Programmed story doesn't save title when editing

rickallen · New Member Joined: Jul 07, 2007 Posts: 10

I'm using Raven Nuke Ver 2.10.1 and this is a fresh install. I noticed a problem with editing a programmed story. When making any changes to the article while it is was still waiting to go live, the title would default to "News". After looking at the code I noticed that $title was being set to equal the module name on line 30 of the news module admin. (News/admin/index.php)

Code:

$query = $db->sql_query('SELECT title, admins FROM '.$prefix.'_modules where title=\''.$module_name.'\'');
list($title, $admins) = $db->sql_fetchrow($query);

I changed $title on line 30 to $title2 like this:

Code:

$query = $db->sql_query('SELECT title, admins FROM '.$prefix.'_modules where title=\''.$module_name.'\'');
list($title2, $admins) = $db->sql_fetchrow($query);

The problem was the variable was getting highjacked when the form redirected back to the admin page. That seemed to fix the problem and didn't seem to affect anything else.

I also noticed that when I opened the programmed article to edit it, that the topic was not selected in the topic dropdown. I found another problem on line line 545 in the function autoEdit.

Code:

if ($topicid==$topic) { $sel = 'select="selected"'; }

I changed the "select" to "selected" like this;

Code:

if ($topicid==$topic) { $sel = 'selected="selected"'; }

I thought I should bring this to your attention since you are working on the new version so it can get fixed if you haven't caught it already.

You have done some great work with this script. Over all it is rock solid. Looking forward to the new version.

Rick

fkelly · Posted: Sat Nov 10, 2007 6:34 am

Thank you. We will look into this for 2.20. I'll report back here what we find once we get a chance to verify and test it.

fkelly · Posted: Sat Nov 10, 2007 11:35 am

I have taken a preliminary look at this issue and I will post it in our issue tracker (that's internal the the RN team).

The selected=selected fix is a good one and I'm going with that.

On the other issue, of $title ... what I'm looking at instead is changing $title within the autoedit and autosavedit functions to $story_title consistently. The problem here is that $title is being used in two contexts. For the modules table there is a title field that is the name of the module. We want that to be set to "news" because we need to parse the admins field of the news record in that table to see if the person is a news administrator. I haven't established that changing that would cause problems but instinct tells me to leave it alone.

There is also a text input field within autoedit that is named title. I'm changing that to story_title too. A lot of times Nuke relies, insecurely, on the implicit assignment of form fields to variables instead of explicitly checking for $_POST. We are trying to change that as we go but in this case I'm leaving it alone but renaming the form input field so that whatever is in there will always come out as $story_title.

I also of course had to change the parameter list in the function call in the case statement and in the function itself to reference $story_title.

As I say I've run some preliminary tests on my test site and will continue to look at this. Any comments welcome. We will definitely have the fix in 2.20. And again thanks for bringing it up.

montego · Posted: Sat Nov 10, 2007 2:50 pm

fkelly, thanks for taking this one on. There is another thread on this here:

Only registered users can see links on this board!
Get registered or login to the forums!

amber222 · Hangin' Around Joined: Jun 09, 2004 Posts: 45

Could you please verify the fix, as I'm not sure I understand. Am I supposed to search the autoedit and autosavedit functions in modules/news/admin/index.php and change every instance of $title to $story_title?

fkelly · Posted: Mon Dec 31, 2007 9:14 am

Amber, I'm sorry that I just don't have the time to go tracking back thru all this. This issue is fixed in 2.20 and will be out "soon".