Can someone test this for me pls

I would like to someone to test for me this pls , and confirm to me if there's no possible attack at all .

I did unstall my site for the 3d time and start it from new , with all the fixes given but while i paste this script into the Html Block it does show Possible Attack ! only using this script :

<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_GB"></script><script type="text/javascript">FB.init("a707eb03c91f5dcaf6771d351177b05a");</script><fb:fan profile_id="191603651353" stream="" connections="10" width="300"></fb:fan><div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/apps/application.php?id=191603651353">The Moroccan Community Project on Facebook</a> </div>

Can anyone give it a try and confirm if it does show possible attack or not ?

Thanks ! Please don't blame me if you cant retrieve your password or anything .

Am only trying to help out ...

This is what i got :

Database error in

Query:

SELECT `ID` FROM `sys_localization_languages` WHERE `Name`='en' LIMIT 1

Mysql error: Table 'xxxxx_xxxx.sys_localization_languages' doesn't exist

Found error in the file '/home/xxxxx/public_html/inc/classes/BxDolEmailTemplates.php' at line 31.
Called 'getOne' function with erroneous argument #0.

or

Total impact: 12
Affected tags: sqli, id, lfi

Variable: REQUEST.fbsetting_a707eb03c91f5dcaf6771d351177b05a | Value: {\&quot;connectState\&quot;:2,\&quot;oneLineStorySetting\&quot;:3,\&quot;shortStorySetting\&quot;:3,\&quot;inFacebook\&quot;:false}
Impact: 6 | Tags: sqli, id, lfi
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43

Variable: COOKIE.fbsetting_a707eb03c91f5dcaf6771d351177b05a | Value: {\&quot;connectState\&quot;:2,\&quot;oneLineStorySetting\&quot;:3,\&quot;shortStorySetting\&quot;:3,\&quot;inFacebook\&quot;:false}
Impact: 6 | Tags: sqli, id, lfi
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43
Centrifuge detection data  Threshold: 3.49  Ratio: 2.5

REMOTE_ADDR: xxxxxxxxxxxxxxxxx
HTTP_X_FORWARDED_FOR:

Ok , why you guy's want to do me this favor ! try that script in Page Blocks--->Home Page---> Html Block and let me know if you don't get possible attack or not !!!

Yes i agree with you all it's fixed but when i use that Script above everything show as Possible Attack .

I see everyone is happy and no one had this problem since the latest fix has come to life ! But guy's i used that fix too and it worked for me but this Facebook script causes Possible Attack !!!

Can you check for us all Please.

<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_GB"></script><script type="text/javascript">FB.init("a707eb03c91f5dcaf6771d351177b05a");</script><fb:fan profile_id="191603651353" stream="" connections="10" width="300"></fb:fan><div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/apps/application.php?id=191603651353">The Moroccan Community Project on Facebook</a> </div>

Thank

I'd be happy to test this when RC1 is available.... until then, I don't see the point.

In any case, posting this kind of code should not be allowed by site members......However..... The posts of site admins should NOT be held to the same scrutiny as the members.  Site admins should be able to post whatever then damn well please, without any tags being stripped, and without any phpIDS.  I don't think Dolphin should be designed to protect site admins from themselves.  At the very least, there should be configuration options that allow admins to bypass all security checking.

Thanks Man , now am going to chill and wait too until RC come out , i just dont want to be disappointed if the RC hold the same Possible Attack !

We will wait .

Peace and give more bread ,

Eli.