If you need to apply 7.3.1 patch to older version, please use the following manual instructions.
Please note, that line numbers are for Dolphin 7.3.0, other versions could have different line numbers.
1. Changes in flash/modules/chat/inc/actions.inc.php file
a) Change the following (near ~121 line):
case 'RzSetBlocked': $sUser = isset($_REQUEST['user']) ? $_REQUEST['user'] : "";
to the following:
case 'RzSetBlocked': $sUser = isset($_REQUEST['user']) ? process_db_input($_REQUEST['user']) : "";
b) Change the following (near ~137 line):
case 'RayzSetMembershipSetting': $sKey = isset($_REQUEST['key']) ? $_REQUEST['key'] : ""; $sValue = isset($_REQUEST['value']) ? $_REQUEST['value'] : "";
to the following:
case 'RayzSetMembershipSetting': $sKey = isset($_REQUEST['key']) ? process_db_input($_REQUEST['key']) : ""; $sValue = isset($_REQUEST['value']) ? process_db_input($_REQUEST['value']) : "";
c) Change the following (near ~166 line):
$iCurrentTime = time(); $sSex = isset($_REQUEST['sex']) ? $_REQUEST['sex'] : "M"; $sAge = isset($_REQUEST['age']) ? $_REQUEST['age'] : "25";
to the following:
$iCurrentTime = time(); $sSex = isset($_REQUEST['sex']) ? process_db_input($_REQUEST['sex']) : "M"; $sAge = isset($_REQUEST['age']) ? process_db_input($_REQUEST['age']) : "25";
2. Changes in modules/boonex/ads/classes/BxAdsModule.php file
Change the following (near ~2366 line):
'sKeywordsStr' => $sKeywordsStr,
to the following:
'sKeywordsStr' => bx_html_attribute($sKeywordsStr),
3. Changes in modules/boonex/wall/classes/BxWallModule.php file
Change the following (near ~365 line):
function actionRss($sUsername) { $aOwner = $this->_oDb->getUser($sUsername, 'username');
to the following:
function actionRss($sUsername) { $aOwner = $this->_oDb->getUser(process_db_input($sUsername), 'username');