Advertisement:

Author Topic: main admin username and pw in public plaintext error  (Read 3178 times)

Offline jeremy_cct

  • Newbie
  • *
  • Posts: 2
main admin username and pw in public plaintext error
« on: May 10, 2017, 10:52:25 AM »
Not so much a bug since your documentation mentions that the forum only works with PHP 4 and 5, but this needs to be stated. I had a decent size forum running (~300 members) and the web host performed a PHP upgrade to version 7. This took the forum down. The problem is that in place of the forum was two lines of plaintext which contained the main admin username and password. That is major. Something which drops the forum should not reveal user credentials.

I would link to the page but to protect that info, I deleted the forum.

Offline Steve

  • Freak
  • Support Specialist
  • SMF Hero
  • *
  • Posts: 4,413
  • Gender: Male
  • I have not yet begun to procrastinate.
Re: main admin username and pw in public plaintext error
« Reply #1 on: May 10, 2017, 11:00:40 AM »
SMF currently does not support PHP 7. An upgrade to be released shortly will fix that.
Online Manual

Please do not PM me for support.

Offline Illori

  • Project Manager
  • SMF Master
  • *
  • Posts: 49,991
Re: main admin username and pw in public plaintext error
« Reply #2 on: May 10, 2017, 11:13:27 AM »
this has been reported before. https://www.simplemachines.org/community/index.php?topic=553582.0 it is not an SMF issue.

Offline Kindred

  • The Mean One
  • Support Specialist
  • SMF Legend
  • *
  • Posts: 57,237
  • Gender: Male
    • Kindred-999 on GitHub
Re: main admin username and pw in public plaintext error
« Reply #3 on: May 10, 2017, 12:40:46 PM »
It's a hint that you need to get a better host...
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

Offline jeremy_cct

  • Newbie
  • *
  • Posts: 2
Re: main admin username and pw in public plaintext error
« Reply #4 on: May 10, 2017, 01:02:45 PM »
Ahh, I see. Sorry, I had missed that other article. I am glad it isn't an issue with the forum at least. I pulled a backup of the files before removing it so maybe I can get it restored easy enough later.

As for the webhost, this domain is with siteground and they have been great about everything else so far. They have been contacted and are resolving this on their end.

Thank you for the fast response here.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 69,462
    • StoryBB/StoryBB on GitHub
Re: main admin username and pw in public plaintext error
« Reply #5 on: May 10, 2017, 01:09:36 PM »
Great other than updating your site without checking it was OK first?
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.