« on: September 08, 2007, 07:50:04 PM »
Detail: Check variable for right result.
Find:
$delcomments = intval($HTTP_POST_VARS['delcomments']);
$delimages = intval($HTTP_POST_VARS['delimages']);
replace:
$delcomments = (isset($HTTP_POST_VARS['delcomments'])) ? intval($HTTP_POST_VARS['delcomments']) : 0;
$delimages = (isset($HTTP_POST_VARS['delimages'])) ? intval($HTTP_POST_VARS['delimages']) : 0;
Find:
$user_ids = $HTTP_POST_VARS['deleteusers'];
replace:
$user_ids = intval($HTTP_POST_VARS['deleteusers']);
Action: Updateuser
find:
$user_id = (isset($HTTP_POST_VARS['user_id'])) ? intval($HTTP_POST_VARS['user_id']) : intval($HTTP_GET_VARS['user_id']);
$user_level = intval($HTTP_POST_VARS['user_level']);
$user_name = trim($HTTP_POST_VARS['user_name']);
$user_email = trim($HTTP_POST_VARS['user_email']);
$user_password = trim($HTTP_POST_VARS['user_password']);
$user_homepage = trim($HTTP_POST_VARS['user_homepage']);
$user_icq = (intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "";
$user_joindate = trim($HTTP_POST_VARS['user_joindate']);
$user_lastaction = trim($HTTP_POST_VARS['user_lastaction']);
$user_showemail = intval($HTTP_POST_VARS['user_showemail']);
$user_allowemails = intval($HTTP_POST_VARS['user_allowemails']);
$user_invisible = intval($HTTP_POST_VARS['user_invisible']);
replace:
$user_id = (isset($HTTP_POST_VARS['user_id'])) ? intval($HTTP_POST_VARS['user_id']) : intval($HTTP_GET_VARS['user_id']);
$user_id = preg_replace("/[^0-9]+/i", "", $user_id);
$user_level = (isset($HTTP_POST_VARS['user_level'])) ? intval($HTTP_POST_VARS['user_level']) : 0;
$user_level = preg_replace("/[^0-9]+/i", "", $user_level);
$user_name = (isset($HTTP_POST_VARS['user_name'])) ? trim($HTTP_POST_VARS['user_name']) : "";
$user_name = preg_replace("/[^A-Za-z0-9_-]+/i", "", $user_name);
$user_email = isset($HTTP_POST_VARS['user_email'])) ? trim($HTTP_POST_VARS['user_email']) : "";
if (isset($user_email)) {
if (function_exists('mailchek') && !function_exists('check_email') && mailchek($user_email, 2)) {
} elseif (function_exists('check_email') && !function_exists('mailchek') && check_email($user_email)) {
}
}
$user_password = (isset($HTTP_POST_VARS['user_password'])) ? trim($HTTP_POST_VARS['user_password']) : "";
$user_password = preg_replace("/[^A-Za-z0-9_-]+/i", "", $user_password);
$user_homepage = (isset($HTTP_POST_VARS['user_homepage']) && preg_match('@^(?:http|https://)?([^/]+)@i', $HTTP_POST_VARS['user_homepage'])) ? trim($HTTP_POST_VARS['user_homepage']) : "";
$user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : 0;
$user_icq = preg_replace("/[^0-9]+/i", "", $user_icq);
$user_joindate = (isset($HTTP_POST_VARS['user_joindate'])) ? trim($HTTP_POST_VARS['user_joindate']) : "";
$user_lastaction = (isset($HTTP_POST_VARS['user_lastaction'])) ? trim($HTTP_POST_VARS['user_lastaction']) : "";
$user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
$user_showemail = preg_replace("/[^0-9]+/i", "", $user_showemail);
$user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 0;
$user_allowemails = preg_replace("/[^0-9]+/i", "", $user_allowemails);
$user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;
$user_invisible = preg_replace("/[^0-9]+/i", "", $user_invisible);
Logged
8 steps need when ask question -
- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
