You are not logged in. Please login or register.
PunBB Forums → Posts by Grez
Do I really need to include "implode("\n\t\t", $forum_page['hidden_fields)" in the form once the user is authenticated? I didn't use it, and it seems to work OK
I believe so. You don't need the whole array, but for each $_POST you have to use csfr_token...
In action.php, why is $_SESSION[] empty?
Well, actually it seems like PunBB doesn't use sessions at all *.*
This should work 
- you set csfr_token for each form individually.
I tried hashing URLs myself
If you want to do that, you have to use full url address (including "http://"...)
Ok, I checked PunBB code and your code and finally found the error 
Each time, when you send $_POST punBB will check, whether you send right CSFR token, which is sha1 hash of target url address. (./includes/common.php: line 124-6)
So your code should be like this. (Check line 7) 
It's a neat little application called Balsamiq Mockups. There are others, including the open-source Pencil, but it doesn't seem to have much traction (not enough icons).
Thx, I'll try it out
Administration > Users > Groups
Edit group and set "Post flood interval" at your will
You have to include common.php before you send any input to browser
BTW what program did you use for this image? Looks cool
I believe you find everything you need at $forum_user
require FORUM_ROOT.'include/common.php';
print_r($forum_user);
In signature you get error msg on [ code ][ quote ][ list ] BB codes, but this error doesn't exist in lang files. There's only $lang_profile['Signature quote/code'] one.
parser.php, line 60
if (preg_match('#\[quote(=("|"|\'|)(.*)\\1)?\]|\[/quote\]|\[code\]|\[/code\]|\[list(=([1a\*]))?\]|\[/list\]#i', $text))
$errors[] = $lang_profile['Signature quote/code/list'];BTW why are these tags disallowed at all? I'm sure some people would like use these tags in signatures. 
//Grez: Added ticket
I was thinking about adding my extensions to the Extension list on Wiki page, and well... I ended up reworking the page "a little bit" 
So I wanted to ask, whether you think it's good to continue this way (= ordering extensions by maxtested forum version) or stick with the old chaotic way
I think when these changes are completed, you can easily just come, see the extensions and tell apart active ones and old (maybe buggy) ones.
If you agree with me, I could use some help with that. Just check the maxtestedversion and try to obey rules (= alphabetic order, no link to author's profile at forum (guys, you don't need to boost your ego like that! Only thing that's coming from that is mess when you want to edit that table), link to extension topic, and description). Download link should be only at the topic so you don't have to search X pages for changing link when publishing new version of extension.
//Wasn't sure to which forum should I send this topic, so if it's wrong, please move it
Edit: Changes completed (now only thing that rest is adding extensions which weren't published at Wiki 
)
Logging script expects variables $_POST['req_username'] and $_POST['req_password'] - you are sending 'username' and 'password'
Hi
Well I guess one problem could be with these variables - input in forms don't have IDs (except those "fld1" and so, which won't help you wery much).
var username = $("#req_username").val();
...
Guess proper code should be like this
var username = $("input[name=req_username]").val();
...
Many people is used to this from other forum boards, so here's little extension
Info: This extension links to user's profile at index and viewforum on "last post". (see screenshots)
Download: .zip (v0.1.0)
Screenshots:
Without extension
With extension:
//BTW if someone thinks out better name (and description) for extension I'd be grateful
So would it be here (in post.php) that we could incorp another check (if user is guest)
Done (updated download link is in first post)
Nope, there's none (unless you programme it by yourself)
HOW WOULD I DO THIS CORRECTLY VIA EXTENSION?
Well, I guess this should work fine (actually better, because you don't need any CSS and you have alt text before the images load ):
<hook id="hd_visit_elements"><![CDATA[
if ($forum_user['may_post'])
$forum_page['page_post']['posting'] = '<p class="posting"><a class="newpost" href="'.forum_link($forum_url['new_topic'], $id).'"><span><img src="'.$ext_info['path'].'/img/new_topic.png" alt="'.$lang_forum['Post topic'].'" /></span></a></p>';
else if ($forum_user['is_guest'])
$forum_page['page_post']['posting'] = '<p class="posting"><a href="'.forum_link($forum_url['login']).'"><img src="'.$ext_info['path'].'/img/login.png" alt="'.$lang_common['login'].'" /></a> <a href="'.forum_link($forum_url['register']).'"><img src="'.$ext_info['path'].'/img/register.png" alt="'.$lang_common['register'].'" /></a></p>';
else
$forum_page['page_post']['posting'] = '<p class="posting"><img src="'.$ext_info['path'].'/img/new_topic_no_permission.png" alt="'.$lang_forum['No permission'].'" /></p>';
]]></hook>Just change those img names how you'd like them
BTW maybe if you don't plan to change images size too often you could add "width" and "height" attributes to those tags ;-)
Hi, I've made a little extension for that. You can try it out
It's for checking, whether user's browser has enabled cookies (you can't loggin without that). But in your case, you know that if he'd been logged OK you can remove it
It's for checking whether user was logged successfully
./include/common.php, 120
// Check to see if we logged in without a cookie being set
if ($forum_user['is_guest'] && isset($_GET['login']))
message($lang_common['No cookie']);You could add $_GET variable to the link and then at login.php check whether the variable is set.
./include/functions.php
line 446:
$links['logout'] = '<li id="navlogout"><a href="'.forum_link($forum_url['logout'], array($forum_user['id'], generate_form_token('logout'.$forum_user['id']))).'&blog=true">'.$lang_common['Logout'].'</a></li>';
line 452:
$links['logout'] = '<li id="navlogout"><a href="'.forum_link($forum_url['logout'], array($forum_user['id'], generate_form_token('logout'.$forum_user['id']))).'&blog=true">'.$lang_common['Logout'].'</a></li>';
./login.php
line 163:
($hook = get_hook('li_logout_pre_redirect')) ? eval($hook) : null;if(isset($_GET['blog'])) redirect('http://google.com', $lang_login['Logout redirect']);
redirect(forum_link($forum_url['index']), $lang_login['Logout redirect']);
$forum_user['is_guest']
Why don't you publish it under 1.3 Additions aswell seperately.
Well, it's not ready yet. I'd like to enhance it with more features.
Another question; if I have my forum open to guest posting
Yup, I could do that as well.
Actually, I was thing about little bit "reworking" the extension. At this state we disallow registering each IP which is at SFS.com db. But because of the data I had from my forum I think we should reconsider this and allow registration for users with less than some frequency rate (for example 5?) and those users would have to write a post which would be marked as "nospam" by users or mod.
It's a little bit confusing so here's an example how it would look for new user.
He tries to register -> we check whether he's at SFS.com and how many times -> if frequency is bigger than 5 he can't register, if not he can register but he's warned that if his posts don't get "nospam" approval from mods or users in next week (for example) he'll banned.
//hopefully no mod will edit this message
Surprised by that. Is it TOR users? Because most registrations I see by bots are from India, Pakistan, USA, Philippines, China...
Well there was for example a guy who had shared IP, which was in SFS db :-( True it was there only once, but we would block him 
Anyway! I wrote that script... Unfortunately, because performing a script which would compare huge amount of IPs with SFS db would take much time I used their .csv file with banned IPs. Sadly, the .csv file actually contains IPs with lastseen within last 90 days. So this means you are comparing only with ca. 50 000 IPs instead of a million
Anyway, this .zip file you just extract to your forum's root and start it.
Result should look like similar to this (hopefully )
Warning: This script can be demanding for your server if you have big forum.
IMO it wouldn't be that good idea:
it's unnecessary (why check IP's each time someone's logging in? isn't easier to do it just once?)
it's dangerous (actually, when I tried to check users on my forum I found that some of them were using IPs that were at SFS.com), so it would be funny if you had deleted them
and finally - there's easier way to check registered users. Actually I wrote a script for that yesterday. I could try to enhance it a little bit and I can publish it
replace parser.php, line 632
return '<a href="'.$full_url.'">'.$link.'</a>';with
return '<a href="http://hiderefer.com/?'.$full_url.'">'.$link.'</a>';Link fixed (I'm writing it here, cause I can't participate in closed topic like you two guys do )
PunBB Forums → Posts by Grez
Powered by PunBB, supported by Informer Technologies, Inc.