[Mod Req] Guestbook for every member

[V@no]

And based on IcEcReaM warning, here is how you can go without these lines:

Code: [Select]

  $id2 = intval($HTTP_POST_VARS[URL_ID]);
  $id  = $_GET['user_id']; // pazi zaradi sql injekcij!!!

Code: [Select]

$id2 = $id;
$id = $user_id;
variables $id and $user_id are being automaticaly populated and as IcEcReaM said, sanitized by 4images itself based on _POST and _GET data.

[Stoleti]

I've tested in my test-gallery and there is the results :

Not have save/show message and error msg :

aloha tole pa je šlo na save book


DB Error: Bad SQL Query: SELECT user_id, user_allow_book FROM 4images_users WHERE user_id =
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3
SELECT user_id, user_allow_book FROM 4images_users WHERE user_id =
DB Error: Bad SQL Query: SELECT c.book_id, c.profile_id, c.user_id, c.user_name AS book_user_name, c.book_headline, c.book_text, c.book_ip, c.book_date, u.user_level, u.user_name, u.user_email, u.user_showemail, u.user_invisible, u.user_joindate, u.user_lastaction, u.user_homepage, u.user_icq FROM 4images_book c LEFT JOIN 4images_users u ON (u.user_id = c.user_id) WHERE c.profile_id = ORDER BY c.book_date ASC
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY c.book_date ASC' at line 5

 

[trez]

i've tested it and have the same errors, but the base is good! Hope you continue writing that MOD

just a little off-topic:

$id  = $_GET['user_id']; // pazi zaradi sql injekcij!!!

Whats that bulgarian language in your code ??

[Stoleti]

and maybe missing on book_form.html between

{if rate_form}{rate_form}{endif rate_form}

 :

[Lucifix]

i've tested it and have the same errors, but the base is good! Hope you continue writing that MOD

just a little off-topic:

$id  = $_GET['user_id']; // pazi zaradi sql injekcij!!!

Whats that bulgarian language in your code ??

Bolgarian? lol it's Slovenian

And it means: watch for sql injection

[trez]

strange, in bulgarian it meens exact the same whatever

[IcEcReaM]

lol. then you already seen this problem.
then it might be my post was unncessary..^^

[trez]

any progress?

[Stoleti]

how are going this MOD ?

 

[glitzer]

I am waiting every day for this mod!

How does it going on?

[Lucifix]

Well I didn't do nothing till now, couse there is no free time in my life these days... if I get two days off I might do something, but nothing to promise.

But if there is anyone who could do something till then... well you are welcome to help

[Stoleti]

Well I didn't do nothing till now, couse there is no free time in my life these days... if I get two days off I might do something, but nothing to promise.

But if there is anyone who could do something till then... well you are welcome to help

if you need help , just pm me  (ps: i'm not php coder, but i can be beta-tester if you wish) 

[Lucifix]

I was hoping that anyone else will developed this mod, couse I'm sort of stucked...

[Stoleti]

any progress , and any update ? 

[glitzer]

hello? Is there anybody?? 
i am waiting every day for this mod!

can you give us a update? How long will it take to create this mod?

thanks a lot for the creation!