4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
May 25, 2018, 10:41:17 PM

Login with username, password and session length
Search:     Advanced search
Follow 4images on twitter: Click here to follow!
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Issues / Ausgaben
| |-+  Feedback & Suggestions (Moderator: Acidgod)
| | |-+  [FIX] - admin/validateimages.php
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Print
Author Topic: [FIX] - admin/validateimages.php  (Read 4419 times)
thunderstrike
4images Guru
*******
Offline Offline

Posts: 2327

Thank You
-Given: 0
-Receive: 10


View Profile
« on: September 08, 2007, 08:01:18 PM »

Detail: Check variable for right result.

Find:

Quote  [Expand]
$image_name = trim($HTTP_POST_VARS['image_name']);
  $image_description = trim($HTTP_POST_VARS['image_description']);

  $image_keywords = trim($HTTP_POST_VARS['image_keywords']);
  $image_keywords = preg_replace("/[\n\r]/is", " ", $image_keywords);
  $image_keywords = str_replace(","," ",$image_keywords);
  $image_keywords = ereg_replace("( ){2,}", " ", $image_keywords);

  $cat_id = intval($HTTP_POST_VARS['cat_id']);
  $user_id = (intval($HTTP_POST_VARS['user_id']) != 0) ? intval($HTTP_POST_VARS['user_id']) : $user_info['user_id'];

  $image_date = (trim($HTTP_POST_VARS['image_date']) != "") ? "UNIX_TIMESTAMP('".trim($HTTP_POST_VARS['image_date'])."')" : time();

  $remote_file = trim($HTTP_POST_VARS['remote_file']);
  $remote_thumb_file = trim($HTTP_POST_VARS['remote_thumb_file']);

  $old_file_name = trim($HTTP_POST_VARS['old_file_name']);
  $old_thumb_file_name = trim($HTTP_POST_VARS['old_thumb_file_name']);

  $image_download_url = trim($HTTP_POST_VARS['image_download_url']);

replace:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
$image_name = (isset($HTTP_POST_VARS['image_name'])) ? trim($HTTP_POST_VARS['image_name']) : "";
$image_name = preg_replace("/[^A-Za-z0-9_-]+/i", "", $image_name);
$image_description = (isset($HTTP_POST_VARS['image_description']) && preg_match("/[a-zA-Z0-9\.\,;:%&#@!\^-_~`\"'\[\]\{\}\*\/\?\(\)\n\r]/", $HTTP_POST_VARS['image_description'])) ? trim($HTTP_POST_VARS['image_description']) : "";

$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : 0;
$cat_id = preg_replace("[^0-9]+/i", "", $cat_id);
$user_id = (isset($HTTP_POST_VARS['user_id']) && intval($HTTP_POST_VARS['user_id']) != 0) ? intval($HTTP_POST_VARS['user_id']) : $user_info['user_id'];
$user_id = preg_replace("/[^0-9]+/i", "", $user_id);

$image_date = (isset($HTTP_POST_VARS['image_date']) && trim($HTTP_POST_VARS['image_date']) != "") ? "UNIX_TIMESTAMP('".trim($HTTP_POST_VARS['image_date'])."')" : time();

$remote_file = (isset($HTTP_POST_VARS['remote_file'])) ? trim($HTTP_POST_VARS['remote_file']) : "";
$remote_thumb_file = (isset($HTTP_POST_VARS['remote_thumb_file'])) ? trim($HTTP_POST_VARS['remote_thumb_file']) : "";

$old_file_name = (isset($HTTP_POST_VARS['old_file_name'])) ? trim($HTTP_POST_VARS['old_file_name']) : "";
$old_thumb_file_name = (isset($HTTP_POST_VARS['old_thumb_file_name'])) ? trim($HTTP_POST_VARS['old_thumb_file_name']) : "";

$image_download_url = (isset($HTTP_POST_VARS['image_download_url']) && preg_match('@^(?:http://)?([^/]+)@i', $HTTP_POST_VARS['image_download_url'])) ? trim($HTTP_POST_VARS['image_download_url']) : "";
« Last Edit: September 09, 2007, 04:49:21 AM by thunderstrike » Logged

8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
Mr_LovaLove
Full Member
***
Offline Offline

Posts: 233

Thank You
-Given: 1
-Receive: 0

Unkown


View Profile
« Reply #1 on: September 09, 2007, 12:03:01 AM »

and what does that do !!?


u mean ur code will validate any post or image that admin post ??
Logged

English Please :@
thunderstrike
4images Guru
*******
Offline Offline

Posts: 2327

Thank You
-Given: 0
-Receive: 10


View Profile
« Reply #2 on: September 09, 2007, 12:40:11 AM »

Better chek content.
Logged

8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
Pages: [1] Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.053 seconds with 19 queries.