|
thunderstrike
|
 |
« on: November 03, 2007, 09:16:01 PM » |
|
This check for valid post comment chars after submit. In details.php file, find: if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
$msg = $lang['comments_deactivated'];
}
else {
$user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['user_name']));
$comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
$comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));
replace: 1
2
3
4
5
6
7
8
9
10
| if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
$msg = $lang['comments_deactivated'];
} elseif (function_exists('check_post_comment_valid_chars') && !check_post_comment_valid_chars($HTTP_POST_VARS['comment_headline']) || !check_post_comment_valid_chars($HTTP_POST_VARS['comment_text'])) {
redirect("details.php?image_id=" . $id);
}
else {
$user_name = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['user_name']));
$comment_headline = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['comment_headline']));
$comment_text = un_htmlspecialchars(trim((string)$HTTP_POST_VARS['comment_text']));
|
In member.php file, find: if ($action == "uploadimage") {
if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
show_error_page($lang['no_permission']);
exit;
}
add after: 1
2
3
| if (function_exists('check_post_comment_valid_chars') && !check_post_comment_valid_chars($HTTP_POST_VARS['image_name']) || !check_post_comment_valid_chars($HTTP_POST_VARS['image_description'])) {
redirect("categories.php?cat_id=" . $cat_id);
}
|
In includes/functions.php file, add before ?> : 1
2
3
4
5
| if (!function_exists('check_post_comment_valid_chars')) {
function check_post_comment_valid_chars($text) {
return preg_match("/[a-zA-Z0-9\.\,;:%&#@!\^-_~`\"'\[\]\{\}\*\/\?\(\)\n\r]/", $text);
}
}
|
If fail, is redirect to details page (with same image ID and for member - with same category id). |
|
|
|
|
« Last Edit: August 27, 2011, 02:26:10 PM by thunderstrike »
|
Logged
|
8 steps need when ask question -
- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
|
|
|
Mr_LovaLove
Full Member
 Offline
Posts: 233
Thank You
-Given: 1
-Receive: 0
Unkown
|
|
« Reply #1 on: January 05, 2008, 03:49:50 PM » |
|
last step
is add after ??? or before O_o
and thanks
|
|
|
|
|
|
Logged
|
English Please :@
|
|
|
|
nobby
|
|
« Reply #2 on: January 05, 2008, 03:59:23 PM » |
|
Before ?>
|
|
|
|
|
|
Logged
|
|
|
|
Mr_LovaLove
Full Member
Offline
Posts: 233
Thank You
-Given: 1
-Receive: 0
Unkown
|
|
« Reply #3 on: January 05, 2008, 04:06:23 PM » |
|
thanks i know  but it must be changed  and thanks for ur post and ur nice replay |
|
|
|
|
|
Logged
|
English Please :@
|
|
|
|
nobby
|
|
« Reply #4 on: January 05, 2008, 04:17:21 PM » |
|
thunderstrike, You have here a mistake. In includes/functions.php file,
add after ?> : Before ?> is Correct nobby |
|
|
|
|
|
Logged
|
|
|
|
|
thunderstrike
|
|
« Reply #5 on: January 05, 2008, 05:00:55 PM » |
|
This is right. Post edit.  |
|
|
|
|
|
Logged
|
8 steps need when ask question -
- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
|
|
|
Mr_LovaLove
Full Member
Offline
Posts: 233
Thank You
-Given: 1
-Receive: 0
Unkown
|
|
« Reply #6 on: January 05, 2008, 05:15:56 PM » |
|
seems it works now !!!?!? dont know what happen lol thunder the if statement is wrong ( i mean IF ) 1
2
3
4
5
| ïf(!function_exists('check_post_comment_valid_chars')) {
function check_post_comment_valid_chars($text) {
return preg_match("/[a-zA-Z0-9\.\,;:%&#@!\^-_~`\"'\[\]\{\}\*\/\?\(\)\n\r]/", $text);
}
} |
(!function_exists('check_post_comment_valid_chars')) { |
|
|
|
|
|
Logged
|
English Please :@
|
|
|
|
thunderstrike
|
|
« Reply #7 on: January 05, 2008, 05:16:48 PM » |
|
@MrLovalove:?
I ... no get your post ... what is problem ? ...
|
|
|
|
|
|
Logged
|
8 steps need when ask question -
- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
|
|
|
Mr_LovaLove
Full Member
Offline
Posts: 233
Thank You
-Given: 1
-Receive: 0
Unkown
|
|
« Reply #8 on: January 05, 2008, 05:18:20 PM » |
|
not big deal !! its cleared on my last post |
|
|
|
|
|
Logged
|
English Please :@
|
|
|
|
thunderstrike
|
|
« Reply #9 on: January 05, 2008, 05:20:02 PM » |
|
 ... this is right ... so small  Post fix.
|
|
|
|
|
|
Logged
|
8 steps need when ask question -
- PHP version (ACP - > phpinfo())
- mySQL version (ACP - > phpinfo())
- 4images version
- Post screenshot / URL
- Post code in BB Code (no need full file for code) or post attach file
- It doesn't work. What is say - what is do for no work
- Install MOD ? If so - please say (troubleshooting)
- Read FAQ ? Install Bug fixes ?
|
|
|
|
Author