Read anyones mail BUG and FIX

**lodlock** · 10-09-2006

Hey there, just like before with the gallery bugs here is a quick fix for mail. First off, in any unfixed version of dolphin and probably AE you will be able to read anyones mail by simply changing the url to the mail id.

Such as, if MY message is:
http://website.com/messages_outbox.php?message=20
or
http://website.com/messages_inbox.php?message=20

All you have to do is change the '20' to a different message number and viola you get to read that message. A rough fix for this is simple enough. One line of code.

In messages_outbox.php look for:

Code:

function PageCompPageMainCode()
{
        global  $site;


        $messageID      = ((int)$_GET['message']);
        $memberID       = ((int)$_COOKIE['memberID']);
        $sender_sql     = "SELECT `Recipient` FROM `Messages` WHERE `Sender` = '$memberID' AND `ID` = '$messageID'";
        $sender_arr     = db_arr( $sender_sql );
        $senderID       = $sender_arr['Recipient'];

        $message_sql= "SELECT m.`Text`, m.`Subject`, DATE_FORMAT( m.`Date`, '%Y-%m-%d' ) AS `Date`, p.Status FROM `Messages` AS m LEFT JOIN Profiles AS p ON m.Recipient = p.ID WHERE m.`ID` = '$messageID'";

And change the end of it to:

Code:

$message_sql= "SELECT m.`Text`, m.`Subject`, DATE_FORMAT( m.`Date`, '%Y-%m-%d' ) AS `Date`, p.Status FROM `Messages` AS m LEFT JOIN Profiles AS p ON m.Recipient = p.ID WHERE m.`ID` = '$messageID' AND `Sender` = '$memberID'";

This problem also occurs in messages_inbox.php so open that up and look for:

Code:

function PageCompPageMainCode()
{
        global  $site;


        $messageID      = (int)$_GET['message'];
        $memberID       = (int)$_COOKIE['memberID'];
        $sender_sql     = "SELECT `Sender` FROM `Messages` WHERE `Recipient` = '$memberID' AND `ID` = '$messageID'";
        $sender_arr     = db_arr( $sender_sql );
        $senderID       = (int)$sender_arr['Sender'];

        $message_sql= "SELECT m.`Text`, m.`Subject`, DATE_FORMAT( m.`Date`, '%Y-%m-%d' ) AS `Date`, p.Status FROM `Messages` AS m LEFT JOIN Profiles AS p ON m.Sender = p.ID  WHERE m.`ID` = '$messageID'";

And change the end of it to:

Code:

$message_sql= "SELECT m.`Text`, m.`Subject`, DATE_FORMAT( m.`Date`, '%Y-%m-%d' ) AS `Date`, p.Status FROM `Messages` AS m LEFT JOIN Profiles AS p ON m.Recipient = p.ID WHERE m.`ID` = '$messageID' AND `Recipient` = '$memberID'";

That doesn't slap their hands for trying or anything but will at least give them a blank message versus being able to read the message. This should be a nice simplistic fix for you all.

-Lodlock

**Smoge** · 10-09-2006

Well - isn't that just dandy!

Good catch - and thanks for posting a fix.

Smoge

**lodlock** · 10-09-2006

sure thing

**Smoge** · 10-14-2006

Hi,

I just checked this in Dolphin v5.2 (Patch 1) and it exists.

Smoge

outlander · 10-14-2006

Well, just out of curiosity....would this issue exist in AE 4.1 IQ 0000?

**Smoge** · 10-14-2006

I did not have time to check or look at the code yet... perhaps you can give it a try on your system and give us a heads up?

Smoge

lisamac · 10-14-2006

Holy shit. Thank you. Does Boonex know about this? I haven't heard from THEM about it...

**Smoge** · 10-14-2006

Originally Posted by lisamac

Holy shit. Thank you. Does Boonex know about this? I haven't heard from THEM about it...

They don't notify people of issues. This is true today, and all the way back into the aeDating tree (aeWebWorks).

It is something we have been doing here on ModMySite for more than a year now - sending out notifies of important issues / bugs.

There is a long story behind this - I don't want to cloud this thread with the discussion of it... but in a nutshell - I have tried to communicate with them before about such things - and nothing happens except for them to get angry and threaten me. This was very true with the news.php hack last year where it was possible to get the admin panel password.

I try to be responsible with such issues - and if I see someone post a hack with no fix - it is removed until the fix is coded. And at such time, the notify email is sent. This appears to be the best way to handle such issues.

Smoge

**Smoge** · 10-14-2006

Originally Posted by lisamac

Holy shit. Thank you. Does Boonex know about this? I haven't heard from THEM about it...

No problem - thanks accepted for the notify email about this.

But also please direct thanks to odlock for finding it and posting a fix.

It's users like lodlock who share things and code that make ModMySite what it is (whatever that may be, LOL!).

Smoge

lisamac · 10-14-2006

Originally Posted by Smoge

I try to be responsible with such issues

That's awesome. You have one heck of a service here. Please never stop.

If I had just stayed on the 'other' forum only I wouldn't be half as far with this product. I think we should all team up, write one from scratch that's standards compliant (PLEASE, oh pretty please), release it as an open source product (as opposed to "FREE") and hook people up without all this closed code 'where is that dam line hiding' crap... </rant>

Thread: Read anyones mail BUG and FIX

LinkBack

Thread Tools

Display

Read anyones mail BUG and FIX

Thread Information

Users Browsing this Thread

Similar Threads

Sending Mail - Blocks - Lots Of Mail

Pay to Send, Pay to Read?

Okay, this is getting ridiculous (PLEASE READ)

Filter mail mod- i.e. to allow members to decide who they want to receive mail from

Mail & messeges going to mail cleint's bulk

Bookmarks

Bookmarks

Posting Permissions