OSADS Alliance Database / News: Recent posts

OSADS 2.1 released

OSADS 2.1 got released.
This includes support for the new external tools: speinlesewidget and osadssidebar. A rankings parser was also added and many bugs got squashed.
There is no upgrade needed, just overwrite the old files. See INSTALL for more information.

Changelog OSADS 2.1
-------------------------------------
- fixed autofocus on parser
- added parse functionality for speinlesewidget and osadssidebar
- added parser for rankings
- made posts in shoutbox deletable for moderators
- fixed bug which caused deletion of players
- minor changes in stylesheet
- extended german help
- added gzip compression
- fixed enter-key on shoutbox
- fixed security problem
- code cleanup

Posted by Yggdrasil 2008-09-11

OSADS v2.0.2 released

OSADS v2.0.2 got released.
This is a bugfix release, only a shoutbox was added.

Changelog OSADS v2.0.2
-------------------------------------
- added shoutbox
- fixed search for inactive players
- fixed adding of sectors
- fixed display of sectors (rollback of function farbwahl in ./includes/functions.php)
- fixed password change

Posted by Yggdrasil 2008-04-22

OSADS v2.0.1 released

OSADS v2.0.1 is released.
This is a bugfix release no new features.

Changelog OSADS v2.0.1
-------------------------------------
- fixed search for planets in certain distance
- extracted some text into language files
- fixed search (fleet and research points)
- fixed set of new password in memberlist
- fixed sort in memberlist
- fixed graph in memberlist
- fixed firefox search for database
- fixed column order in configuration

Posted by Yggdrasil 2008-03-28

OSADS v2.0 release

Finaly version 2.0 is out.
It is a rewrite and not related to the 1.x releases.
It includes a major security fix to prevent sql injection. An upgrade from the second pre-release is also possible and highly recommended.

Changelog OSADS v2.0
-------------------------------------
- added cloak-and-dagger analysis (new parser "modules/einlesen_spio.php")
- added battle statistic (new table "abschuss" and parser "modules/einlesen_kb.php")
- changed all integer fields to unsigned integer
- added SP-id and quantity of planets to table "spieler"
- extended search
- major security fix to prevent sql injection
- added configuration of action points
- added table prefix

Posted by Yggdrasil 2008-03-22

Two new Security leaks in Osads

Now there are two new security leaks: One is about the URL-Param langfile, which allows you to access the whole filesystem(For Example /etc/passwd or /var/log) by typing in "index.php&langfile=/var/log". The other allows SQL-Injections, when magic_quotes_gpc is "Off".

First i could fix in Osads v2.0 and on the last i'm working

Posted by sebwan 2006-08-18

OSADS 1.4 released

Now OSADS 1.4 is out,
it is safer(the security leak has been closes) and now internationalable.

Here the changelog:
- ADD: Internationalisation
- REMOVE: Checking if the install-files exists
- CHANGE: When you type in a wrong Username or Password, you'll receave "Username and/or Password invalid!"
- BUGFIX: Security Leak to lock in HTML-Code fixed
- BUGFIX: Field Status defined as Integer, although used as Varchar
- BUGFIX: You can now type in "0" in the Fields Metal and Crystal at the Expansions of Ruins
- BUGFIX: When deleting a Board message, you'll receave "Delete board message?" instead of "Delete Assault?"

Posted by sebwan 2006-06-03

Security leak in OSADS

In OSADS was a security leak found. People can inject HTML code with bad code.

To close this leak, paste this code at line 32(between "if(!$_GET[offset]){ $_GET[offset]=0;};" and "session_start();"):

foreach($_POST as $key => $value){
$_POST[$key] = str_replace("<","&gt;",str_replace(">","&lt;",$value));
}
foreach($_GET as $key => $value){
$_GET[$key] = str_replace("<","&gt;",str_replace(">","&lt;",$value));
}

Posted by sebwan 2006-04-27

OSADS v1.3 released

Now OSADS v1.3 is out.

see Changelog for details

Posted by sebwan 2006-04-12

OSADS v1.2 released

Now OSADS v1.2 is out, it contains many new features.

Now the config.php bug has successfully been removed. And you can search through the coordinates of cloak-and-dagger reports now and can add links to external pages(they can be shown in a new window or IFrame) etc.

A full changelog you can see under file release :
https://sourceforge.net/project/showfiles.php?group_id=163285.

Posted by sebwan 2006-04-05

OSADS v1.1 small bugfix

One day after releasing OSADS v1.1 there has a bug appeard that was fixed very fast after upcoming.

The Bug was: For those who are using OSADS v1.1 without the standard Table-Prefix "ad_", they get "Table '***.ad_user' doesn't exist" when editing a member.

The problem is in line 269:
-> $sql = 'UPDATE `ad_user` SET';

It has to be canged to
-> $sql = 'UPDATE `'.$TBL_PREFIX.'user` SET';... read more

Posted by sebwan 2006-03-28

OSADS v1.1 released

Now OSADS v1.1 is out, there are these new features:
- More Possibilities with stylesheets
- Cloak-and-Dagger report page shows captured ressources by assault.
- Cloak-and-Dagger report are now imported by parser
- Sunsystem-Parser added
- Database for Enemies added
- Helppage updated

Posted by sebwan 2006-03-27

OSADS v1.0 released

OSADS is a free OpenSource Alliance database for the german Browsergame/MMOG SpacePioneers. It is written for Alliances that need a database to administrate their members, several reports and so on.It has got many useful functions like individual rights per member or an own definable design.

Now version 1.0 is out, the features are
- individual rights per member
- stylesheet based design
- several tables for t cloak-and-dagger reports, coordinates of the members ec.
- a board
- a help page
A full List is avaiable on : http://osads.sourceforge.net/index.php?page=1... read more

Posted by sebwan 2006-03-24