Thanks. 
Matt
1,752 2007-06-10 14:06
Re: pun_htmlspecialchars (8 replies, posted in Programming)
So it's better to be excessive in its use then? So usernames, filenames and every other thing they may have had a dabble in naming? 
Cheers,
Matt
1,753 2007-06-10 13:33
Topic: pun_htmlspecialchars (8 replies, posted in Programming)
Just another quickie. What variables should the above generally be used upon? I know the page title is always done with it, but should other page headings and/or page displayed usernames be prepended by it also in the scripts?
Cheers,
Matt
1,754 2007-06-10 12:35
Re: www.Game-Warp.com/forums Consoles: PSP, PS3, 360, Wii & More! (9 replies, posted in PunBB 1.2 show off)
I know this sounds geeky, but might be worth ditching the W3C Xhtml icon/link at the bottom of the page.
1,755 2007-06-09 16:49
Re: Xhtml strict, form tags and javascript. (2 replies, posted in Programming)
Cheers. Worked a treat.
Needed to change it slightly for post.php to:
var txtarea = document.getElementById('post').msg;
and edit.php needs:
var txtarea = document.getElementById('edit').req_message;
Now got strict working on pretty much everything. (It becomes a bit of an obsession once you start cleaning up html).
Thanks again,
Matt
Edit: Btw, that one you posted above is the one for viewtopic.php, for the quick reply box.
1,756 2007-06-09 11:36
Re: Opinions? (7 replies, posted in PunBB 1.2 show off)
That secondary indicator has been ditched now. Thanks again.
1,757 2007-06-09 11:34
Topic: Xhtml strict, form tags and javascript. (2 replies, posted in Programming)
With regards to xhmtl1.0 strict, the 'name=' attribute isn't allowed in the '<form' tag, so is there any way to make the combination below work without it?
438 <script type="text/javascript">
439 function AddSmiley(text) {
440 var txtarea = document.post.req_message;
441 text = ' ' + text + ' ';
442 if (txtarea.createTextRange && txtarea.caretPos) {
443 var caretPos = txtarea.caretPos;
444 caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? caretPos.text + text + ' ' : caretPos.text + text;
445 txtarea.focus();
446 } else {
447 txtarea.value += text;
448 txtarea.focus();
449 }
450 }
451 </script>
452
453
454 <div class="blockform">
455 <h2><span><?php echo $lang_topic['Quick post'] ?></span></h2>
456 <div class="box">
457 <form id="post" name="post" method="post" action="post.php?tid=<?php echo $id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">Cheers,
Matt
1,758 2007-06-09 07:01
Re: Opinions? (7 replies, posted in PunBB 1.2 show off)
Strofanto wrote:
Yes you're showing http://bauchan.org/custom_punbb/img/VbS … m_lock.gif as background image and http://bauchan.org/custom_punbb/img/icons/offline.png as image
Oops. I'd forgotten about that one. Cheers for pointing that out.
1,759 2007-06-09 06:38
Re: Opinions? (7 replies, posted in PunBB 1.2 show off)
The registered user online bit?
1,760 2007-06-09 06:16
Re: Image? (15 replies, posted in PunBB 1.2 troubleshooting)
l3lueMage wrote:
I was using an include the AP_News_generator.php?
That's not how it works. It's a plugin.
1,761 2007-06-09 06:00
Topic: Opinions? (7 replies, posted in PunBB 1.2 show off)
I know I'll probably regret asking this, but what's the opinions on the layout and general design? The theme is Vb black. Some of the icons are hard coded, so are style independent, and general bits and bobs have been changed from the standard working methods.
1,762 2007-06-09 03:47
Re: Preview button on quick reply (5 replies, posted in PunBB 1.2 modifications, plugins and integrations)
You need to load the language file in viewtopic.php. Near the top of viewtopic.php, copy the line that looks like:
require PUN_ROOT.'lang/[language]/viewtopic.php';
and add another line like that beneath it, changing viewtopic to post.
1,763 2007-06-07 23:58
Re: How best to embed? (2 replies, posted in PunBB 1.2 discussion)
Cheers. That did the trick. Used the following. (I.E needs the <param bit. Opera, FF and SeaMonkey work fine without).
<object type="application/x-shockwave-flash" data="<?php echo $pun_config['o_base_url'] ?>/mod-addons/clock.swf" width="150" height="35">
<param name="movie" value="<?php echo $pun_config['o_base_url'] ?>/mod-addons/clock.swf"/>
</object>Thanks again,
Matt
1,764 2007-06-07 22:26
Topic: How best to embed? (2 replies, posted in PunBB 1.2 discussion)
Just wondering if anyone might know how best I might do a suitable conversion of the following to a format that will keep the W3C html validator happy.
<embed menu="false" width="150" height="35" src="./clock.swf"/>
Cheers,
Matt
1,765 2007-06-06 12:24
Re: register.php and require/include (29 replies, posted in Programming)
Cheers. That modified answer check bit works a treat. Hadn't noticed any warnings from the second session_start command, but have altered it to use your code verbatim for the answer check anyhow. I must have made a right royal cock up somewhere with my initial attempts at this script. At least now, thanks to your help, I think I've finally got the gist of exactly how the sessions work. (With a cartload of failed attempts along the way). Thanks ever so much for all the help you've given me on this, btw. It's greatly appreciated. Does it pass muster now on the scripting security side of things, as it is?
1,766 2007-06-06 03:30
Re: register.php and require/include (29 replies, posted in Programming)
Smartys wrote:
It's together with the other bit that it causes the issue (because ('' == null) evaluates to true)
That's so simple and sneaky at the same time. Thanks for the pointer. Right. Final attempt. It appears to be working fine now, with the vars being set in the require file. I can only think that I must have set the checks wrong and been destroying the session before I got chance to use it. So, here's the revised version following, (I hope), your guidelines.
Hopefully I've covered all the caveats now with this section below?
//------------------------------------------------//
session_start();
if (isset ($_SESSION['answer']) && $_SESSION['answer'] == '' || $_POST['spamcode'] != $_SESSION['answer'])
{
session_unset();
session_destroy();
message("$register_failed");
}
else if (isset ($_SESSION['answer']) && $_POST['spamcode'] == $_SESSION['answer'])
{
session_unset();
session_destroy();
}
//------------------------------------------------//The include/user/register.php file, (with the arrays stripped out to keep the post small).
<?php
$register_failed = 'The answer you supplied was incorrect. Please try again.';
session_start();
if (!isset($_SESSION['answer']) || $_SESSION['answer'] == '')
{
$number = rand(1, 4);
//----Arrays edited out for brevity----//
$_SESSION['hint'] = $hints[h.$number];
$_SESSION['answer'] = $answers[a.$number];
$_SESSION['question'] = $questions[q.$number];
}
?>Does that one cover requirements for security and such now? I've given it about ten test tries, and at least it seems consistent at last.
Cheers,
Matt
1,767 2007-06-06 02:15
Re: register.php and require/include (29 replies, posted in Programming)
Smartys wrote:
What happens if I don't have a valid session when I submit the form (like most bots won't)? All session variables won't be set.
Hope you don't mind me picking your brain again. In what way would this bit cause a problem?
Cheers,
Matt
1,768 2007-06-06 02:07
Re: register.php and require/include (29 replies, posted in Programming)
I hate this script. The empty post thing, that's one I missed. Easy enough to sort though. But........ not for love nor money will this work as intended when the session and variables are initialised in the external user/register.php script. And for the life of me I can't figure out why. I tried as you suggested last time and everything, and it just will not work.
Is that first section of the script in the root register.php file okay as is, (other than the lack of an empty post test)?
Cheers,
Matt
1,769 2007-06-05 23:55
Re: register.php and require/include (29 replies, posted in Programming)
Finally bested the beastie.
The session has to be started and the variables assigned in the register.php script itself, with another session start at the check point. The require script just needs to contain the arrays.
The method is:
register.php, (the new bits between the dashed lines):
if ($pun_config['o_regs_allow'] == '0')
message($lang_register['No new regs']);
//-----------------------------------------------------------------------------//
require_once PUN_ROOT.'include/user/register.php';
//-----------------------------------------------------------------------------// // Make sure we got a valid language string
if (isset($_POST['language']))
{
$language = preg_replace('#[\.\\\/]#', '', $_POST['language']);
if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
message($lang_common['Bad request']);
}
else
{
$language = $pun_config['o_default_lang'];
}
//-----------------------------------------------------------------------------//
// anti-spam code variable checked here. Customise to suit your needs.
session_start();
if (isset ($_POST['spamcode']) && $_POST['spamcode'] != $_SESSION['answer']) {
session_unset();
session_destroy();
message("$register_failed");
}
else if (isset ($_POST['spamcode']) && $_POST['spamcode'] == $_SESSION['answer']) {
session_unset();
session_destroy();
}
//-----------------------------------------------------------------------------////-----------------------------------------------------------------------------//
<div class="inform">
<fieldset>
<legend>Spambot prevention</legend>
<div class="infldset">
<?php
session_start();
$_SESSION['hint'] = $hints[h.$number];
$_SESSION['answer'] = $answers[a.$number];
$_SESSION['question'] = $questions[q.$number];
?>
<p><b>Question:</b> <?php echo $_SESSION['question']; ?></p>
<p><b>Hint:</b> <?php echo $_SESSION['hint']; ?></p>
<input method="post" type="text" name="spamcode" size="10" maxlength="10" /><br/>
</div>
</fieldset>
</div>
//-----------------------------------------------------------------------------//
<div class="inform">
<fieldset>
<legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend>
<div class="infldset">
<label><?php echo $lang_prof_reg['Timezone'] ?>:The contents of user/include/register.php, (new file):
<?php
$register_failed = 'The answer you supplied was incorrect. Please try again.';
$number = rand(1, 4);
//---Questions array---//
$questions = array(
'q1' => 'Test one',
'q2' => 'Test two',
'q3' => 'Test three',
'q4' => 'Test four'
);
//-----Hints array-----//
$hints = array(
'h1' => 'One',
'h2' => 'Two',
'h3' => 'Three',
'h4' => 'Four'
);
//----Answers array----//
$answers = array(
'a1' => 'One',
'a2' => 'Two',
'a3' => 'Three',
'a4' => 'Four'
);
?>Knew I'd beat it eventually.
1,770 2007-06-05 22:42
Re: how to fix urls after a conversion from vb? (12 replies, posted in PunBB 1.2 discussion)
Oops.
1,771 2007-06-05 22:34
Re: how to fix urls after a conversion from vb? (12 replies, posted in PunBB 1.2 discussion)
If the VB url's are like the top example you posted, the parser strips the ""'s by default.
1,772 2007-06-04 02:34
Re: What am i missing ??? (4 replies, posted in PunBB 1.2 troubleshooting)
Elmion wrote:
Hmmm
I only get standard and improved SQL no SQLite in the drop down :s
You need to compile PHP with SQLite support.
1,773 2007-06-03 19:31
Re: 4 forums in one database (28 replies, posted in Programming)
Now that this has been dragged back up, just to double check, those str_replace lines would need to go after:
function query($sql, $unbuffered = false)
{
in the db script?
Cheers,
Matt
1,774 2007-06-02 21:41
Re: IP to user assignment (8 replies, posted in PunBB 1.2 discussion)
Yup. That's pretty much what's happening. Like an octopus on acid. You never know which tentacle is gonna appear. It can be any one of about four IP's that the next connection will come from as a rule, so they're all over the place.
Cheers for the advice.
Matt
1,775 2007-06-02 18:29
Re: IP to user assignment (8 replies, posted in PunBB 1.2 discussion)
Right. I've obviously picked the totally wrong conclusion then. My apologies. That does lead onto another question, though. I have one user that I've noted, specifically using the AOL system, that when they shift pages, from a page requiring being logged in, to any other another page, their IP changes, yet the previous IP, (attributed correctly as guest in the username bit), is still appearing to be viewing pages requiring login. I know that technically they are logged in, and it's only the fact that the username has been correlated to a different IP, but is there any way to remove that previous IP from the table when the new IP is assigned to their username? It is merely to stop the 'appearance' that a guest is logged in and accessing pages they obviously can't.
p.s: I really hope the above makes sense.
Thanks again,
Matt