You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
![[DBTech] DragonByte Shop](/data/resource_icons/2/2091.jpg?1613568986){kind=icon}
Add-ons [DBTech] DragonByte Shop 6.6.1
Register & Get access to index
- Author XenForo
- Creation date
Update highlights
This version resolves a potential server error when viewing certain pages (mostly administrative editing pages).
Furthermore, a PHP 8 compatibility issue has also been resolved.
Complete Change Log
Fix: Fix potential server errors when viewing certain pages
Fix: Fix server error when running on PHP 8
Update highlights
This version updates the Infinite Scroll library to reduce its size, thus reducing load time for first time visitors. Furthermore, a bug has been resolved with the Infinite Scroll integration where it would not work correctly when the item display style was set to "Grid" in the style properties.
Lastly, an issue has been resolved with the Create Forum item where it had not been updated for the changes in XenForo 2.2.
Complete Change Log
Change: Update Infinite Scroll library to reduce its file size
Fix: The "Create Forum" item was not fully updated for the changes in XF 2.2
Fix: Infinite Scroll would not work correctly when the item display style was set to Grid
Update highlights
- This version fixes an XSS issue affecting thread titles and post messages.
- Please see this thread for more information:
- An XSS security issue has been discovered affecting all versions of DragonByte Shop from v6.1.0 to v6.4.6. This issue is critical in nature and you should patch your site immediately. This affects XenForo 2.0, 2.1 and 2.2 versions.
- All affected versions of DragonByte Shop have been patched, so even if your license has expired or you cannot update for whatever, you can still login and download a fixed version of the version you're currently running.
- If you cannot login or download, you can open src/addons/DBTech/Shop/Listener.php and find:
- public static function templaterFilterRichThreadTitle(
- Replace its contents with:
Complete Change LogPHP:if (!$thread->thread_id || !$thread->User ) { return $value; } /** @var \DBTech\Shop\XF\Entity\User $user */ $user = $thread->User; $styleProps = []; /** @var \DBTech\Shop\Entity\Purchase[]|ArrayCollection $purchases */ $purchases = \XF::repository('DBTech\Shop:Purchase')->filterActivePurchasesForUser($user); foreach ($purchases as $purchase) { $handler = $purchase->handler; $handler->fire('thread_title_markup', [$thread, &$styleProps], $thread->thread_id); } if ($styleProps) { $escape = false; // Ensure we only add the span if needed return '<span style="' . implode('; ', $styleProps) . '">' . htmlspecialchars($value) . '</span>'; } return $value;
Fix: Fix a security issue affecting thread titles and post messages
