Tags Module

Posted: Wed Jan 20, 2010 6:19 pm

There is something I dont understand from this Tag Module. Can u please tell me if this is safe to run and what is the purpose of this one. Is it calling another site?

Code:

<?php


//Updated with new abstraction by Unicornio, Enjoy the new Module Nuke Easy Tags 1.0


if (!defined('MODULE_FILE')) {


    die ("You can't access this file directly...");


}





define('INDEX_FILE', true);


$index = 1; 


require_once("mainfile.php");








include("header.php");





OpenTable(); 


echo '<td width=\"100%\"  bgcolor=\"#D1D1D1\">';


 echo "<p>\n";


echo "<center><img border=\"0\" src=\"modules/Nuke_Easy_Tags/images/cloud.jpg\" width=\"457\" height=\"220\"></p>\n";





function unhtmlspecialchars ($string) {


        $string = str_replace ( '&amp;', '&', $string );


        $string = str_replace ( '$', '\'', $string );


        $string = str_replace ( '&quot;', '\"', $string );


        $string = str_replace ( '&lt;', '<', $string );


        $string = str_replace ( '&gt;', '>', $string );


       


        return $string;


}








function otoTag($tag,$link,$en_kucuk=10,$en_buyuk=28) {


//$renk='#'.dechex(rand(1,16)).dechex(rand(16,3)).dechex(rand(3,16)).dechex(rand(1,1)).dechex(rand(3,1)).dechex(rand(1,2));


$renk='#'.dechex(rand(1,16)).dechex(rand(1,16)).dechex(rand(0,16)).dechex(rand(0,16)).dechex(rand(0,16)).dechex(rand(0,16));


$boy=rand($en_kucuk,$en_buyuk);


echo '<a href="'.$link.'" 


style="font-size: ' . $boy . 'px;color:'.$renk.'" 


tag="' . $tag . '">' . $tag . '</a> ';





}








$sorgu=$db->sql_query("SELECT cid, tag FROM ".$prefix."_tags ORDER BY rand() limit 600"); 


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[tag],'modules.php?name=Tags&amp;op=list&amp;tag='.$sonuc[tag]);


}


 


   


$sorgu=$db->sql_query("SELECT word_id, word_text FROM ".$prefix."_bbsearch_wordlist order by RAND() limit 300");


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[word_text],'modules.php?name=Forums&file=tag&k_id='.$sonuc[word_id]);


}





$sorgu=$db->sql_query("SELECT id_subcatg,subcatg FROM ".$prefix."_ads_subcatg order by RAND() limit 200");


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[subcatg],'modules.php?name=Tags&amp;op=list&amp;tag='.$sonuc[subcatg]);


}


$sorgu=$db->sql_query("SELECT aid,title FROM ".$prefix."_cpg_albums order by RAND() limit 200");


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[title],'modules.php?name=Tags&amp;op=list&amp;tag='.$sonuc[title]);


}





$sorgu=$db->sql_query("SELECT categ_id,categ_title FROM ".$prefix."_multiheadlines_categ order by RAND() limit 200");


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[categ_title],'modules.php?name=Tags&amp;op=list&amp;tag='.$sonuc[categ_title]);


}





$sorgu=$db->sql_query("SELECT id,categoria FROM ".$prefix."_nuketube_categorias order by RAND() limit 200");


while ($sonuc=$db->sql_fetchrow($sorgu))


     { 


echo otoTag($sonuc[categoria],'modules.php?name=Tags&amp;op=list&amp;tag='.$sonuc[categoria]);


}








 


 


CloseTable();


include("footer.php");


?>

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

What part don't you understand? What makes you think it's calling another site? What is causing you to ask this in the Security Issues forum?

The comments at the top state the (supposed) purpose:
// Create subfolder in 'modules' folder of PHP-Nuke root directory and place generated file in it
// e.g. 'PhpNuke-root-dir\modules\your-module\index.php'

I am not trying to be a smart-a** - really. I just don't understand how you obtained a script that stated the purpose and then you ask for outside verification if it's safe to run. Did you d/l it from a reliable site? Does the site have a forum that discusses the script?

Posted: Thu Jan 21, 2010 2:44 am

I ask you this in the secutity forum because of the php warning error I get from mysql_fetch_array. If you run the script u will notice about spanish tags so I was thinking of other things but actually it is not my script. I am helping a friend of mine and I wanted to be sure everything is ok. I am not so familiar with Tags script. IF you think this post should be moved you have the right to do it. Thanks in advance for your reply.

registered · Posted: Thu Jan 21, 2010 7:33 am

unicornio, what is the exact error you are receiving? (remove any path information before you post)

Posted: Thu Jan 21, 2010 10:09 am

The script has been updated by me with new abstraction codes and it is working find. Create your own folder and activate the module. Enjoy. Wink

Posted: Sat Jan 23, 2010 2:28 pm

ah, ok, glad you got it figured out.