problems with firefox and maxcoderz

leofox · Post by **leofox** » Sat 15 Jan, 2005 10:08 am

Some of you may have already seen this in the comments of TVF (maybe there even already is a topic about this, but who cares), but i'll say it again here.

If i try to acces the maxcoderz forum with firefox, it gives me a download window for the index.php file, in stead of the forum.

Post by **tr1p1ea** » Sat 15 Jan, 2005 11:15 am

I had that same problem with my comp (both Opera and IE) But others at the same time didnt.

I was because joe was moving the files over the the other server ... all seems to be fine for me now though

.

CoBB · Post by **CoBB** » Sat 15 Jan, 2005 2:45 pm

This is correct behaviour when php is served as a source with the mime type application/x-httpd-php or anything that doesn't imply that it should be interpreted as html... So the server threw out the source instead of executing the script.

Post by **Dwedit** » Sat 15 Jan, 2005 3:33 pm

Did the board stop parsing php AGAIN?
Oh well, so much for security... Maybe just make a new .htaccess file.

shadowing · Post by **shadowing** » Sat 15 Jan, 2005 4:10 pm

I have no problems so far. The Maxcoderz and Firefox are running smoothy.

Post by **Kozak** » Sat 15 Jan, 2005 4:33 pm

Hmm, stuff like that could expose passwords. That's not cool.

CoBB · Post by **CoBB** » Sat 15 Jan, 2005 5:56 pm

No, unless the passwords are stored at a place reachable through HTTP. Seeing the source of an opensource forum engine isn't much of an advantage in itself, rather an annoyance for those who'd like to use it actually...

leofox · Post by **leofox** » Sat 15 Jan, 2005 5:57 pm

apparently it doesn't work when i directly acces the forum (using bookmarks), but when i click on the link on the maxcoderz.net page it does work.. weird.

Post by **Dwedit** » Sat 15 Jan, 2005 6:20 pm

Phpbb stores the mysql password in clear text inside config.php. I think someone needs to go make an .htaccess file to block that out in case the server stops parsing php.

Andy_J · Post by **Andy_J** » Sat 15 Jan, 2005 8:24 pm

Still, any sane forum stores user passwords as a one-way hash (such as MD5).

Post by **Dwedit** » Sun 16 Jan, 2005 4:23 am

User passwords are encrypted, but the password to access the database isn't.

Post by **sic** » Tue 18 Jan, 2005 5:22 am

If anyone is still experiencing this, please email me at joe.pemberton(at)gmail(dot)com.

Post by **tr1p1ea** » Sat 22 Jan, 2005 8:23 am

Also, the main site (www.MaxCoderz.com/.net ... whatever) is a long way off validating with wc3 ... thus some of the tables dont line up properly in Opera etc.

Post by **Kozak** » Sat 22 Jan, 2005 8:56 am

I know what you mean but I am not fluent enough with HTML to understand where the problems lays.

chronoflare · Post by **chronoflare** » Sun 23 Jan, 2005 10:25 pm

u kno the concept that the password to the database isnt encrypeted kinda worries me... man this world is filled with security holes