You are not logged in. Please login or register.
PunBB Forums → Posts by Smartys
No, it's very simple. You should be able to understand it just by looking at the code. 
Basically, when POSTing, you need to include a hidden field. The name should be csrf_token and the value should be the output of the function generate_form_token. The function takes one parameter, which is the absolute URL of the page you're submitting to.
Edit: Corrected the function name
Because it would very much go against the PunBB idea of being fast, small, and simple. And as Bekko said, some browsers don't support it, some users don't use Javascript, etc. Extensions are certainly free to implement AJAX-ish features, but I doubt we'll see them in the core.
And now, a couple comments after having looked at the code:
1. Extensions should not be putting files outside of their folders.
2. Extensions should not require modifying CSS files.
3. Your index page shouldn't give errors if the extension isn't installed (which your readme indicates it will): it should gracefully handle the problem
4. You shouldn't use short tags (<? as opposed to <?php).
5. This is just a "make your code look like the rest of PunBB code" thing, but when using query builder you should be using tablename AS t rather than just tablename (and selecting t.* as opposed to just *)
6. You use many hook names that were already assigned (copy/paste from admin/forums and include/cache?). That is bad and sure to mess up your code as soon as someone tries using those hooks.
7. Your extensions should support more than just MySQL.
8. Looking at the code, it seems like your "file" field allows for a directory traversal.
9. You would have been better served merging extensions/portal/admin/portal.php into hooks in admin/options.php so you don't have to replicate so much code.
Ooh, this ended up being much longer than I planned it. I'll stop now. 
Ooh, very nice 
SuperMAG: As the topics say, it IS how HTML works. There is no way for PunBB to reliably deal with the issue, so the burden is on the administrator to know what they're doing.
I don't see what we would add or why, other than as a demo
Definetely should fix this bug. User should choose installation language. Otherwise why we translate install.php in Lang directory?
We're still deciding the best way to give the user that choice. However, as far as I can tell, that's not what this topic is talking about. Then again, I'm really not sure what the person is trying to say
Yes, I'm planning on working on this as an official extension
He changed = to .=
And that won't work. It will cause an SQL error.
In any case, we've replaced the check in SVN with one that should restore all previous functionality.
Because per-style templates are only needed if you need a template that differs from the default. Oxygen doesn't.
extern.php outputs in either HTML or RSS format. The code you referred to outputs it in HTML. I don't know what CMS you're using or anything about your setup, so I can't possibly know whether that's all you need or not
Assuming your CMS accepts PHP in the templates and you replace that URL with the actual URL to your extern.php file, yes.
It doesn't really make much of a difference, I just find the one-liner neater
Actually, I was thinking:
$form['new_field'] = isset($_POST['form']['new_field']) ? '1' : '0';I meant use an isset on the POST value
And can't you just change $cur_post['is_online'] to NULL at vt_post_loop_start?
Aww, but it would look so much cooler!
You can modify the get_title function in include/functions.php to remove a call to pun_htmlspecialchars for the appropriate type of rank (I assume you're talking about the ones generated by number of posts). Keep in mind though that if someone can post HTML, they can do all kinds of bad and nasty things to your site. So, make sure you don't let users set their own titles using HTML.
Gizzmo: I guess you have display_errors off on your server.
qubertman: Use an isset
quaker: Very few companies I've seen disallow mod_rewrite 
I guess it might depend on the price you're paying for the hosting (eg: free hosts might not, places that oversell a lot might not to save CPU), but in general I can't recall any major host off the top of my head that doesn't allow it.
Take a look at the Image Awards mod
But in rev. 1478, this string has not been taken in it..
Which is why you point these things out to us, so we can fix them.
Thanks to suppose we're THE ONLY ones to attempt to get a REAL localization (means got translated EVEN the hardcoded values), but i'm not sure we're the only ones..
If you can point me to some other groups that are distributing translated versions with the same problem, I'd be happy to chastise them as well. It has nothing to do with you being "the only ones" (or not) and everything to do with how you went about dealing with hardcoded strings.
And ur not sincere (as a developer) : u encounter 3 times in a row the same word u have to translate, and u just translate the first one ? (note: u didn't give me the answer at "Are these values being used somewhere ?")
I would translate just the username, yes. Nothing else is displayed publicly (and I doubt even the username is). That's why I think translating this stuff was so silly: you might as well translate the database schema and the GPL preamble at the top of the code.
And you should be able to tell me if the strings are used anywhere: since PunBB.fr translated the strings, they should know what those translations changed.
Once more, this WOULD'NT HAVE HAPPENED IF ONLY THE SCRIPT WAS "localizing" (mean used lang files, which WAS NOT THE CASE). So please, don't reproach us things we're not responsible.
And once more, when we don't localize things, you should be reporting them to us so we can do so. You shouldn't be modifying the core files in order to create a language pack (although I know PunBB.fr created its own parallel version to get a "complete" translation of certain untranslatable features in 1.2, like the admin panel and install.php). The developers are not the ones creating localizations in most cases: thus, we can only know if something is needed if you tell us.
And as Bekko said, there's really no point in continuing this conversation. If you find hardcoded strings, tell us so we can deal with them. The database update script likely won't deal with mistranslated strings unless we find that it causes an issue and that a great number of people are affected by it. End of story.
Ooh, that looks really cool 
PunBG: Please take your discussion to the Beta talk forum
@Smartys : what u seem not to understand (sry), is that the only reason of changing things in php files (and therefor in the database) is the lack of using lang files in several occasions..
I'll quote myself:
Mpok: Then you point out where it's being used hardcoded so we can make sure it uses the language files, you don't unilaterally decide to edit the hardcoded text.
And for the other 'database changes', let's think about the 'New forum' string in install.php : this HAS to be localized also...
How wonderful for you then that Paul created lang/English/install.php
??? You mean changing '2' to '1' ? The conversion made in the general loop is not neither applicable nor sufficient for guest user. The fields needed to be converted ARE different from common users. So u need a special treatment, and then, more lines (only thing is that the three fields are likely to be the same, so the code can be reduced from the one i've provided, but not in lines, counting commentary one).
No, unless Guest was translated the three times it was used (username, password, email), in which case I really think this is an issue for PunBB.fr to deal with.
Everyone: But yeah, seriously, we can't help people who want to localize PunBB if they don't tell us when they have trouble doing so. If you find a hardcoded string, point it out so we can fix it.
PunBB Forums → Posts by Smartys
Powered by PunBB, supported by Informer Technologies, Inc.