texmedia - Knowledge Base - The five questions posted most recently: PHP Million Pixel Script, Word Link Script - Knowledge Base from texmedia.de https://millionhelp.texmedia.de <![CDATA[Fixed: Million Pixel Script Cross-site scripting (XSS) vulnerability]]> header.php which allowed remote attackers to inject arbitrary web script or HTML via the "pa" parameter.

This problem has been fixed in the current code. All customers can download an updated version in their texmedia user account panel. In case of questions regarding that fix, just send us an email.

The fix can also easily be done manually by yourself by editing the file header.php with a simple text editor. The file is located in your main script directory of your million pixel script installation.

Just open the file header.php and search for the lines containing 
value="'.$_REQUEST['pa']

You will find 2 lines. Simply change these parts to the following: 

value="'.(int)$_REQUEST['pa']

(So, you just have to add "(int)" right before the $_REQUEST in both of these lines, thats all). Save the file after editing. The fix has been done by that. ]]> https://millionhelp.texmedia.de/index.php?action=artikel&cat=29&id=156&artlang=en Thu, 07 Jan 2010 19:13:31 GMT <![CDATA[Fatal error: Call to undefined function: imagecreatefrompng()]]> If this error happens (mostly in the pixel selection) your GD library is not up-to-date or not installed fully. To create and read PNG images, the GD library supports normally the function imagecreatefrompng(). If not, your GD library is not complete.

hand.jpgPlease ask your provider regarding this issue and ask him to add the PNG support to the GD library of PHP. He will do this. Afterwards, the error will not shown again.

See also:
What is the GD library?

]]> https://millionhelp.texmedia.de/index.php?action=artikel&cat=11&id=40&artlang=en Wed, 17 Jan 2007 13:50:49 GMT <![CDATA[How to add more subjects in the feedback form]]> If you want to add more subjects to the feedback form you can do this with the following steps:

  1. Login via FTP ftp.jpgand go to the directory open_thread.gif lang/en (ord lang/de for german) and open the file language.php with a normal text editor.
  2. Add at the end of the file a new line with a new line number which is unused (i.e. 80) and with your new subject as described now:

    $_SP[80] = "<br>Your new subject.";
  3. Save the file and do it in the same way in the other language files in the other language directories.
  4. Go to the main directory of your script and open the file feedback.php with a normal text editor.
  5. Add after the following line

    $betreff[3] = $_SP[59];

    a new line which reffers to the line you added in step 2

    $betreff[4] = $_SP[80];
  6. Save the file. Finish.

]]> https://millionhelp.texmedia.de/index.php?action=artikel&cat=16&id=80&artlang=en Tue, 04 Apr 2006 12:51:32 GMT