4images Forum & Community
4images Modifications / Modifikationen => Mods & Plugins (Releases & Support) => Topic started by: T on January 30, 2006, 08:03:23 PM
-
Hallo,
ich habe für die 4images Galerie 1.7.1 ein Sicherheitscode - Script geschrieben, welches gegen Spam durch Bots o.ä. wirken soll.
Hierbei muss man ein Bild mit 4-6 Zahlen abtippen und der Kommentar wird nur beim richtigen abtippen gepostet.
Download am Ende des Postings; Fragen und Support per E-Mail.
#######
Hello,
I wrote an safety or secure code - script for 4images gallery 1.7.1. The script should stop spam e.g. through bots.
Usage: You must copy a pircture with 4-6 characters (numbers). When you copied it right, your command will be posted. Otherwise, your comment will be deleted.
download at the bottom of this posting; questions and support via e-mail.
Sorry for my bad english.
#######
EDIT: Fehler in der Datei sicherheit.php behoben. / Error in sicherheit.php fixed.
-
Looks like a very interesting MOD I might say. ;)
-
Hi,
irgendwie interessant aber ich habe bisher noch keine Spam Einträge gehabt. Weder von Bots noch von anderen Leuten. Liegt aber wohl eher da dran das bei mir nur registrierte User Kommentare schreiben dürfen.
Aber auch wenn nicht, mich persönlich würde das ein wenig nerven wenn ich bei jedem Kommentar den ich schreibe einen Code eingeben muss.
Bitte nicht persönlich nehmen, ist nur meine Meinung.
-
Hallo gheelho,
... danke für die Veröffentlichung des MODs ... !
... folgendes Problem habe ich jedoch mit der Installation ...
... die sicherheit.php erzeugt bei mir nur das Hintergrundbild mit den Linien jedoch ohne Zahlencode ... ?
... konnte von daher auch die weitere Funktionalität nicht prüfen ...
... habe mal einen Bilck in die sicherheit.php getan ...
... Zeile 32 : $text_width = $font_width * strlen($zahl); ...
... $font_width ... ist nicht definiert ... ?
... Zeile 35 : ImageString($pic, 6, $pic_center_x, $pic_center_y, $RandInt, $text); ...
... $RandInt ... ist nicht definiert ... ?
... für mich einige Ungereimtheiten ... kannst du die ganze sicherheit.php nochmals checken ... !
danke mawenzi
-
Hallo gheelho,
1. Der MOD funktioniert auch unter Version 1.7 ... !
2. in der sicherheit.php müssen m.E. folgende Änderungen vorgenommen werden :
- die Zeile 32 sollte so aussehen :
$text_width = $text_width * strlen($zahl);
- die Zeile 35 sollte so aussehen :
ImageString($pic, 6, $pic_center_x, $pic_center_y, $zahl, $text);
3. dann klappt es auch mit der Anzeige des Zahlencods ... und dem Kommentar-Posting !
nochmals danke mawenzi
-
Hi,
irgendwie interessant aber ich habe bisher noch keine Spam Einträge gehabt. Weder von Bots noch von anderen Leuten. Liegt aber wohl eher da dran das bei mir nur registrierte User Kommentare schreiben dürfen.
Aber auch wenn nicht, mich persönlich würde das ein wenig nerven wenn ich bei jedem Kommentar den ich schreibe einen Code eingeben muss.
Bitte nicht persönlich nehmen, ist nur meine Meinung.
Ja, aber ich habe den Code auf Wunsch gemacht, da ein User das Posten durch Gäste nicht abschalten wollte.Hallo gheelho,
... danke für die Veröffentlichung des MODs ... !
... folgendes Problem habe ich jedoch mit der Installation ...
... die sicherheit.php erzeugt bei mir nur das Hintergrundbild mit den Linien jedoch ohne Zahlencode ... ?
... konnte von daher auch die weitere Funktionalität nicht prüfen ...
... habe mal einen Bilck in die sicherheit.php getan ...
... Zeile 32 : $text_width = $font_width * strlen($zahl); ...
... $font_width ... ist nicht definiert ... ?
... Zeile 35 : ImageString($pic, 6, $pic_center_x, $pic_center_y, $RandInt, $text); ...
... $RandInt ... ist nicht definiert ... ?
... für mich einige Ungereimtheiten ... kannst du die ganze sicherheit.php nochmals checken ... !
danke mawenzi
Habe die Sicherheit.php gefixed. Eine neue Version ist nun downloadbar.
-
I have one question for this MOD (if you don't mind). Does this restriction also applys from URL ? ;)
-
@ gheelho,
da jetzt alles funktioniert (selbst getestet) und die downloadbare sicherheit.php aktualisiert ist, habe ich das Thema in das Forum Mods & Plugins (Publishing & Support) verschoben !
danke mawenzi
-
I have one question for this MOD (if you don't mind). Does this restriction also applys from URL ? ;)
Sorry, but I don't understand what you're talking about. Can you give me an example?
-
I have one question for this MOD (if you don't mind). Does this restriction also applys from URL ? ;)
Sorry, but I don't understand what you're talking about. Can you give me an example?
For instance, does this block :
/* ## Safety script ## */
mt_srand((double)microtime()*1000000);
$comment_sicherheit = mt_rand(000001,999999);
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
/* ## Safety script ## */
also prevents the usage of random image IDs over the URL bar ? ;)
-
Nice mod, I use that for my guestbook :wink:
-
Nice mod, I use that for my guestbook :wink:
Hi thats great, can you say me what i must do to have this for the guestbook?? I have many Spam entrys in it. I use this guestbook
[MOD] guestbook (http://www.4homepages.de/forum/index.php?topic=7409.0)
-
Open templates/xxxxxx/guestbook_form.html
find:
<tr>
<td width="90" valign="top"> </td>
<td>{bbcode}</td>
</tr>
add after:
<tr>
<td width="90" valign="top"><b>{comment_secure_scode}</b><br />{comment_secure_pleasecopy}</td>
<td><input type="text" name="sicherheit_code" size="15" class="commentinput" /> <img src="sicherheit.php?z={comment_sicherheit}" alt="{comment_secure_scode}" title="{comment_secure_pleasecopy}" /></td>
</tr>
find:
<input type="hidden" name="action" value="postcomment" />
Add after:
<input type="hidden" name="sicherheit_dec" value="{comment_sicherheit}" />
Open guestbook.php
find:
if ($config['guestbook_view'] != 1) {
header("Location: ".$site_sess->url(ROOT_PATH."index.php"));
exit;
}
add after:
/* ## Safety script ## */
mt_srand((double)microtime()*1000000);
$comment_sicherheit = mt_rand(000001,999999);
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
/* ## Safety script ## */
find:
if ($comment_user_name == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
$error = 1;
}
add after:
if (($sicherheit_code == "") || ($sicherheit_code != str_replace('´|´', '=', base64_decode(base64_decode($sicherheit_dec))) )) {
$msg .= (($msg != "") ? "<br />" : "").$lang['secure_required'];
$error = 1;
}
find:
"comment_user_name" => $comment_user_name,
add after:
"comment_sicherheit" => $comment_sicherheit,
"comment_secure_scode" => $lang['comment_secure_scode'],
"comment_secure_pleasecopy" => $lang['comment_secure_pleasecopy'],
and change all your (lang/xxxxxx/main.php) see original post
DEMO (http://www.myanimalsworld.com/sk/guestbook.php)
-
hhmm, have i forget something???
I can sign the guestbook without the security code.
No error message, nothing. i can sign in. You can test ist here -> http://www.terraristik-galerie.de/guestbook.php
-
Hi,
i have search but found no error :( Can anyone look at my guestbook.php??? I can sign in my guestbook without a code
<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: guestbook.php *
* Copyright: (C) 2002 Jan Sorgalla *
* Email: jan@4homepages.de *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz- *
* bedingungen (Lizenz.txt) f?r weitere Informationen. *
* --------------------------------------------------------------- *
* This script is NOT freeware! Please read the Copyright Notice *
* (Licence.txt) for further information. *
* *
*************************************************************************/
$main_template = 'guestbook';
define('GET_CACHES', 1);
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
include(ROOT_PATH.'includes/page_header.php');
if ($config['guestbook_view'] != 1) {
header("Location: ".$site_sess->url(ROOT_PATH."index.php"));
exit;
}
/* ## Safety script ## */
mt_srand((double)microtime()*1000000);
$comment_sicherheit = mt_rand(000001,999999);
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
/* ## Safety script ## */
if ($action == "") {
$action = "showcomments";
}
if (isset($HTTP_GET_VARS[URL_COMMENT_ID]) || isset($HTTP_POST_VARS[URL_COMMENT_ID])) {
$comment_id = (isset($HTTP_GET_VARS[URL_COMMENT_ID])) ? intval($HTTP_GET_VARS[URL_COMMENT_ID]) : intval($HTTP_POST_VARS[URL_COMMENT_ID]);
}
else {
$comment_id = 0;
}
if ($action == "deletecomment") {
if (!$comment_id || ($config['user_delete_guestbook'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT comment_id, comment_ip
FROM ".GUESTBOOK_TABLE."
WHERE comment_id = $comment_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || ($comment_row['comment_ip'] != $session_info['session_ip'] && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$txt_clickstream = $lang['comment_delete'];
$sql = "DELETE FROM ".GUESTBOOK_TABLE."
WHERE comment_id = $comment_id";
$result = $site_db->query($sql);
$msg = ($result) ? $lang['comment_delete_success'] : $lang['comment_delete_error'];
}
if ($action == "removecomment") {
if (!$comment_id || ($config['user_delete_guestbook'] != 1 && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT comment_id, user_name AS comment_user_name, comment_site, comment_text, comment_ip
FROM ".GUESTBOOK_TABLE."
WHERE comment_id = $comment_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || ($comment_row['comment_ip'] != $session_info['session_ip'] && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$txt_clickstream = $lang['comment_delete'];
$comment_user_name = $comment_row['comment_user_name'];
$site_template->register_vars(array(
"comment_id" => $comment_id,
"comment_user_name" => htmlspecialchars($comment_user_name),
"comment_site" => format_text($comment_row['comment_site'], 0, $config['wordwrap_comments'], 0, 0),
"comment_text" => format_text($comment_row['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
"lang_delete_comment" => $lang['comment_delete'],
"lang_delete_comment_confirm" => $lang['comment_delete_confirm'],
"lang_name" => $lang['name'],
"lang_site" => $lang['site'],
"lang_comment" => $lang['comment'],
"lang_submit" => $lang['submit'],
"lang_reset" => $lang['reset'],
"lang_yes" => $lang['yes'],
"lang_no" => $lang['no']
));
$contents = $site_template->parse_template("guestbook_deletecomment");
}
if ($action == "updatecomment") {
if (!$comment_id || ($config['user_edit_guestbook'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT comment_id, comment_ip
FROM ".GUESTBOOK_TABLE."
WHERE comment_id = $comment_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || ($comment_row['comment_ip'] != $session_info['session_ip'] && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$txt_clickstream = $lang['comment_edit'];
$error = 0;
$comment_site = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_site']));
$comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));
$comment_user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_user_name']));
if ($comment_user_name == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
$error = 1;
}
elseif ($site_db->not_empty("SELECT user_name FROM ".
GUESTBOOK_TABLE.
" WHERE user_name= '".strtolower($comment_user_name)."' AND comment_date > ".(time()-60 * 60 * 24))) {
$msg .= (($msg != "") ? "<br />" : "").$lang['username_exists'];
$error = 1;
}
if ($comment_text == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['comment_required'];
$error = 1;
}
if (!$error) {
if ($comment_site =="http://") {
$comment_site = "";
}
if (($sicherheit_code == "") || ($sicherheit_code != str_replace('´|´', '=', base64_decode(base64_decode($sicherheit_dec))) )) {
$msg .= (($msg != "") ? "<br />" : "").$lang['secure_required'];
$error = 1;
}
//-----------------------------------------------------
// Start Emailer for guestbook
//-----------------------------------------------------
if (!empty($config['guestbook_manager'])) {
$current_time = time();
include_once(ROOT_PATH.'includes/email.php');
$site_email = new Email();
$site_email->set_to($config['guestbook_manager']);
$site_email->set_from($config['site_email'], $config['site_name']);
$site_email->set_subject("Guestbook Edited");
$site_email->register_vars(array(
"recipient_name" => "GuestBook Manager",
"comment_date" => format_date($config['date_format']." ".$config['time_format'], $current_time),
"comment_username" => $comment_user_name,
"comment_text" => $comment_text,
"comment_site" => $comment_site,
"site_name" => $config['site_name'],
"user_country" => $user_country
));
$site_email->set_body("guestbook_email", $config['language_dir']);
$site_email->send_email();
}
//--end emailer
$sql = "UPDATE ".GUESTBOOK_TABLE."
SET comment_site = '$comment_site', comment_text = '$comment_text', user_name= '$comment_user_name'
WHERE comment_id = $comment_id";
$result = $site_db->query($sql);
$msg = ($result) ? $lang['comment_edit_success'] : $lang['comment_edit_error'];
} else {
$action = "editcomment";
$sendprocess = 1;
}
}
if ($action == "editcomment") {
if (!$comment_id || ($config['user_edit_guestbook'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT comment_id, user_name AS comment_user_name, comment_site, comment_text, comment_ip
FROM ".GUESTBOOK_TABLE."
WHERE comment_id = $comment_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || ($comment_row['comment_ip'] != $session_info['session_ip'] && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$txt_clickstream = $lang['comment_edit'];
$comment_site = (isset($HTTP_POST_VARS['comment_site'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_site']))) : (empty($comment_row['comment_site']) ? "http://" : $comment_row['comment_site']);
$comment_text = (isset($HTTP_POST_VARS['comment_text'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_text']))) : $comment_row['comment_text'];
$comment_user_name = (isset($HTTP_POST_VARS['comment_user_name'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_user_name']))) : $comment_row['comment_user_name'];
$bbcode = "";
if ($config['bb_comments'] == 1) {
$site_template->register_vars(array(
"lang_bbcode" => $lang['bbcode'],
"smiles_text" => get_smiles_text(),
"lang_tag_prompt" => $lang['tag_prompt'],
"lang_link_text_prompt" => $lang['link_text_prompt'],
"lang_link_url_prompt" => $lang['link_url_prompt'],
"lang_link_email_prompt" => $lang['link_email_prompt'],
"lang_list_type_prompt" => $lang['list_type_prompt'],
"lang_list_item_prompt" => $lang['list_item_prompt']
));
$bbcode = $site_template->parse_template("bbcode");
}
$site_template->register_vars(array(
"bbcode" => $bbcode,
"comment_id" => $comment_id,
"comment_user_name" => htmlspecialchars($comment_user_name),
"comment_site" => htmlspecialchars($comment_site),
"comment_text" => htmlspecialchars($comment_text),
"lang_edit_comment" => $lang['comment_edit'],
"lang_name" => $lang['name'],
"lang_site" => $lang['site'],
"lang_comment" => $lang['comment'],
"lang_submit" => $lang['submit'],
"lang_reset" => $lang['reset'],
"lang_yes" => $lang['yes'],
"lang_no" => $lang['no'],
));
$contents = $site_template->parse_template("guestbook_editcomment");
}
//-----------------------------------------------------
//--- Save Comment ------------------------------------
//-----------------------------------------------------
$error = 0;
if ($action == "postcomment" && $config['guestbook_post'] == 1) {
$comment_user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_user_name']));
$comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));
$comment_site = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_site']));
// Flood Check
$sql = "SELECT comment_ip, comment_date
FROM ".GUESTBOOK_TABLE."
WHERE comment_ip = '".$session_info['session_ip']."'
ORDER BY comment_date DESC
LIMIT 1";
$spam_row = $site_db->query_firstrow($sql);
$spamtime = $spam_row['comment_date'] + 360;
if (time() <= $spamtime && $user_info['user_level'] != ADMIN) {
$msg .= (($msg != "") ? "<br />" : "").$lang['spamming'];
$error = 1;
}
if ($comment_user_name == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
$error = 1;
} elseif ($site_db->not_empty("SELECT user_name FROM ".
GUESTBOOK_TABLE.
" WHERE user_name= '".strtolower($comment_user_name)."' AND comment_date > ".(time()-60 * 60 * 24))) {
$msg .= (($msg != "") ? "<br />" : "").$lang['username_exists'];
$error = 1;
}
if ($comment_text == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['comment_required'];
$error = 1;
}
if (!$error) {
if ($comment_site =="http://") {
$comment_site = "";
}
//-----------------------------------------------------
// Start Emailer for guestbook
//-----------------------------------------------------
if (!empty($config['guestbook_manager'])) {
$current_time = time();
include_once(ROOT_PATH.'includes/email.php');
$site_email = new Email();
$site_email->set_to($config['guestbook_manager']);
$site_email->set_from($config['site_email'], $config['site_name']);
$site_email->set_subject("Guestbook Signed");
$site_email->register_vars(array(
"recipient_name" => "GuestBook Manager",
"comment_date" => format_date($config['date_format']." ".$config['time_format'], $current_time),
"comment_username" => $comment_user_name,
"comment_text" => $comment_text,
"comment_site" => $comment_site,
"site_name" => $config['site_name'],
"user_country" => $user_country
));
$site_email->set_body("guestbook_email", $config['language_dir']);
$site_email->send_email();
}
//--end emailer
$sql = "INSERT INTO ".GUESTBOOK_TABLE."
(user_name, comment_site, comment_text, comment_ip, comment_date)
VALUES
('$comment_user_name', '$comment_site', '$comment_text', '".$session_info['session_ip']."', ".time().")";
$site_db->query($sql);
}
unset($spam_row);
}
//-----------------------------------------------------
//---Show Guestbook Comments---------------------------
//-----------------------------------------------------
if (($action == "showcomments" || $action == "postcomment" ) && $config['guestbook_view'] == 1) {
if (isset($HTTP_POST_VARS['commentsetperpage']) || isset($HTTP_GET_VARS['commentsetperpage'])) {
$commentsetperpage = (intval($HTTP_POST_VARS['commentsetperpage']) ) ? intval($HTTP_POST_VARS['commentsetperpage']) : intval($HTTP_GET_VARS['commentsetperpage']);
if ($commentsetperpage) {
$site_sess->set_session_var("commentperpage", $commentsetperpage);
$session_info['commentperpage'] = $commentsetperpage;
}
}
if (isset($session_info['commentperpage'])) {
$commentperpage = $session_info['commentperpage'];
} else {
$commentperpage = 8;
}
$sql = "SELECT COUNT(user_name) AS comments
FROM ".GUESTBOOK_TABLE;
$result = $site_db->query_firstrow($sql);
$num_comments = $result['comments'];
$site_db->free_result();
$num_rows_all = (isset($num_comments)) ? $num_comments : 0;
$link_arg = $site_sess->url(ROOT_PATH."guestbook.php");
include_once(ROOT_PATH.'includes/paging.php');
$getpaging = new Paging($page, $commentperpage, $num_rows_all, $link_arg);
$offset = $getpaging->get_offset();
$site_template->register_vars(array(
"paging" => $getpaging->get_paging(),
"paging_stats" => $getpaging->get_paging_stats()
));
$sql = "SELECT comment_id, user_name AS comment_user_name, comment_site, comment_text, comment_ip, comment_date
FROM ".GUESTBOOK_TABLE."
ORDER BY comment_date DESC
LIMIT $offset, $commentperpage";
$result = $site_db->query($sql);
$comment_row = array();
while ($row = $site_db->fetch_array($result)) {
$comment_row[] = $row;
}
$site_db->free_result($result);
$num_comments = sizeof($comment_row);
$comments = "";
$site_template->register_vars(array(
"lang_guest_from" => $lang['guest_from'],
"lang_guest_site" => $lang['guest_site']
));
if ($num_comments) {
$bgcounter = 0;
for ($i = 0; $i < $num_comments; $i++) {
$row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;
$comment_user_name = htmlspecialchars($comment_row[$i]['comment_user_name']);
$comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";
$admin_links = "";
if ($user_info['user_level'] == ADMIN) {
$admin_links .= "<a href=\"".
$site_sess->url(ROOT_PATH."guestbook.php?action=editcomment&comment_id=".
$comment_row[$i]['comment_id']).
"\" target=\"admin_edit\">".$lang['edit']."</a> ";
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."guestbook.php?action=removecomment&comment_id=".$comment_row[$i]['comment_id'])."\" target=\"admin_edit\">".$lang['delete']."</a>";
} elseif ($comment_row[$i]['comment_ip'] == $session_info['session_ip']) { // if ip equals, permit to edit
$admin_links .= ($config['user_edit_guestbook'] != 1) ? "" :
"<a href=\"".$site_sess->url(ROOT_PATH."guestbook.php?action=editcomment&comment_id=".$comment_row[$i]['comment_id'])."\" target=\"admin_edit\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_guestbook'] != 1) ? "" :
"<a href=\"".$site_sess->url(ROOT_PATH."guestbook.php?action=removecomment&comment_id=".$comment_row[$i]['comment_id'])."\" target=\"admin_edit\">".$lang['delete']."</a>";
}
$site_template->register_vars(array(
"comment_id" => $comment_row[$i]['comment_id'],
"comment_user_name" => $comment_user_name,
"comment_sicherheit" => $comment_sicherheit,
"comment_secure_scode" => $lang['comment_secure_scode'],
"comment_secure_pleasecopy" => $lang['comment_secure_pleasecopy'],
"comment_user_ip" => $comment_user_ip,
"comment_site" => format_text($comment_row[$i]['comment_site'], 0, $config['wordwrap_comments'], 0, 0),
"comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
"comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
"row_bg_number" => $row_bg_number,
"admin_links" => $admin_links,
));
$comments .= $site_template->parse_template("guestbook_comment_bit");
} // end for
} else {
$comments = $lang['be_the_first'];
}
//---End Show Guestbook Comments----
//-----------------------------------------------------
//--- BBCode & Form -----------------------------------
//-----------------------------------------------------
$bbcode = "";
if ($config['bb_comments'] == 1) {
$site_template->register_vars(array(
"lang_bbcode" => $lang['bbcode'],
"smiles_text" => get_smiles_text(),
"lang_tag_prompt" => $lang['tag_prompt'],
"lang_link_text_prompt" => $lang['link_text_prompt'],
"lang_link_url_prompt" => $lang['link_url_prompt'],
"lang_link_email_prompt" => $lang['link_email_prompt'],
"lang_list_type_prompt" => $lang['list_type_prompt'],
"lang_list_item_prompt" => $lang['list_item_prompt']
));
$bbcode = $site_template->parse_template("bbcode");
}
if ($config['guestbook_post'] != 1) {
$comment_form = "";
} else {
$comment_user_name = (isset($HTTP_POST_VARS['comment_user_name']) && $error) ? stripslashes(htmlspecialchars(trim($HTTP_POST_VARS['comment_user_name']))) : (($user_info['user_level'] != GUEST) ? htmlspecialchars($user_info['user_name']) : "");
$comment_site = (isset($HTTP_POST_VARS['comment_site']) && $error) ? stripslashes(htmlspecialchars(trim($HTTP_POST_VARS['comment_site']))) : "http://";
$site_template->register_vars(array(
"bbcode" => $bbcode,
"comment_user_name" => $comment_user_name,
"comment_site" => $comment_site,
"comment_text" => $comment_text,
"lang_post_guestbook" => $lang['post_guestbook'],
"lang_name" => $lang['name'],
"lang_site" => $lang['site'],
"lang_comment" => $lang['comment']
));
$comment_form = $site_template->parse_template("guestbook_form");
$site_template->register_vars("guestbook_form", $comment_form);
$contents = $site_template->parse_template("guestbook_showcomments");
unset($comment_form);
} // end if allow_comments
$txt_clickstream = $lang['post_guestbook'];
}
//-----------------------------------------------------
//---Clickstream---------------------------------------
//-----------------------------------------------------
$clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator']
."<a href=\"".$site_sess->url(ROOT_PATH."guestbook.php?action=showcomments")."\">".$lang['guestbook']."</a>".$config['category_separator'].$txt_clickstream."</span>";
//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
"contents" => $contents,
"guestbook_comments" => $comments,
"lang_sign_my_guestbook" => $lang['sign_my_guestbook'],
"msg" => $msg,
"clickstream" => $clickstream
));
unset($contents);
$site_template->print_template($site_template->parse_template($main_template));
include(ROOT_PATH.'includes/page_footer.php');
?>
-
you put
if (($sicherheit_code == "") || ($sicherheit_code != str_replace('´|´', '=', base64_decode(base64_decode($sicherheit_dec))) )) {
$msg .= (($msg != "") ? "<br />" : "").$lang['secure_required'];
$error = 1;
} in the wrong place.
-
Oh no.
I have found my error. I have two lines called
if ($comment_user_name == "") {
and i have place it under the wrong one.
-
For instance, does this block :
/* ## Safety script ## */
mt_srand((double)microtime()*1000000);
$comment_sicherheit = mt_rand(000001,999999);
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
/* ## Safety script ## */
also prevents the usage of random image IDs over the URL bar ? ;)
No, it doesn't. It only encodes the image ID and sends it into a variable.
-
No, it doesn't. It only encodes the image ID and sends it into a variable.
Thanks for answering this. Perhaps it should be considered to also encode it from the URL for security issues. ;)
-
This require GD Library or some other script ? :|
-
I think it requires GD Library.
-
Installed the script but it keeps saying that the security code was inputted wrong. I have GD installed...is there anything I missed?
-
I don´t have install this mod, but I will do it!
I also need this for my guestbook too, please help!
-
I don´t have install this mod, but I will do it!
I also need this for my guestbook too, please help!
http://www.4homepages.de/forum/index.php?topic=11405.msg59615#msg59615
-
Oh sorry, I was very tired last night :oops:
-
Ones more: ->guestbook.php
Where I have to paste the following code?
if (($sicherheit_code == "") || ($sicherheit_code != str_replace('´|´', '=', base64_decode(base64_decode($sicherheit_dec))) )) {
$msg .= (($msg != "") ? "<br />" : "").$lang['secure_required'];
$error = 1;
}
This code I have 2 times in my guestbook.php
if ($comment_user_name == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
$error = 1;
}
Where I have to paste the code? At first or @ the second part?
Edit: I´ve tried and now it works - another great MOD!
F*ck you spammer :mrgreen:
-
Read the Topic :) You must do it in the second one.
This was my error, too!
-
Installed the script but it keeps saying that the security code was inputted wrong. I have GD installed...is there anything I missed?
could you paste a link to your 4images-gallery please?
-
@gheelho
Könntest du den Mod auch für diesen Mod umschreiben?
http://www.4homepages.de/forum/index.php?topic=11470.msg59977#msg59977
Eigentlich würde eine 10 Sekunden Button Sperre (melden.html) schon reichen, aber leider bekomm ich das nicht hin.
Gruß
michi-w.
-
No I had to uninstall the mod because my site is super active....I will reinstall on a test site (which i should of done in the first place) and if I come up with the same problem I will post again.
-
Where can I set number of characters (numbers)?
-
Quote from: theresa_rose on February 03, 2006, 10:56:01 PM
Installed the script but it keeps saying that the security code was inputted wrong. I have GD installed...is there anything I missed?
I´ve installed my homepage on a new server and now I got the same problem like theresa, plz help again :cry:
-
Wie kann ich dieses Script für Kontaktmöglichkeit über jedes User Profil anwenden?
Ich habe es so eingestellt das man die E-Mail adresse von den Usern nicht sehen kann und dann ein Kontaktfeld aufgeht wenn man einem User schreiben möchte, auch da ist es möglich durch mehrmals hintereinander klicken, die message mehrmals zu senden.
Da würde ich diesen Sicherheitscode auch gerne eingeben.
---
I need this script for the contact form in every member profile when somebody contact one of the members.I testet it, when i am logged it..and klick in a profile of a user "send an email", i get a contact form..when i click the send button often..the message will be send very often. I need the securty Mod here too.
How i can i do this?
Thank you very much!
-
Does anybody know the system requirements of this MOD? e.g. php-version - perhaps my new server doesn´t support this:!::?:
-
what do you mean?
do you get any error messages?
i don't think that this mod needs any special requirements.
-
I´ve changed my server and now it won´t work :(
Installed the script but it keeps saying that the security code was inputted wrong...
-
I have just noticed something here ...
/* ## Safety script ## */
mt_srand((double)microtime()*1000000);
$comment_sicherheit = mt_rand(000001,999999);
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
/* ## Safety script ## */
what if you replace it with :
/* ## Safety script ## */
$comment_sicherheit = mt_srand((double)microtime()*1000000);
$comment_sicherheit .= (isset($comment_sicherheit)) ? mt_rand(000001,999999) : "";
$comment_sicherheit .= (isset($comment_sicherheit)) ? str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit))) : "";
/* ## Safety script ## */
-
what if you replace it with :
/* ## Safety script ## */
$comment_sicherheit = mt_srand((double)microtime()*1000000);
$comment_sicherheit .= (isset($comment_sicherheit)) ? mt_rand(000001,999999) : "";
$comment_sicherheit .= (isset($comment_sicherheit)) ? str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit))) : "";
/* ## Safety script ## */
No, now it shows me an empty field without numbers :(
-
There's something really weird regarding these inclusions. Probably missing statements.
-
It works on localhost and also on my old server...
Perhaps some special modules for php are necessary? :roll: I really don´t know where I have to search for...
-
Perhaps some special modules for php are necessary?
Correct. Even I had difficulties to make implementation of this MOD within mines. However, yesterday night, I made some modifications to the routines (which the author will also be notified). The problem is that the PHP file is being called directly from the HTML template file without the Site Session modulation (which is not advisable to do). Then, when I replaced the file (+ query) with a new tag name and placed that filename into the PHP file itself (including the Site Session modulation) everything went fine. ;)
Note: $script_url is also invalid, in this case, since the random codes image won't load either. $site_sess must be used in order to accomplish this. ;)
-
Now it works! Thanks Timo J. for the solution :wink:
open details.php (& also in guestbook.php) find:
$comment_sicherheit = str_replace('=', '´|´', base64_encode(base64_encode($comment_sicherheit)));
add after:
$sicherheit_code = $_POST['sicherheit_code'];
$sicherheit_dec = $_POST['sicherheit_dec'];
He said the error causes on some config of php... *much thanks*
-
i didn't have installed this mod,
but what you described seems,
that the mod is coded for register_globals_off,
which is in some certain ways not good,
cause all newer versions of php has by default now register_globals_on.
-
By agreeing with Icecream on this, you might also want to
change :
$sicherheit_code = $_POST['sicherheit_code'];
$sicherheit_dec = $_POST['sicherheit_dec'];
to read :
$sicherheit_code = (isset($HTTP_POST_VARS['sicherheit_code'])) ? $HTTP_POST_VARS['sicherheit_code'] : "";
$sicherheit_dec = (isset($HTTP_POST_VARS['sicherheit_dec'])) ? intval($HTTP_POST_VARS['sicherheit_dec']) : "";
In the mean time, still followed from what Icecream stated above, it is why I had to make some corrections from my end in order to show the random image codes without problems (which disregards the modifications I just made above). ;)
-
Where can I set number of characters (numbers)?
No ideas? =[
-
@ fgallery,
here :
$comment_sicherheit = mt_rand(000001,999999);
-
Wie super, dass ich diesen klasse Mod gefunden habe, der auch noch so schnell umgesetzt ist. Ich wurde gestern und heute zugespamt und während ich die eben löschte kamen gleich neue hinzu, ich hoffe damit ist nun Schluss.
Danke an den Modersteller :wink:
-
Can this Mod be used as an alternative for
http://www.4homepages.de/forum/index.php?topic=10200.0
What would be the steps to do ?
I see this is an easy one. And do the same thing (almost i guess). I just installed it and it works fine. :)
-
Pleaze HELP: spam-bot is attacking to my site :!:
Look here - there´re more than 100 comments with promotion posted :evil:
(http://www.snuup.de/4img_gfx/spam_bot.gif)
I´ve allready installed this MOD but since today... you´ll see....
-
After installing this Mod I have Spam, too. But only 1 spam comment a day.
Now I´ll try this Mod
http://www.4homepages.de/forum/index.php?topic=7066.msg31011#msg31011
-
Yes, I also have installed Ban MOD, but you can see this bot works with lot of different IP´s so taht this Mod is only a solution for a few minutes... :?
-
You´re right, I´ve tested this Mod now.
An Improvement would be to ban
- selected comment headline
- selected comment text
- to add an obligatory email field und ban selected email adresses
-
Very good idea :idea:
That´s what I´ve missed today :lol:
I think you should post your suggestion
http://www.4homepages.de/forum/index.php?topic=7066.msg65528#msg65528
Edit: I try this MOD from icecream -> http://www.4homepages.de/forum/index.php?topic=12268.0
-
Hallo gheelho
Dein MOD ist super. Hat auf Anhieb geklappt. Ich wollte das gleich auch noch auf das Gästebuch übertragen. Leider hatte ich da nicht soviel Glück. Irgendwie habe ich dort einen kleinen Fehler drin. Die guestbook_form.html funktioniert schon mal gut. Nur an der geustbook.php scheint es zu hapern. Es wird kein Sicherheitscode angezeigt und das System reagiert auch nicht.
Kann einer seine geänderte guestbook.php posten?
Danke im vorraus.
Grüsse aus Hamburg Steffen
-
Moin, ich hab auch diesen Mod instaliert, nur hab ich grad ein Problem mit meiner DB Bibliotek,
Die GD Bibliothek konnte nicht erkannt werden.
Bitte überprüfen Sie Ihre Einstellungen für die Konvertierungs-Module.
Als die Meldung auftrat sind auch alle Bilder vom letzten Tag verschwunden und ich hab keinen Sicherheitscode mehr :twisted:
Habt ihr da be Idee ???
THX
-
Hi,
kann ich den Mod auch mit Version 1.72 verwenden ?
Danke,
Miranda
-
Hallo
ich benötige noch einen Tipp. Auf unser guestbook.php wird alles soweit angezeigt. http://www.urlauberschiff-fritzheckert.de/maritim/guestbook.php
allerdings folgt keine Reaktion auf den Sicherheitscode. D.h. es kann weiterhin Spam eingetragen werden.
Wir benötigen unbedingt Hilfe, da wir täglich Spameinträge bekommen.
Danke Gruß Steffen
Wo ist der Fehler?
-
danke erstmal für den praktischen mod
wurde auch schon stark voll gespammt...
hat alles wunderbar geklappt :)
nur ma ne frage, reicht es nicht aus wenn die zahlen ohne diese striche angezeigt werden?
weil ich mein es geht ya nur dadrum das da zahlen abgetippt werden die ein bot nicht kennen kann
und es muss für einen user ya nicht noch erschwert werden oder!?
wie kann ich diese streifen wegbekommen?
-
@ CanOne
in der sicherheit.php wird das Raster der Hintergrundlinien definiert.
Die Lösung wäre also ....
den Code für die Rasterlinien (horizontal und vertikal) entweder entfernen
oder ...
den Abstand der Rasterlinien größer als das erzeugte Zahlencodebild zu definieren..
-
Dieser Mod scheint ja für einige Seiten sinnvoll zu sein, die es auch Gästen ermöglichen Kommentare zu posten. Es macht aber keinen Sinn, dass schon registrierte User auch einen Sicherheitscode eingeben müssen - oder ist das nicht so? Es sollte also nur bei Gästen verlangt werden - es wäre dann sogar nochmehr Anreiz sich anzumelden wenn dann die lästige Code-Eingabe weg wäre..
-
@mawenzi
hm ich wüsste jetzt nicht ganz genau was ich da rausnehmen sollte, aber ich lass es sersma so wies is...danke trotzdem
@konradin
das wär natürlich eine idee und wirklich ein anreiz für leute sich zu registrieren wenn sie öfter un der galerie unterwegs sind
-
@ CanOne
... für Sicherheitscode ohne Rasterlinien wäre folgendes aus der sicherheit.php zu löschen ...
ImageLine($pic, 0, 0, $width-1, 0, $text);
ImageLine($pic, 0, $height-1, $width-1, $height-1, $text);
ImageLine($pic, $width-1, 0, $width-1, $height-1, $text);
ImageLine($pic, 0, 0, 0, $height-1, $text);
$StartParameterInt = 15;
for($i=0;$i<$width;$i+=$StartParameterInt)
{
ImageLine($pic, $i, 0, $i, $height, $text);
}
$StartParamterInt = 10;
for($i=0;$i<$height;$i+=$StartParamterInt)
{
ImageLine($pic, 0, $i, $width, $i, $text);
}
-
okay vielen dank werd es mal ausprobieren
edit: okay hat alles geklappt thanx
-
Hallo,
ich habe für die 4images Galerie 1.7.1 ein Sicherheitscode - Script geschrieben, welches gegen Spam durch Bots o.ä. wirken soll.
Hierbei muss man ein Bild mit 4-6 Zahlen abtippen und der Kommentar wird nur beim richtigen abtippen gepostet.
Download am Ende des Postings; Fragen und Support im Thread.
#######
Hello,
I wrote an safety or secure code - script for 4images gallery 1.7.1. The script should stop spam e.g. through bots.
Usage: You must copy a pircture with 4-6 characters (numbers). When you copied it right, your command will be posted. Otherwise, your comment will be deleted.
download at the bottom of this posting; questions and support here in the thread.
Sorry for my bad english.
#######
EDIT: Fehler in der Datei sicherheit.php behoben. / Error in sicherheit.php fixed.
а для версии 1.7.2
may be replacing for version 1.7.2
-
Hello!
Is there a possibility to add a security picture to the 4images-Register form? Despite I deny post comments without registering y receive amounts of spam in the comments of automatic generated user account (e.g. "diaphragm145"). So I think the best solution would be to add a Security code to the register form not to every single comment.
What do I have to change?
Would it be another possibility to change simply the input-name so that the automatic scripts don't work anymore? So <input name="name"...> is changed to <input name="nbsafvb"..> to confund the scripts. I could imagine that would work very simply, doesn't it?
------------------
Hallo!
Gibt es eine Möglichkeit den Sicherheitscode zur 4images Registrierung hinzuzufügen? Ich erhalte nämlich Spam in meinen Kommentaren, obwohl nur registrierte Benutzer posten dürfen - nämlich von automatisch generierten Benutzeraccount mit Namen wie "diaphragm145". Deswegen halte ich es für die einfachste Möglichkeit den Sicherheitscode einfach zur Registrierung und nicht zu jedem einzelnen CommentForm hinzuzufügen.
Was müsste ich dafür anpassen?
Wäre es eigentlich nicht auch eine Möglichkeit, einfach die Input-Feld-Namen zu ändern so dass die automatischen, auf 4images abgestimmten Scripts nicht mehr funktionieren würden? Also anstatt <input name="name"...> in <input name="asdgsav"..> zu verändern, um die automatischen Spam Roboter zu verwirren. Ich könnte mir vorstellen dass auch das schon wirken würde, oder?
Vielen Dank, chao
-
@ konradin
... nimm einfach [MOD] Registration with security code validation v1.0 ...
http://www.4homepages.de/forum/index.php?topic=10200.msg49945#msg49945
-
super mod! spam in den bewertungen hat _sofort_ aufgehört, klasse! :mrgreen:
-
Hallo,
vielleicht kann mir ja jemand helfen, denn irgendwie scheiter ich bei der Installation des Mods schon bei Punkt
2. Öffne details.php
suche nach:
---
if (!$image_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
Ich kann diese Zeilen in meiner details.php ums verrecken nicht finden
<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: details.php *
* Copyright: (C) 2002 Jan Sorgalla *
* Email: jan@4homepages.de *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7.2 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz- *
* bedingungen (Lizenz.txt) für weitere Informationen. *
* --------------------------------------------------------------- *
* This script is NOT freeware! Please read the Copyright Notice *
* (Licence.txt) for further information. *
* *
*************************************************************************/
$main_template = 'details';
define('GET_CACHES', 1);
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
include(ROOT_PATH.'includes/page_header.php');
if (!$image_id) {
redirect($url);
}
$additional_sql = "";
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
$additional_sql .= ", i.".$key;
}
}
$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email")."
FROM (".IMAGES_TABLE." i, ".CATEGORIES_TABLE." c)
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
WHERE i.image_id = $image_id AND c.cat_id = i.cat_id";
$image_row = $site_db->query_firstrow($sql);
$cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0;
$is_image_owner = ($image_row['user_id'] > USER_AWAITING && $user_info['user_id'] == $image_row['user_id']) ? 1 : 0;
if (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id) || !$image_row) {
redirect($url);
}
$random_cat_image = (defined("SHOW_RANDOM_IMAGE") && SHOW_RANDOM_IMAGE == 0) ? "" : get_random_image($cat_id);
$site_template->register_vars("random_cat_image", $random_cat_image);
unset($random_cat_image);
//-----------------------------------------------------
//--- Show Image --------------------------------------
//-----------------------------------------------------
$image_allow_comments = (check_permission("auth_readcomment", $cat_id)) ? $image_row['image_allow_comments'] : 0;
$image_name = format_text($image_row['image_name']);
show_image($image_row, $mode, 0, 1);
$in_mode = 0;
$sql = "";
if ($mode == "lightbox") {
if (!empty($user_info['lightbox_image_ids'])) {
$image_id_sql = str_replace(" ", ", ", trim($user_info['lightbox_image_ids']));
$sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_active = 1 AND image_id IN ($image_id_sql) AND (cat_id NOT IN (".get_auth_cat_sql("auth_viewimage", "NOTIN").", ".get_auth_cat_sql("auth_viewcat", "NOTIN")."))
ORDER BY ".$config['image_order']." ".$config['image_sort'];
$in_mode = 1;
}
}
elseif ($mode == "search") {
if (!isset($session_info['searchid']) || empty($session_info['searchid'])) {
$session_info['search_id'] = $site_sess->get_session_var("search_id");
}
if (!empty($session_info['search_id'])) {
$search_id = unserialize($session_info['search_id']);
}
$sql_where_query = "";
if (!empty($search_id['image_ids'])) {
$sql_where_query .= "AND image_id IN (".$search_id['image_ids'].") ";
}
if (!empty($search_id['user_ids'])) {
$sql_where_query .= "AND user_id IN (".$search_id['user_ids'].") ";
}
if (!empty($search_id['search_new_images']) && $search_id['search_new_images'] == 1) {
$new_cutoff = time() - 60 * 60 * 24 * $config['new_cutoff'];
$sql_where_query .= "AND image_date >= $new_cutoff ";
}
if (!empty($search_id['search_cat']) && $search_id['search_cat'] != 0) {
$cat_id_sql = 0;
$sub_cat_ids = get_subcat_ids($search_id['search_cat'], $search_id['search_cat'], $cat_parent_cache);
if (check_permission("auth_viewcat", $search_id['search_cat'])) {
$cat_id_sql .= ", ".$search_id['search_cat'];
if (!empty($sub_cat_ids[$search_id['search_cat']])) {
foreach ($sub_cat_ids[$search_id['search_cat']] as $val) {
if (check_permission("auth_viewcat", $val)) {
$cat_id_sql .= ", ".$val;
}
}
}
}
}
else {
$cat_id_sql = get_auth_cat_sql("auth_viewcat");
}
if (!empty($sql_where_query)) {
$sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_active = 1
$sql_where_query
AND cat_id IN ($cat_id_sql)
ORDER BY ".$config['image_order']." ".$config['image_sort'];
$in_mode = 1;
}
}
if (!$in_mode || empty($sql)) {
$sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_active = 1 AND cat_id = $cat_id
ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ASC";
}
$result = $site_db->query($sql);
$image_id_cache = array();
$next_prev_cache = array();
$break = 0;
$prev_id = 0;
while($row = $site_db->fetch_array($result)) {
$image_id_cache[] = $row['image_id'];
$next_prev_cache[$row['image_id']] = $row;
if ($break) {
break;
}
if ($prev_id == $image_id) {
$break = 1;
}
$prev_id = $row['image_id'];
}
$site_db->free_result();
if (!function_exists("array_search")) {
function array_search($needle, $haystack) {
$match = false;
foreach ($haystack as $key => $value) {
if ($value == $needle) {
$match = $key;
}
}
return $match;
}
}
$act_key = array_search($image_id, $image_id_cache);
$next_image_id = (isset($image_id_cache[$act_key + 1])) ? $image_id_cache[$act_key + 1] : 0;
$prev_image_id = (isset($image_id_cache[$act_key - 1])) ? $image_id_cache[$act_key - 1] : 0;
unset($image_id_cache);
// Get next and previous image
if (!empty($next_prev_cache[$next_image_id])) {
$next_image_name = format_text($next_prev_cache[$next_image_id]['image_name']);
$next_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$next_image_id.((!empty($mode)) ? "&mode=".$mode : ""));
if (!get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
$next_image_file = ICON_PATH."/404.gif";
}
else {
$next_image_file = get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
}
if (!get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
$next_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$next_image_id]['image_media_file']).".gif";
}
else {
$next_thumb_file = get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
}
}
else {
$next_image_name = REPLACE_EMPTY;
$next_image_url = REPLACE_EMPTY;
$next_image_file = REPLACE_EMPTY;
$next_thumb_file = REPLACE_EMPTY;
}
if (!empty($next_prev_cache[$prev_image_id])) {
$prev_image_name = format_text($next_prev_cache[$prev_image_id]['image_name']);
$prev_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$prev_image_id.((!empty($mode)) ? "&mode=".$mode : ""));
if (!get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
$prev_image_file = ICON_PATH."/404.gif";
}
else {
$prev_image_file = get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
}
if (!get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
$prev_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$prev_image_id]['image_media_file']).".gif";
}
else {
$prev_thumb_file = get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
}
}
else {
$prev_image_name = REPLACE_EMPTY;
$prev_image_url = REPLACE_EMPTY;
$prev_image_file = REPLACE_EMPTY;
$prev_thumb_file = REPLACE_EMPTY;
}
$site_template->register_vars(array(
"next_image_id" => $next_image_id,
"next_image_name" => $next_image_name,
"next_image_url" => $next_image_url,
"next_image_file" => $next_image_file,
"next_thumb_file" => $next_thumb_file,
"prev_image_id" => $prev_image_id,
"prev_image_name" => $prev_image_name,
"prev_image_url" => $prev_image_url,
"prev_image_file" => $prev_image_file,
"prev_thumb_file" => $prev_thumb_file
));
unset($next_prev_cache);
//-----------------------------------------------------
//--- Save Comment ------------------------------------
//-----------------------------------------------------
$error = 0;
if ($action == "postcomment" && isset($HTTP_POST_VARS[URL_ID])) {
$id = intval($HTTP_POST_VARS[URL_ID]);
$sql = "SELECT cat_id, image_allow_comments
FROM ".IMAGES_TABLE."
WHERE image_id = $id";
$row = $site_db->query_firstrow($sql);
if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
$msg = $lang['comments_deactivated'];
}
else {
$user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['user_name']));
$comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
$comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));
// Flood Check
$sql = "SELECT comment_ip, comment_date
FROM ".COMMENTS_TABLE."
WHERE image_id = $id
ORDER BY comment_date DESC
LIMIT 1";
$spam_row = $site_db->query_firstrow($sql);
$spamtime = $spam_row['comment_date'] + 180;
if ($session_info['session_ip'] == $spam_row['comment_ip'] && time() <= $spamtime && $user_info['user_level'] != ADMIN) {
$msg .= (($msg != "") ? "<br />" : "").$lang['spamming'];
$error = 1;
}
$user_name_field = get_user_table_field("", "user_name");
if (!empty($user_name_field)) {
if ($site_db->not_empty("SELECT $user_name_field FROM ".USERS_TABLE." WHERE $user_name_field = '".strtolower($user_name)."' AND ".get_user_table_field("", "user_id")." <> '".$user_info['user_id']."'")) {
$msg .= (($msg != "") ? "<br />" : "").$lang['username_exists'];
$error = 1;
}
}
if ($user_name == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
$error = 1;
}
if ($comment_headline == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['headline_required'];
$error = 1;
}
if ($comment_text == "") {
$msg .= (($msg != "") ? "<br />" : "").$lang['comment_required'];
$error = 1;
}
if (!$error) {
$sql = "INSERT INTO ".COMMENTS_TABLE."
(image_id, user_id, user_name, comment_headline, comment_text, comment_ip, comment_date)
VALUES
($id, ".$user_info['user_id'].", '$user_name', '$comment_headline', '$comment_text', '".$session_info['session_ip']."', ".time().")";
$site_db->query($sql);
$commentid = $site_db->get_insert_id();
update_comment_count($id, $user_info['user_id']);
}
}
unset($row);
unset($spam_row);
}
//-----------------------------------------------------
//--- Show Comments -----------------------------------
//-----------------------------------------------------
if ($image_allow_comments == 1) {
$sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email").get_user_table_field(", u.", "user_showemail").get_user_table_field(", u.", "user_invisible").get_user_table_field(", u.", "user_joindate").get_user_table_field(", u.", "user_lastaction").get_user_table_field(", u.", "user_comments").get_user_table_field(", u.", "user_homepage").get_user_table_field(", u.", "user_icq")."
FROM ".COMMENTS_TABLE." c
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.image_id = $image_id
ORDER BY c.comment_date ASC";
$result = $site_db->query($sql);
$comment_row = array();
while ($row = $site_db->fetch_array($result)) {
$comment_row[] = $row;
}
$site_db->free_result($result);
$num_comments = sizeof($comment_row);
if (!$num_comments) {
$comments = "<tr><td class=\"commentrow1\" colspan=\"2\">".$lang['no_comments']."</td></tr>";
}
else {
$comments = "";
$bgcounter = 0;
for ($i = 0; $i < $num_comments; $i++) {
$row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;
$comment_user_email = "";
$comment_user_email_save = "";
$comment_user_mailform_link = "";
$comment_user_email_button = "";
$comment_user_homepage_button = "";
$comment_user_icq_button = "";
$comment_user_profile_button = "";
$comment_user_status_img = REPLACE_EMPTY;
$comment_user_name = format_text($comment_row[$i]['comment_user_name']);
$comment_user_info = $lang['userlevel_guest'];
$comment_user_id = $comment_row[$i]['user_id'];
if (isset($comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
$comment_user_name = format_text($comment_row[$i][$user_table_fields['user_name']]);
$comment_user_profile_link = !empty($url_show_profile) ? $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_show_profile)) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$comment_user_id);
$comment_user_profile_button = "<a href=\"".$comment_user_profile_link."\"><img src=\"".get_gallery_image("profile.gif")."\" border=\"0\" alt=\"".$comment_user_name."\" /></a>";
$comment_user_status_img = ($comment_row[$i][$user_table_fields['user_lastaction']] >= (time() - 300) && ((isset($comment_row[$i][$user_table_fields['user_invisible']]) && $comment_row[$i][$user_table_fields['user_invisible']] == 0) || $user_info['user_level'] == ADMIN)) ? "<img src=\"".get_gallery_image("user_online.gif")."\" border=\"0\" alt=\"Online\" />" : "<img src=\"".get_gallery_image("user_offline.gif")."\" border=\"0\" alt=\"Offline\" />";
$comment_user_homepage = (isset($comment_row[$i][$user_table_fields['user_homepage']])) ? format_url($comment_row[$i][$user_table_fields['user_homepage']]) : "";
if (!empty($comment_user_homepage)) {
$comment_user_homepage_button = "<a href=\"".$comment_user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$comment_user_homepage."\" /></a>";
}
$comment_user_icq = (isset($comment_row[$i][$user_table_fields['user_icq']])) ? format_text($comment_row[$i][$user_table_fields['user_icq']]) : "";
if (!empty($comment_user_icq)) {
$comment_user_icq_button = "<a href=\"http://wwp.icq.com/scripts/search.dll?to=".$comment_user_icq."\" target=\"_blank\"><img src=\"http://web.icq.com/whitepages/online?icq=".$comment_user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$comment_user_icq."\" /></a>";
}
if (!empty($comment_row[$i][$user_table_fields['user_email']]) && (!isset($comment_row[$i][$user_table_fields['user_showemail']]) || (isset($comment_row[$i][$user_table_fields['user_showemail']]) && $comment_row[$i][$user_table_fields['user_showemail']] == 1))) {
$comment_user_email = format_text($comment_row[$i][$user_table_fields['user_email']]);
$comment_user_email_save = format_text(str_replace("@", " at ", $comment_row[$i][$user_table_fields['user_email']]));
if (!empty($url_mailform)) {
$comment_user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_mailform));
}
else {
$comment_user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&".URL_USER_ID."=".$comment_user_id);
}
$comment_user_email_button = "<a href=\"".$comment_user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$comment_user_email_save."\" /></a>";
}
if (!isset($comment_row[$i][$user_table_fields['user_level']]) || (isset($comment_row[$i][$user_table_fields['user_level']]) && $comment_row[$i][$user_table_fields['user_level']] == USER)) {
$comment_user_info = $lang['userlevel_user'];
}
elseif ($comment_row[$i][$user_table_fields['user_level']] == ADMIN) {
$comment_user_info = $lang['userlevel_admin'];
}
$comment_user_info .= "<br />";
$comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_joindate']])) ? "<br />".$lang['join_date']." ".format_date($config['date_format'], $comment_row[$i][$user_table_fields['user_joindate']]) : "";
$comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_comments']])) ? "<br />".$lang['comments']." ".$comment_row[$i][$user_table_fields['user_comments']] : "";
}
$comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";
$admin_links = "";
if ($user_info['user_level'] == ADMIN) {
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['edit']."</a> ";
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['delete']."</a>";
}
elseif ($is_image_owner) {
$admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
}
$site_template->register_vars(array(
"comment_id" => $comment_row[$i]['comment_id'],
"comment_user_id" => $comment_user_id,
"comment_user_status_img" => $comment_user_status_img,
"comment_user_name" => $comment_user_name,
"comment_user_info" => $comment_user_info,
"comment_user_profile_button" => $comment_user_profile_button,
"comment_user_email" => $comment_user_email,
"comment_user_email_save" => $comment_user_email_save,
"comment_user_mailform_link" => $comment_user_mailform_link,
"comment_user_email_button" => $comment_user_email_button,
"comment_user_homepage_button" => $comment_user_homepage_button,
"comment_user_icq_button" => $comment_user_icq_button,
"comment_user_ip" => $comment_user_ip,
"comment_headline" => format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
"comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
"comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
"row_bg_number" => $row_bg_number,
"admin_links" => $admin_links
));
$comments .= $site_template->parse_template("comment_bit");
} // end while
} //end else
$site_template->register_vars("comments", $comments);
unset($comments);
//-----------------------------------------------------
//--- BBCode & Form -----------------------------------
//-----------------------------------------------------
$allow_posting = check_permission("auth_postcomment", $cat_id);
$bbcode = "";
if ($config['bb_comments'] == 1 && $allow_posting) {
$site_template->register_vars(array(
"lang_bbcode" => $lang['bbcode'],
"lang_tag_prompt" => $lang['tag_prompt'],
"lang_link_text_prompt" => $lang['link_text_prompt'],
"lang_link_url_prompt" => $lang['link_url_prompt'],
"lang_link_email_prompt" => $lang['link_email_prompt'],
"lang_list_type_prompt" => $lang['list_type_prompt'],
"lang_list_item_prompt" => $lang['list_item_prompt']
));
$bbcode = $site_template->parse_template("bbcode");
}
if (!$allow_posting) {
$comment_form = "";
}
else {
$user_name = (isset($HTTP_POST_VARS['user_name']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['user_name'])), 2) : (($user_info['user_level'] != GUEST) ? format_text($user_info['user_name'], 2) : "");
$comment_headline = (isset($HTTP_POST_VARS['comment_headline']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_headline'])), 2) : "";
$comment_text = (isset($HTTP_POST_VARS['comment_text']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_text'])), 2) : "";
$site_template->register_vars(array(
"bbcode" => $bbcode,
"user_name" => $user_name,
"comment_headline" => $comment_headline,
"comment_text" => $comment_text,
"lang_post_comment" => $lang['post_comment'],
"lang_name" => $lang['name'],
"lang_headline" => $lang['headline'],
"lang_comment" => $lang['comment']
));
$comment_form = $site_template->parse_template("comment_form");
}
$site_template->register_vars("comment_form", $comment_form);
unset($comment_form);
} // end if allow_comments
// Admin Links
$admin_links = "";
if ($user_info['user_level'] == ADMIN) {
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=editimage&image_id=".$image_id))."\" target=\"_blank\">".$lang['edit']."</a> ";
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=removeimage&image_id=".$image_id))."\" target=\"_blank\">".$lang['delete']."</a>";
}
elseif ($is_image_owner) {
$admin_links .= ($config['user_edit_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removeimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['delete']."</a>";
}
$site_template->register_vars("admin_links", $admin_links);
// Update Hits
if ($user_info['user_level'] != ADMIN) {
$sql = "UPDATE ".IMAGES_TABLE."
SET image_hits = image_hits + 1
WHERE image_id = $image_id";
$site_db->query($sql);
}
//-----------------------------------------------------
//---Clickstream---------------------------------------
//-----------------------------------------------------
$clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'];
if ($mode == "lightbox" && $in_mode) {
$page_url = "";
if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
if (!empty($regs[1]) && $regs[1] != 1) {
$page_url = "?".URL_PAGE."=".$regs[1];
}
}
$clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."lightbox.php".$page_url)."\" class=\"clickstream\">".$lang['lightbox']."</a>".$config['category_separator'];
}
elseif ($mode == "search" && $in_mode) {
$page_url = "";
if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
if (!empty($regs[1]) && $regs[1] != 1) {
$page_url = "&".URL_PAGE."=".$regs[1];
}
}
$clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."search.php?show_result=1".$page_url)."\" class=\"clickstream\">".$lang['search']."</a>".$config['category_separator'];
}
else {
$clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
}
$clickstream .= $image_name."</span>";
//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
"msg" => $msg,
"clickstream" => $clickstream,
"lang_category" => $lang['category'],
"lang_added_by" => $lang['added_by'],
"lang_description" => $lang['description'],
"lang_keywords" => $lang['keywords'],
"lang_date" => $lang['date'],
"lang_hits" => $lang['hits'],
"lang_downloads" => $lang['downloads'],
"lang_rating" => $lang['rating'],
"lang_votes" => $lang['votes'],
"lang_author" => $lang['author'],
"lang_comment" => $lang['comment'],
"lang_prev_image" => $lang['prev_image'],
"lang_next_image" => $lang['next_image'],
"lang_file_size" => $lang['file_size']
));
$site_template->print_template($site_template->parse_template($main_template));
include(ROOT_PATH.'includes/page_footer.php');
?>
-
@ivan: hat funktioniert - danke :)
-
Ich hatte mir neulich auch diesen Sicherheitscode eingebaut, war die ganze Zeit auch Ruhe, nur habe ich letzte Woche aufeinmal trotz des Codes 127 Spameinträge vonRobotern wie kommt denn das ich habe sie noch nicht gelöscht, weil ich noch keine Zeit hatte ich muss ja alle Kommentare aufrufen,
http://galerie.sylvia-s.de
-
Installed this a while ago and immediately spams ceased- great mod!
Just one question: can I change the colors to black background/white or silver numbers? If so, where/how?
-
@ Gwydion,
... change the color of background -> black ...
... change in sicherheit.php ...
$hintergrund = ImageColorAllocate($pic, 0, 0, 0);
... change the color of numbers -> silver ...
... change in sicherheit.php ...
$text = ImageColorAllocate($pic, 220, 220, 220);
-
i write good security number, but im getting wrong! You can try here: http://laisvalaikis.yours.lt/img5473.htm?l=english
whats bad?
-
find:
<input type="hidden" name="action" value="postcomment" />
Add after ... :!:
<input type="hidden" name="sicherheit_dec" value="{comment_sicherheit}" />
-
its already added! and code allways wrong :evil:
-
... then tries it again to insert the mod, step by step ...
... there are not so many steps ...
... the mod / the code works perfectly ...
-
ive tryed one time to write it again :?
-
can you look whats bad? please
i cant find any mistake
-
Thanks! Now working 8)
-
I am trying to restrict this mod to unregistered users, so that registered users won't have to enter the security number for every comment, but I'm stuck... :roll:
Do you know how to do this? :idea:
-
Habe alles so eingebaut wie beschrieben! aber...egal ob ich den code nachschreibe oder ihne weglasse oder einen falschen eingebe...
er nimmt mir jeden Kommentar!#
Hmmmm....woran kann das liegen?? Habe Version 1.7.3
MFG
-
Hallo Ivan,
wie binde ich dann die Sicherheitsfunktion der 1.7.3 in meine contact.html ein?
Verwende diesen Contact Mod http://www.4homepages.de/forum/index.php?topic=8987.0
Danke und Gruß
-
Hy zusammen
Ich habe es auch schon erfolglos versucht.
Wäre echt super wenn das mal jemand hinbekommen würde, mit dem Sicherheitscode und dem Kontaktformular..
Dirk
-
Hallo,
also habe es eingebaut und klappt perfekt :D
Werde es jetzt gleich noch in meinem GB einbauen.
Klasse Mod :lol:
Grüße Darkness
-
Hy zusammen
Ich habe es soweit auch eingebaut, jedoch erscheint bei mir immer die gleiche Zahlenfolge, und man kann es auch abschicken, ohne die Zahlenfolge auszufüllen.
Habt ihr eine Idee, wo mein Fehler liegt?
Muss ich denn in der main.php einen Eintrag anlegen wie z.b Contact?
www.bacardi-island.de
Dirk
-
Hy zusammen
Ich habe es soweit auch eingebaut, jedoch erscheint bei mir immer die gleiche Zahlenfolge, und man kann es auch abschicken, ohne die Zahlenfolge auszufüllen.
Habt ihr eine Idee, wo mein Fehler liegt?
Muss ich denn in der main.php einen Eintrag anlegen wie z.b Contact?
www.bacardi-island.de
Du verwendest doch die version 1.7.3.
Da ist der CAPTCHA Schutz bereits eingebaut. Du brauchst dieses MOD nicht.
-
Hallo Kai
Ich weiss.Wir reden von dem Sicherheits Kommentar bei dem Kontaktformular.
Siehe hier http://www.bacardi-island.de/contact.php
GRuß Dirk
-
Alles klar. Mein Fehler!
-
look for:
---
if (!$image_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
I dont found this in my details.php :cry: Can somebody help me... I use 1.7.3
Thanks!
-
In 1.7.3 this feature is already included. You dont need this mod.
-
Hi, I need it to install it on my Contact Form. Or maybe someone here can tell me how can I add captcha to my contact form and my guestbook.
Regards,
-
I am coding it for the contact form. I think it should be ready after this week-end.
EDIT: Now you can put it into your contact form... just download the file which I added
Das ganze ist jetzt auch für das kostenpflichtige Kontaktformular verfügbar. Einfach die Datei runterladen und die Änderungen vornehmen.
-
hmm, wird alles angezeigt, nur kann machen was ich will, sagt mir immer
"Du hast den Sicherheitscode nicht richtig abgetippt."
alles richtig eingebaut,hab da das Raster störte, auch dieses weggenommen um die Zahlen besser lesen zu können.
Trotzdem immer die selbe Meldung
gruss Harald
Edit: nutze 1.7.1
Edit2:
Hab das jetzt in den Kommentaren und Kontakt versucht, beides male der selbe Fehler
"Du hast den Sicherheitscode nicht richtig abgetippt."
Code 4x überprüfft und neu gemacht, immer das gleiche
-
I use to get 190+ spam messages every morning (Viagra, rolex, blah blah) now.. zero cuz of this mod.. but.. I almost thought it was funny.. I just search for http in comments message and just delete them with one click.. but the spammers don't know that.. so I felt like I'm working for them.. with this mod.. their messages don't get added..
Awesome mod. INSTALL IT!!!
-
Hallo zusammen
Kann sich eventuell mal einer meine Seite www.bacardi-island.de anschauen?
Bis vor ein paar Tagen funktionierte das Kommentarformular zu den Bildern noch.
Nun bekomme ich stäntig die Meldung das der Sicherheitscode nicht korrekt abgetippt wurde...
Habe testweise mal einen user mit test/test angelegt
Vielen Dank
Dirk
-
@havanna28
... du verwendest nicht diesen Sicherheitscode ...
... sondern die originale 4images CAPTCHA-Version Vers.1.7.3 ...
... sorry, von daher ... falsches Thema ...
... ich denke aber über die Suchfunktion solltest du Antworten finden ...
-
Hallo zusammen
Kann sich eventuell mal einer meine Seite www.bacardi-island.de anschauen?
Bis vor ein paar Tagen funktionierte das Kommentarformular zu den Bildern noch.
Nun bekomme ich stäntig die Meldung das der Sicherheitscode nicht korrekt abgetippt wurde...
Habe testweise mal einen user mit test/test angelegt
Vielen Dank
Dirk
-
@mawenzi
Danke für die schnelle Antwort.Habe meinen Beitrag dort noch einmal gepostet in der Hoffnung das jemand helfen kann.
Hatte eigentlich nur von den Farben ein paar Kleinigkeiten geändert und nun geht die Abfrage nicht mehr :(
Dirk
-
Hatte eigentlich nur von den Farben ein paar Kleinigkeiten geändert und nun geht die Abfrage nicht mehr :(
... na da haben wir doch schon die Problemursache ... von nix kommt nix ... ;)
... also am besten gleich das Backup wieder uploaden ...
... und die gewünschten Änderungen Schritt für Schritt incl. Überprüfung der Funktion wieder vornehmen ...
-
Hy
Das habe ich gerade versucht aber ohne Erfolg :(
Hat jemand eine Idee warum das nicht funktioniert?
Dirk
-
Hallo
Hat denn keiner eine Idee?
Kann man in der Style.css etwas so ändern das das nicht mehr funktioniert?
Eventuell hat ja jemand eine funktionierende style.css die er mir zur Verfügung stellen kann.
Mit dem Datenbank Backup hat das leider nicht funktioniert.
Es erscheint auf www.bacardi-island.de immer wieder die Meldung das der Sicherheitscode nicht korrekt eingegeben wurde :cry:
Bitte um Hilfe
dirk
-
Hallo
Kann mir mal jemand die Zugriffsrechte auf folgende Verzeichnisse mailen
captcha
captcha.php
backgrounds
fonts
.htaccess
words.txt
Ich habe die Dateien komplett neu hochgeladen und bekomme immer noch die Meldung das der Sicherheitscode nicht richtig abgetippt wurde :(
Dirk
-
Habe es hinbekommen.Keine Hilfe mehr nötig
Dirk
-
Hi
I'd like to use this MOD for postcards.
Postcards should only be sent with entering a security code.
Which files do I have to modify instead details.php and comment_form.html?
postcards.php?
postcard_send.html?
And how do I have to modify the files?
Thanks for helping me!
TIMT
-
@TIMT
... instead of details.php -> postcards.php ...
... instead of comment_form.html -> postcard_create.thml or postcard_preview.html ...
... and how ... in the same way as for comments in details ...
-
@TIMT
... instead of details.php -> postcards.php ...
... instead of comment_form.html -> postcard_create.thml or postcard_preview.html ...
... and how ... in the same way as for comments in details ...
Hi can you specify where (in the php page) to paste the code in the postcards.php ??
Thanks :?