Adult Script Pro Community Forums

The forum is here for legacy reasons. No new posts will be created. User registration is disabled! If you have any questions, please email us or check https://www.adultscriptpro.com for more details!

You are not logged in.

#1 2015-08-06 15:45:57

symtab
Administrator
Registered: 2010-08-23
Posts: 7,501
Website

Adult Script Pro 2.0.7 Released (Security Fix)

Hi,

I just finished packaging Adult Script Pro version 2.0.7. A lot of bugs fixed and a few security improvements. Changelog:

2.0.7 Mon Jun  8 16:49:47 EEST 2015
    - fixed video delete bug
    - added photo categories rebuild tool
    - fixed mobile video view premium bug
    - fixed nuevo player rtmp streaming with hd
    - fixed menu footer bug when cache is enabled
    - fixed admin spam comments empty type bug
    - fixed admin photo tags rebuild bug
    - updated nuevo player to fix overlay bug
    - fixed nuevo player IDDLE typo
    - fixed pornstar browse letter bug
    - fixed photo ftp upload bug
    - fixed video edit thumb selection bug
    - fixed footer menu display when cache is enabled
    - fixed admin module add security bug
    - added support for image validation function
    - added support for common file extensions validation
    - fixed admin photo config file extensions validation
    - fixed admin photo archive upload temp name generation
    - fixed admin photo archive upload delete after add
    - fixed admin pornstar config file extensions validation
    - fixed admin user avatar upload tmp file creation
    - fixed admin user avatar upload extension validation
    - fixed admin pornstar photo upload tmp file creation
    - fixed admin pornstar photo upload extension validation
    - fixed admin user config avatar file extensions validation
    - fixed admin user edit avatar extension validation
    - fixed admin video config video extensions validations
    - fixed admin video config thumb extensions validations
    - fixed admin video upload file extension validation
    - fixed admin video upload file format validation
    - fixed user avatar upload file format validation
    - fixed user avatar upload file extension validation
    - fixed video upload file extension validation
    - fixed video upload file format validation
    - fixed mobile video upload file extension validation
    - fixed mobile video upload file format validation

If you already bought Adult Script Pro 2.0.6 (or a previous version) you can download the new version from Avangate or you can send us a email!
Checkout the full feature list at: http://www.adultscriptpro.com/features.html
Checkout the demo at: http://www.adultscriptpro.com/demo.html
Order here: http://www.adultscriptpro.com/order.html

Thank you!


Adult Scripts: Adult Script Pro - Adult Search Script
Adult Advertising/Traffic: Plug Rush - EXOClick - PopAds

Offline

#2 2015-08-06 15:52:46

symtab
Administrator
Registered: 2010-08-23
Posts: 7,501
Website

Re: Adult Script Pro 2.0.7 Released (Security Fix)

This release contains an important security fix and its recommended to upgrade as fast as possible. No matter if you upgrade or not, the following actions also need to be considered:
1. Delete the install folder (if you do not delete the install folder the script will not work).
2. Make sure your admin username and password are not admin/admin
3. If you have the symtab username in the admin panel (Admin -> User -> Manage), delete it.
4. Make sure php code cannot be executed in the media, tmp and sitemaps folders. To do this, you need to consider the following:
a. If you are running apache, please create a .htaccess file in the tmp, media and sitemaps folder (and all subfolders) containing the following:

<IfModule mod_php4.c>
  php_value engine off
</IfModule>
<IfModule mod_php5.c>
  php_value engine off
</IfModule>

b. if you are running nginx, the following changes need to be done:
- make sure you have

try_files $uri =404;

as the first line for the .php files location
- make sure php cannot be executed in the media and tmp folders

location ^~ /media/ {
    location ~ \.php$ {
        deny all;
    }
}

location ^~ /tmp/ {
    deny all;
}

Most of the above is not required if you upgrade to the 2.0.7 version.


Adult Scripts: Adult Script Pro - Adult Search Script
Adult Advertising/Traffic: Plug Rush - EXOClick - PopAds

Offline

Board footer

Powered by FluxBB