Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

CNB YA Problem...
Goto page 1, 2  Next		 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.5
Author Message
JRSweets
Worker
Worker



Joined: Aug 06, 2004
Posts: 192
PostPosted: Fri Oct 22, 2004 12:17 pm Reply with quote
First does anyone know what the difference between NSN YA and CNB YA is? I can't figure it out since that are almost identical in coding.

Now onto the problem, this is from modules/Your_Account/admin/modify_user.php:
Code:
echo "<tr><td bgcolor='$bgcolor2'>"._INTERESTS.":</td><td><input type='text' name='chng_user_interest' value='".$chnginfo['user_interests']."' size='25' maxlength='255'></td></tr>\n";


Say this is a users interest:
Code:
Computer's and stuff


If you click on edit user as the admin you will see in the interests field is:
Code:
Computer


Why does it cut everything after the ' ? When I change it from "input" to "textarea" it show the full data.
 
View user's profile Send private message
beetraham
Regular
Regular



Joined: Dec 13, 2003
Posts: 94
Location: Finland (EU)
PostPosted: Fri Oct 22, 2004 1:32 pm Reply with quote
JRSweets wrote:
First does anyone know what the difference between NSN YA and CNB YA is? I can't figure it out since that are almost identical in coding.

Now onto the problem, this is from modules/Your_Account/admin/modify_user.php:
Code:
echo "<tr><td bgcolor='$bgcolor2'>"._INTERESTS.":</td><td><input type='text' name='chng_user_interest' value='".$chnginfo['user_interests']."' size='25' maxlength='255'></td></tr>\n";


Say this is a users interest:
Code:
Computer's and stuff


If you click on edit user as the admin you will see in the interests field is:
Code:
Computer


Why does it cut everything after the ' ? When I change it from "input" to "textarea" it show the full data.


Not completely sure whether this could do the job, but why don't you go ahead and try escaping it - i.e.;

Try using...

Code:
Computer\'s and stuff


...instead of;

Code:
Computer's and stuff



Just a wild guess - should have tried it myself before posting this, but let's give it a try.

Let me know if it doesn't work as suspected to - in that case, I'd like to get some more information from you related to code instantiation (it's already above as a reference, I suppose Smile ) - providing that it suits you.

BR,

-beetraham

_________________
- Let there be no windows at your home - 
View user's profile Send private message
JRSweets
PostPosted: Fri Oct 22, 2004 2:22 pm Reply with quote
I tried and then when looking at the users interest's you get:
Code:
Computer\'s and stuff


and then when you go to edit it you get:

[code]Computer\ [\code]

Its very strange, like I said the only way I found around this was to change the <input ... > to <textarea></textarea> like the signatures are. Infact it does this to all the fields that use <input ... >. It stops after a ' .


Last edited by JRSweets on Fri Oct 22, 2004 4:50 pm; edited 2 times in total 
beetraham
PostPosted: Fri Oct 22, 2004 2:41 pm Reply with quote
JRSweets wrote:
I tried and then when looking at the users interest's you get:
Code:
Computer\'s and stuff


and then when you go to edit it you get:

[code]Computer\[code]

Its very strange, like I said the only way I found around this was to change the <input ... > to <textarea></textarea> like the signatures are. Infact it does this to all the fields that use <input ... >. It stops after a ' .


JRSweets wrote:
I tried and then when looking at the users interest's you get:
[code]Computer\'s and stuff[/code]

and then when you go to edit it you get:

[code]Computer\[code]

Its very strange, like I said the only way I found around this was to change the <input ... > to <textarea></textarea> like the signatures are. Infact it does this to all the fields that use <input ... >. It stops after a ' .


Might be an issue related to stripslashes()'ing the data - the flow may not be consistently OK from that perspective - by far any chance got the possibility to receive all the code?
 
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496
PostPosted: Fri Oct 22, 2004 2:54 pm Reply with quote
Probably developed with magic quotes on I've made that mistake a few times.

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
JRSweets
PostPosted: Fri Oct 22, 2004 4:48 pm Reply with quote
This is that whole file. The full download is https://colaborar.softwarelivre.gov.br/download.php/41/CNB_Your_Account_750_430.zip

Code:
<?php





if (!eregi("modules.php", $_SERVER['SCRIPT_NAME'])) {


    header("Location: ../../../index.php");


    die ();


}


if (($radminsuper==1) OR ($radminuser==1)) {





$pagetitle = ": "._USERADMIN." - "._USERUPDATE;


include("header.php");


title(_USERADMIN." - "._USERUPDATE);


amain();


echo "<br>\n";


$result = $db->sql_query("select * from ".$user_prefix."_users where user_id='$chng_uid' or username='$chng_uid'");


if($db->sql_numrows($result) > 0) {


    $chnginfo = $db->sql_fetchrow($result);


   


       $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field");


        while ($sqlvalue = $db->sql_fetchrow($result)) {


         list($value) = $db->sql_fetchrow( $db->sql_query("SELECT value FROM ".$user_prefix."_cnbya_value WHERE fid ='$sqlvalue[fid]' AND uid = '$chnginfo[user_id]'"));


         $chnginfo[$sqlvalue[name]] = $value;


        }


   


    OpenTable();


    echo "<center><table border='0'>\n";


    echo "<form action='modules.php?name=$module_name&file=admin' method='post'>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._USERID.":</td><td><b>".$chnginfo['user_id']."</b></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._NICKNAME.":</td><td><input type='text' name='chng_uname' value='".$chnginfo['username']."'><br><b>"._YA_CHNGRISK."</b></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._NAME.":</td><td><input type='text' name='chng_name' value='".$chnginfo['name']."'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._URL.":</td><td><input type='text' name='chng_url' value='".$chnginfo['user_website']."' size='30' maxlength='60'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._EMAIL.":</td><td><input type='text' name='chng_email' value='".$chnginfo['user_email']."' size='30' maxlength='60'> <font class='tiny'>"._REQUIRED."</font></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._FAKEEMAIL.":</td><td><input type='text' name='chng_femail' value='".$chnginfo['femail']."' size='30' maxlength='60'></td></tr>\n";


    


      $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE need <> '0' ORDER BY pos");


       while ($sqlvalue = $db->sql_fetchrow($result)) {


         $t = $sqlvalue[fid];


        $value2 = explode("::", $sqlvalue[value]);


        if (strpos($sqlvalue[name],"_")==0) eval( "\$name_exit = $sqlvalue[name];"); else $name_exit = $sqlvalue[name];


        if (count($value2) == 1) { 


          echo "<tr><td bgcolor='$bgcolor2'>$name_exit</td><td bgcolor='$bgcolor3'><input type='text' name='nfield[$t]' value='".$chnginfo[$sqlvalue[name]]."' size='20' maxlength='$sqlvalue[size]'></td></tr>\n";


         } else {


          echo "<tr><td bgcolor='$bgcolor2'>$name_exit</td><td bgcolor='$bgcolor3'>";


         echo "<select name='nfield[$t]'>\n";


            for ($i = 0; $i<count($value2); $i++) {


           if (trim($chnginfo[$sqlvalue[name]]) == trim($value2[$i])) $sel = "selected"; else $sel = "";


              echo "<option value=\"".trim($value2[$i])."\" $sel>$value2[$i]</option>\n";


          }


         echo "</select>";


         echo "</td></tr>\n";


        }


      }


      


   echo "<tr><td bgcolor='$bgcolor2'>"._ICQ.":</td><td><input type='text' name='chng_user_icq' value='".$chnginfo['user_icq']."' size='20' maxlength='20'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._AIM.":</td><td><input type='text' name='chng_user_aim' value='".$chnginfo['user_aim']."' size='20' maxlength='20'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._YIM.":</td><td><input type='text' name='chng_user_yim' value='".$chnginfo['user_yim']."' size='20' maxlength='20'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._MSNM.":</td><td><input type='text' name='chng_user_msnm' value='".$chnginfo['user_msnm']."' size='20' maxlength='20'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._LOCATION.":</td><td><input type='text' name='chng_user_from' value='".$chnginfo['user_from']."' size='25' maxlength='60'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._OCCUPATION.":</td><td><input type='text' name='chng_user_occ' value='".$chnginfo['user_occ']."' size='25' maxlength='60'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._INTERESTS.":</td><td><input type='text' name='chng_user_interest' value='".$chnginfo['user_interests']."' size='25' maxlength='255'></td></tr>\n";


    if ($chnginfo['user_viewemail'] ==1) { $cuv = "checked"; } else { $cuv = ""; }


    echo "<tr><td bgcolor='$bgcolor2'>"._OPTION.":</td><td><input type='checkbox' name='chng_user_viewemail' value='1' $cuv> "._ALLOWUSERS."</td></tr>\n";


    if ($chnginfo['newsletter'] == 1) { $cnl = "checked"; } else { $cnl = ""; }


    echo "<tr><td bgcolor='$bgcolor2'>"._NEWSLETTER.":</td><td><input type='checkbox' name='chng_newsletter' value='1' $cnl> "._YES."</td></tr>\n";


    if ($Version_Num > 7.0) {


        $yacontent = "";


        $subnum = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'"));


        if ($subnum == 0) {


            $yacontent .= "<tr><td bgcolor='$bgcolor2'>"._SUBUSERASK.":</td><td><input type='radio' name='subscription' value='1'> "._YES."&nbsp;&nbsp;&nbsp;<input type='radio' name='subscription' value='0' checked> "._NO."</td></tr>";


            $yacontent .= "<tr><td bgcolor='$bgcolor2'>"._SUBPERIOD.":</td><td><select name='subscription_expire'>";


            $yacontent .= "<option value='0' selected>"._NONE."</option>";


            $yacontent .= "<option value='1'>1 "._YEAR."</option>";


            $yacontent .= "<option value='2'>2 "._YEARS."</option>";


            $yacontent .= "<option value='3'>3 "._YEARS."</option>";


            $yacontent .= "<option value='4'>4 "._YEARS."</option>";


            $yacontent .= "<option value='5'>5 "._YEARS."</option>";


            $yacontent .= "<option value='6'>6 "._YEARS."</option>";


            $yacontent .= "<option value='7'>7 "._YEARS."</option>";


            $yacontent .= "<option value='8'>8 "._YEARS."</option>";


            $yacontent .= "<option value='9'>9 "._YEARS."</option>";


            $yacontent .= "<option value='10'>10 "._YEARS."</option>";


            $yacontent .= "</select><input type='hidden' name='reason' value='0'></td></tr>";


        } elseif ($subnum == 1) {


            $yacontent .= "<tr><td bgcolor='$bgcolor2'>"._UNSUBUSER.":</td><td><input type='radio' name='subscription' value='0'> "._YES."&nbsp;&nbsp;&nbsp;<input type='radio' name='subscription' value='1' checked> "._NO."</td></tr>";


            $yacontent .= "<tr><td bgcolor='$bgcolor2'>"._ADDSUBPERIOD.":</td><td><select name='subscription_expire'>";


            $yacontent .= "<option value='0' selected>"._NONE."</option>";


            $yacontent .= "<option value='1'>1 "._YEAR."</option>";


            $yacontent .= "<option value='2'>2 "._YEARS."</option>";


            $yacontent .= "<option value='3'>3 "._YEARS."</option>";


            $yacontent .= "<option value='4'>4 "._YEARS."</option>";


            $yacontent .= "<option value='5'>5 "._YEARS."</option>";


            $yacontent .= "<option value='6'>6 "._YEARS."</option>";


            $yacontent .= "<option value='7'>7 "._YEARS."</option>";


            $yacontent .= "<option value='8'>8 "._YEARS."</option>";


            $yacontent .= "<option value='9'>9 "._YEARS."</option>";


            $yacontent .= "<option value='10'>10 "._YEARS."</option>";


            $yacontent .= "</select></td></tr>";


            $yacontent .= "<tr><td bgcolor='$bgcolor2'>"._ADMSUBEXPIREIN."</td><td>";


            $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'"));


            $diff = $row['subscription_expire']-time();


            $yearDiff = floor($diff/60/60/24/365);


            $diff -= $yearDiff*60*60*24*365;


            if ($yearDiff < 1) {


                $diff = $row['subscription_expire']-time();


            }


            $daysDiff = floor($diff/60/60/24);


            $diff -= $daysDiff*60*60*24;


            $hrsDiff = floor($diff/60/60);


            $diff -= $hrsDiff*60*60;


            $minsDiff = floor($diff/60);


            $diff -= $minsDiff*60;


            $secsDiff = $diff;


            if ($yearDiff < 1) {


                $rest = "$daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS."";


            } elseif ($yearDiff == 1) {


                $rest = "$yearDiff "._SBYEAR.", $daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS."";


            } elseif ($yearDiff > 1) {


                $rest = "$yearDiff "._SBYEARS.", $daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS."";


            }


            $yacontent .= "<font color='#FF0000'>$rest</font></td></tr>";


            $yacontent .= "<tr><td bgcolor='$bgcolor2' valign='top'>"._SUBREASON."</td><td><textarea name='reason' cols='60' rows='10'></textarea></td></tr>";


        }


        echo "$yacontent";


    }


    if ($Version_Num > 6.9) {


        echo "<tr><td bgcolor='$bgcolor2'>"._YA_POINTS.":</td><td bgcolor='$bgcolor1'><input type='test' name='chng_points' value='".$chnginfo['points']."'></td></tr>\n";


    }


    echo "<tr><td bgcolor='$bgcolor2' valign='top'>"._SIGNATURE.":</td><td><textarea name='chng_user_sig' rows='6' cols='45'>".$chnginfo['user_sig']."</textarea></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._PASSWORD.":</td><td><input type='password' name='chng_pass' size='12' maxlength='12'></td></tr>\n";


    echo "<tr><td bgcolor='$bgcolor2'>"._RETYPEPASSWD.":</td><td><input type='password' name='chng_pass2' size='12' maxlength='12'> <font class='tiny'>"._FORCHANGES."</font></td></tr>\n";


    //echo "<input type='hidden' name='chng_avatar' value='".$chnginfo['chng_avatar']."'>\n";


    echo "<input type='hidden' name='chng_uid' value='$chng_uid'>\n";


    echo "<input type='hidden' name='old_uname' value='".$chnginfo['username']."'>\n";


    echo "<input type='hidden' name='old_email' value='".$chnginfo['user_email']."'>\n";


    echo "<input type='hidden' name='op' value='modifyUserConf'>\n";


    if (isset($query)) { echo "<input type='hidden' name='query' value='$query'>\n"; }


    if (isset($min)) { echo "<input type='hidden' name='min' value='$min'>\n"; }


    if (isset($xop)) { echo "<input type='hidden' name='xop' value='$xop'>\n"; }


    echo "<tr><td align='center' colspan='2'><input type='submit' value='"._SAVECHANGES."'></td></tr>\n";


    echo "</form>\n";


    echo "<form action='modules.php?name=$module_name&file=admin' method='post'>\n";


    if (isset($query)) { echo "<input type='hidden' name='query' value='$query'>\n"; }


    if (isset($min)) { echo "<input type='hidden' name='min' value='$min'>\n"; }


    if (isset($xop)) { echo "<input type='hidden' name='op' value='$xop'>\n"; }


    echo "<tr><td align='center' colspan='2'><input type='submit' value='"._CANCEL."'></td></tr>\n";


    echo "</form>\n";


    echo "</table></center>\n";


    CloseTable();


} else {


    OpenTable();


    echo "<center><b>"._USERNOEXIST."</b></center>\n";


    CloseTable();


}


include("footer.php");





}





?>
 
sixonetonoffun
PostPosted: Fri Oct 22, 2004 6:09 pm Reply with quote
I haven't even got that far lol I keep getting a parse error everywhere that
eval() is used! Grrr!

Edit: Doh! it was the 0 in the order of the fields in the first field!
 
sixonetonoffun
PostPosted: Sat Oct 23, 2004 7:11 am Reply with quote
As a temp fix try adding this to your htaccess file in your webroot
php_flag magic_quotes_gpc on

There is a ton of places were this needs to be fixed it should be submitted to André V Escudero as a legit bug report.
 
sixonetonoffun
PostPosted: Sat Oct 23, 2004 8:53 am Reply with quote
Update: I submitted a bug report here if you wish to add comments to it.
https://colaborar.softwarelivre.gov.br/tracker/index.php?func=detail&aid=2&group_id=21&atid=105
 
JRSweets
PostPosted: Sat Oct 23, 2004 11:32 pm Reply with quote
Thank you for submitting the report for me. I tried to go to their site but I cannot speak spanish. There seems to be lots of bugs with CNB YA. Alot of little spelling errors.

$row['femial'] should be $row['femail']
$row['intrests'] should be $row['interests']

These errors are thru out the module.

I tried you suggestion in the htaccess file. It still did not work. The only way I can get it to work, is change the <input> box to a <textarea> then it will display the whole item.
 
sixonetonoffun
PostPosted: Sun Oct 24, 2004 8:33 am Reply with quote
Ok I found these
Search String: femial
Replace String: femail
Path: \pnuke75\modules\Your_Account\admin
Processing file : \pnuke75\modules\Your_Account\admin\modifyuser.php
Line 32 -

Search String: intrests
Replace String: interests
Path: \pnuke75\modules\Your_Account\admin

Processing file : \pnuke75\modules\Your_Account\admin\detailsuser.php
Line 46 -
Processing file : \pnuke75\modules\Your_Account\admin\finduser.php
Line 37 -
Found 1 occurrences.
Processing file : \pnuke75\modules\Your_Account\admin\modifyuser.php
Line 59 -
 
JRSweets
PostPosted: Mon Oct 25, 2004 6:35 am Reply with quote
What program did you use for that search?
 
sixonetonoffun
PostPosted: Mon Oct 25, 2004 7:30 am Reply with quote
http://www.funduc.com/search_replace.htm
 
escudero
New Member
New Member



Joined: Oct 25, 2004
Posts: 9
PostPosted: Mon Oct 25, 2004 11:14 am Reply with quote
sixonetonoffun wrote:
Update: I submitted a bug report here if you wish to add comments to it.
https://colaborar.softwarelivre.gov.br/tracker/index.php?func=detail&aid=2&group_id=21&atid=105


Hello sixonetonoffun,
thanks for your repost.
Can you test the new file for me?
I think that we can do a great module working together.

https://colaborar.softwarelivre.gov.br/tracker/index.php?func=detail&aid=2&group_id=21&atid=105

Bests regards,
André
 
View user's profile Send private message Send e-mail
sixonetonoffun
PostPosted: Mon Oct 25, 2004 9:59 pm Reply with quote
André
Seems the quotes are handled ok with the custom form fields but the Interests and the other predefined fields still aren't being escaped. At least not from the admin edit page.
 
escudero
PostPosted: Mon Oct 25, 2004 11:08 pm Reply with quote
Hello sixonetonoffun,
I puted the correct files here
https://colaborar.softwarelivre.gov.br/tracker/index.php?func=detail&aid=4&group_id=21&atid=105
to test.
I think that it can not have more error. I think Wink

Very thanks.

May I put your name (name, email and site) in the module credits?
 
sixonetonoffun
PostPosted: Tue Oct 26, 2004 6:00 am Reply with quote
André
No no no! You just go on working on this much needed module and we'll continue breaking it until its as solid as it can be!
 
JRSweets
PostPosted: Tue Oct 26, 2004 7:16 am Reply with quote
escudero wrote:
Hello sixonetonoffun,
I puted the correct files here
https://colaborar.softwarelivre.gov.br/tracker/index.php?func=detail&aid=4&group_id=21&atid=105
to test.
I think that it can not have more error. I think Wink

Very thanks.

May I put your name (name, email and site) in the module credits?

Problem still exists in the admin edit page.
 
sixonetonoffun
PostPosted: Tue Oct 26, 2004 8:46 am Reply with quote
deinstall fails using the CNB_Your_Account_750_430 cnbya.php.
Fix:
Open cnbya.php
Find around line 41
echo "<option value='destall'>Destall $pagetitle</option>\n";
Change to:
echo "<option value='deinstall'>Destall $pagetitle</option>\n";

Then Find:
case "deinstall":

Replace the entire block of code with this:
Code:



case "deinstall":


        $pagetitle = "CNB Your Account: Destall";


        include("header.php");


        title("$pagetitle");


        OpenTable();


        echo "Operation Status!<br>\n";


        echo "<hr>\n";


        global $db, $prefix, $user_prefix;


        $result = $db->sql_query("DROP TABLE ".$prefix."_cnbya_config");


        if (!$result) { $result = $db->sql_query("DROP TABLE IF EXISTS ".$user_prefix."_cnbya_config");}


        if (!$result) { echo "- Destall ".$prefix."_cnbya_config failed<br>\n"; } else { echo "- Destall ".$prefix."_cnbya_config succeded<br>\n"; }


        $result = $db->sql_query("DROP TABLE ".$prefix."_cnbya_field");


        if (!$result) { $result = $db->sql_query("DROP TABLE IF EXISTS ".$user_prefix."_cnbya_field");}


        if (!$result) { echo "- Destall ".$prefix."_cnbya_field failed<br>\n"; } else { echo "- Destall ".$prefix."_cnbya_field succeded<br>\n"; }


        $result = $db->sql_query("DROP TABLE ".$prefix."_cnbya_value");


        if (!$result) { $result = $db->sql_query("DROP TABLE IF EXISTS ".$user_prefix."_cnbya_value");}


        if (!$result) { echo "- Destall ".$prefix."_cnbya_value failed<br>\n"; } else { echo "- Destall ".$prefix."_cnbya_value succeded<br>\n"; }


        $result = $db->sql_query("DROP TABLE ".$prefix."_cnbya_value_temp");


        if (!$result) { $result = $db->sql_query("DROP TABLE IF EXISTS ".$user_prefix."_cnbya_value_temp");}


        if (!$result) { echo "- Destall ".$prefix."_cnbya_value_temp failed<br>\n"; } else { echo "- Destall ".$prefix."_cnbya_value_temp succeded<br>\n"; }





        echo "<hr>\n";


        echo "Operation Complete!<br>\n";


        echo _GOBACK."\n";


        CloseTable();


        include("footer.php");


    break;


This removes most any config possible but not old NSN-YAT table names but they shouldn't exist so I don't think that should be ab issue.
 
escudero
PostPosted: Tue Oct 26, 2004 11:45 am Reply with quote
Hello Community,

thanks for all. Tell me if you found some more error.
Some spelling error are from original NSN YA.
Is difficult found all error alone.

We are found together.

Thanks!!

ps. sorry by my bad english
 
JRSweets
PostPosted: Tue Oct 26, 2004 12:28 pm Reply with quote
Another problem is that you cannot log in as admin using the included blocks. This code in the top of modules/Your_Account/includes/functions.php
Code:
if (!eregi("modules.php", $_SERVER['SCRIPT_NAME'])) { 


header("Location: ../../../index.php"); 


die (); 


}


This code is in the top of the two included login
blocks.

Code:
include_once 


("modules/Your_Account/includes/functions.php"); 


$ya_config = ya_get_configs();


This code conflicts and won't let you login as the
admin if you use either of the blocks included in your
package. To use the block you have to comment out the
code at the top of the modules/Your_Account/includes/functions.php file.
Code:
//if (!eregi("modules.php", $_SERVER['SCRIPT_NAME'])) { 


//header("Location: ../../../index.php"); 


//die (); 


//}
 
escudero
PostPosted: Tue Oct 26, 2004 4:56 pm Reply with quote
Hello,

the beta 2 version is there:
https://colaborar.softwarelivre.gov.br/project/showfiles.php?group_id=21&release_id=38
Any more problems with this version?

Do you have idea to solve the problem of this user?:
http://dev.phpnuke.org.br/modules.php?name=Forums&file=viewtopic&t=279

André
 
sixonetonoffun
PostPosted: Tue Oct 26, 2004 7:36 pm Reply with quote
cnbya.php line 42 is still a spelling error
deinstall fails using the CNB_Your_Account_750_430 cnbya.php.
Fix:
Open cnbya.php
Find around line 42
echo "<option value='deistall'>Destall $pagetitle</option>\n";
Change to:
echo "<option value='deinstall'>Destall $pagetitle</option>\n";

Still brainstroming the single quote being appended issue no great ideas though Crying or Very sad
 
escudero
PostPosted: Tue Oct 26, 2004 8:40 pm Reply with quote
[quote="sixonetonoffun"]cnbya.php line 42 is still a spelling error
deinstall fails using the CNB_Your_Account_750_430 cnbya.php.
Fix:
Open cnbya.php
Find around line 42
echo "<option value='deistall'>Destall $pagetitle</option>\n";
Change to:
echo "<option value='deinstall'>Destall $pagetitle</option>\n";
quote]

Bang Head I think that I am blind person. I dont know if is my son, or my work.
I will liberate the 4.3.2 alpha today.

Thanks worship
 
escudero
PostPosted: Thu Oct 28, 2004 6:28 pm Reply with quote
Hello sixonetonoffun,

what do you think, to change the original ya_fixtext function:

Code:
function ya_fixtext($ya_fixtext) {


    if ($ya_fixtext == "") { return $ya_fixtext; }


    $ya_fixtext = stripslashes($ya_fixtext);


    $ya_fixtext = ereg_replace("\'","&acute;",$ya_fixtext);


    $ya_fixtext = ereg_replace("\"","&quot;",$ya_fixtext);


    $ya_fixtext = strip_tags($ya_fixtext);


    if (!get_magic_quotes_gpc()) { $ya_fixtext = addslashes($ya_fixtext); }; $ya_fixtext = addslashes($ya_fixtext);


    return $ya_fixtext;


}


to just this:
Code:
function ya_fixtext($ya_fixtext) {


    $ya_fixtext = addslashes($ya_fixtext);


    return $ya_fixtext;


}


?

Bests regards,
André
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.5
Goto page 1, 2  Next

 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©