[FIXED] [MAJOR] Ahead Exploit

[merlin]

Type in your browser

www.westhaven.uklinux.net/vmidnight/midnight_ahead.php?rowAhead=45&columnAhead=51

Where 45 and 51 can be replaced by anything!

JY this should really be

www.westhaven.uklinux.net/vmidnight/midnight_ahead.php?lordId=xx

With potentially the added the added direction variable

www.westhaven.uklinux.net/vmidnight/midnight_ahead.php?lordId=xx&direction=yy

But nothing more.

[sparrowhawk]

Modified:

I am checking for this exploit, but I appear to have missed some circumstances where it can occur. I'll change the code asap and upload the fix today, hopefully within the hour

[merlin]

I'm guessing it's now fixed?

[sparrowhawk]

Yes, just uploaded it and was quickly testing it live on one of my games.

Thanks for spotting it. Actually the fix was very simple since the row and columns ahead are actually available to the Ahead/Here page without having to pass them in (they weren't when I wrote the page though, hence the querystring. I forgot to change it).

I'm going to leave the actual querystring parameters for the moment as they have no effect, but the calling page has changed a lot so I don't want to amend 2 copies concurrently.

[merlin]

I was adding an ahead button to MU/CM and noticed the perams in the HTML when I was grabbing the .php address.

[sparrowhawk]

When you are happy that the bug is fixed, please amend the title to reflect this. thanks