Hi mates, who know how to add custom pages in wowonder. Not through the admin panel. But something more customizable?
-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
WoWonder - The Ultimate PHP Social Network Platform v4.3.3 12-29-2023
- Thread starter patrocle
- Start date
Go to : assets/libraries/PHPMailer-Master/vendor/phpmailer/phpmailer/src/
And replace "PHPMailer.php" and "SMTP.php" with the attached files.
It fixed Mine, let me know if yours gets fixed
Hello everyone.
I have found a lot of complaints about wowonder vulnerability and a backdoor that is used to access users info on plateformes. Here are some suggestions that has been done by someone to improve. Can someone here help us do that or show how we can do that?
Here are some suggestions to improve the security and maintainability of the codebase:
1. Strengthen input validation and sanitization to prevent vulnerabilities like SQL injection and XSS.
2. Prefer prepared statements for database interactions to thwart SQL injection attacks.
3. Implement centralized authentication and authorization mechanisms for consistent access control.
4. Encapsulate access control logic for better code maintainability.
5. Minimize dynamic file inclusion based on user input and validate/sanitize inputs rigorously.
6. Enhance session management security by following best practices like rotating session IDs.
7. Implement comprehensive error handling to prevent information leakage and provide user-friendly error messages.
8. Review file system operations to prevent directory traversal attacks.
9. Conduct regular security audits and stay updated with security patches.
10. Consider implementing security headers and Content Security Policy (CSP) to mitigate client-side attacks.
These measures will enhance the overall security posture of the WoWonder application and improve user trust and satisfaction.
Best regards,
I have found a lot of complaints about wowonder vulnerability and a backdoor that is used to access users info on plateformes. Here are some suggestions that has been done by someone to improve. Can someone here help us do that or show how we can do that?
Here are some suggestions to improve the security and maintainability of the codebase:
1. Strengthen input validation and sanitization to prevent vulnerabilities like SQL injection and XSS.
2. Prefer prepared statements for database interactions to thwart SQL injection attacks.
3. Implement centralized authentication and authorization mechanisms for consistent access control.
4. Encapsulate access control logic for better code maintainability.
5. Minimize dynamic file inclusion based on user input and validate/sanitize inputs rigorously.
6. Enhance session management security by following best practices like rotating session IDs.
7. Implement comprehensive error handling to prevent information leakage and provide user-friendly error messages.
8. Review file system operations to prevent directory traversal attacks.
9. Conduct regular security audits and stay updated with security patches.
10. Consider implementing security headers and Content Security Policy (CSP) to mitigate client-side attacks.
These measures will enhance the overall security posture of the WoWonder application and improve user trust and satisfaction.
Best regards,
Hello, I accidentally deleted the administrator user, does anyone know how to recover it without having to reinstall everything again?
Have you tried doing a restore of SQL file?Damn I had the same issue once. Reinstallation is the only solution I guess
Backup copy on the hosting.
Last edited:
A backup conflicts with new published files and data stored on the server after the backup
True, but that's the minimum price to pay. The alternative is to reinstall and then there is no data.
There should be no conflicts if the hosting is normal. I used the backup myself without any problems if I needed it. The least that can happen is if there have been changes or updates on the site from copy to copy. In this case, a conflict may arise. I have copies made daily. If several days pass between copies, then it's up to you to either restore the administrator (abandoning the information that was added between copies), or reinstall the entire script, and in this case abandon EVERYTHING that was published.
Hello, I do not have backup copies on the server. In which table are the users, I was in phpmyadmin and I couldn't locate it
Exactly. Just as I wrote before. If there is an active site which functions on a daily basis, it is important to make sure to back up the database on a daily basis and then the damage of data loss is minimal.
Similar threads
