Author Topic: [FIX] - details.php file (for comments post)  (Read 20248 times)

0 Members and 1 Guest are viewing this topic.

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
[FIX] - details.php file (for comments post)
« on: November 03, 2007, 09:16:01 PM »
This check for valid post comment chars after submit.

In details.php file,

find:

Quote
if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
    $msg = $lang['comments_deactivated'];  
  }  
  else {
    $user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['user_name']));
    $comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
    $comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));

replace:

Code: [Select]
if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
    $msg = $lang['comments_deactivated'];
  
  } elseif (function_exists('check_post_comment_valid_chars') && !check_post_comment_valid_chars($HTTP_POST_VARS['comment_headline']) || !check_post_comment_valid_chars($HTTP_POST_VARS['comment_text'])) {
      redirect("details.php?image_id=" . $id);  
  }  
  else {
    $user_name = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['user_name']));
    $comment_headline = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['comment_headline']));
    $comment_text = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['comment_text']));

In member.php file,

find:

Quote
if ($action == "uploadimage") {
  if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
    show_error_page($lang['no_permission']);
    exit;
  }

add after:

Code: [Select]
if (function_exists('check_post_comment_valid_chars') && !check_post_comment_valid_chars($HTTP_POST_VARS['image_name']) || !check_post_comment_valid_chars($HTTP_POST_VARS['image_description'])) {
      redirect("categories.php?cat_id=" . $cat_id);
  }

In includes/functions.php file,

add before ?> :

Code: [Select]
if (!function_exists('check_post_comment_valid_chars')) {
   function check_post_comment_valid_chars($text) {
      return preg_match("/[a-zA-Z0-9\.\,;:%&#@!\^-_~`\"'\[\]\{\}\*\/\?\(\)\n\r]/", $text);
   }
}

If fail, is redirect to details page (with same image ID and for member - with same category id).
« Last Edit: August 27, 2011, 02:26:10 PM by thunderstrike »
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?

Offline Mr_LovaLove

  • Full Member
  • ***
  • Posts: 233
  • Unkown
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #1 on: January 05, 2008, 03:49:50 PM »
last step

is add after ??? or before O_o

and thanks
English Please :@

Offline nobby

  • 4images Guru
  • *******
  • Posts: 2.873
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #2 on: January 05, 2008, 03:59:23 PM »
Before ?>

Offline Mr_LovaLove

  • Full Member
  • ***
  • Posts: 233
  • Unkown
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #3 on: January 05, 2008, 04:06:23 PM »
thanks i know :P

but it must be changed :)

and thanks for ur post and ur nice replay :)
English Please :@

Offline nobby

  • 4images Guru
  • *******
  • Posts: 2.873
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #4 on: January 05, 2008, 04:17:21 PM »
thunderstrike, You have here a mistake. 
Quote
In includes/functions.php file,
 add after ?> :

Before ?> is Correct

nobby

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #5 on: January 05, 2008, 05:00:55 PM »
This is right. Post edit. ;)
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?

Offline Mr_LovaLove

  • Full Member
  • ***
  • Posts: 233
  • Unkown
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #6 on: January 05, 2008, 05:15:56 PM »
seems it works now !!!?!?

dont know what happen lol

thunder the if statement is wrong ( i mean IF )
Code: [Select]
ïf(!function_exists('check_post_comment_valid_chars')) {
   function check_post_comment_valid_chars($text) {
      return preg_match("/[a-zA-Z0-9\.\,;:%&#@!\^-_~`\"'\[\]\{\}\*\/\?\(\)\n\r]/", $text);
   }
}

ïf  (!function_exists('check_post_comment_valid_chars')) {
English Please :@

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #7 on: January 05, 2008, 05:16:48 PM »
@MrLovalove:?

I ... no get your post ... what is problem ? ...
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?

Offline Mr_LovaLove

  • Full Member
  • ***
  • Posts: 233
  • Unkown
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #8 on: January 05, 2008, 05:18:20 PM »
not big deal !!

its cleared on my last post

:)
English Please :@

Offline thunderstrike

  • 4images Guru
  • *******
  • Posts: 2.327
    • View Profile
Re: [FIX] - details.php file (for comments post)
« Reply #9 on: January 05, 2008, 05:20:02 PM »
 8O ... this is right ... so small  :mrgreen:

Post fix. ;)
8 steps need when ask question -

- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?