FILE: mainfile.php



in the line starting

if ((stristr($queryString,'%20union%20') ...

Add some conditionals towards the end

OR (stristr($queryString,'%2f%2a')) OR (stristr($queryString,'%2f*'))



In the line starting

if ((!isset($admin) OR (isset($admin) AND !is_admin($admin))) AND (stristr($postString,'%20union%20')) ...

Add towards the end

 OR (stristr($postString,'%2f%2a')) OR (stristr($postString_64,'%2f%2a')) OR (stristr($postString,'%2f*')) OR (stristr($postString_64,'%2f*'))