... you get the drift..
|
|
|
0 members (),
1,448
guests, and
60
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|