Fear In The Heart logo
     
Login: Password:

Navigation
Members

Register Members Members
New Post Listing

Menu Item UPDATE

FORUM INDEX >> Public >> PHP Clan Website


Login to reply!
Current Page: Viewing Posts:
1 to 7 of 7 posts


     
 
Poster Message
#6404
x REDRUM 781 x
Forum



Private
One little thing that has always bothered me was the still visible link to the page you are on in the Navigation box.

What I am talking about is if you are in the forum for instance, and you look at the Nav Box, the Forum link is still active.

To disable it, simple open your /phpclanwebsite/boxes/navagation.php.inc file in your text editor and look for the following line (approx line 90)
Code:
        echo "&middot <a target='$url_target' href="$n_link_url">$n_link_name</a><br />";


and change it to this
Code:
    if ((empty($pagename)) && ($n_link_url == "index.php")) { $n_link_url2 = "javascript:void(0)"; $n_link_name2 = ">><em>$n_link_name</em><<";
    } elseif ($n_link_url == "index.php?page=".$pagename) { $n_link_url2 = "javascript:void(0)"; $n_link_name2 = ">><em>$n_link_name</em><<";  
    } else { $n_link_url2 = "$n_link_url"; $n_link_name2 = "$n_link_name"; }
        echo "&middot <a target='$url_target' href="$n_link_url2">$n_link_name2</a><br />";


It will disable the link to the page you are currently on and make it appear it like the following
>>Forum<<

Very simple little fix that has always bothered me.

ALSO, on your forum for code, it is still displaying the HTML instead of filtering it out and showing the raw HTML code.

On the line I just posted above the "dot" is showing instead of the HTML code for it which is "& m i d d o t ;" with no spaces in it.

» Last Edited By x REDRUM 781 x @ Mar 28, 2011, 3:17pm

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Mar 28, 2011, 3:05pm View x REDRUM 781 x's Profile Private Message x REDRUM 781 x


     
 
Poster Message
#6407
(v)orpheus
Owners/Senior Leaders



Major
How's that change for ya regarding the Navigation? Big grin

I don't know how to fix the DOT issue. I did notice that's there are two parts to the problem. (1) the dot is stored as such in the database, not as the code. (2) showing it on the page as code instead of as a dot.

» Last Edited By (v)orpheus @ Mar 30, 2011, 10:13am

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


Mar 30, 2011, 8:54am View (v)orpheus's Profile Private Message (v)orpheus


     
 
Poster Message
#6409
x REDRUM 781 x
Forum



Private
Yeah, what is going to have to be done to fix the issue is two parts;

FIRST, when displaying the forum post, is to strip the part of the forum post between the "code" brackets and then process it with "noHTML" command, then display it in the table with the code in it.

SECOND, when it stores the forum post, it needs to use the "noHTML" command to strip it before the script stores it or use "quotemeta" and "addslashes" command.

Probably the second is all that is need. I am going to look at it now. I have to find an original version of the forum post script as mine is modded to use FCK Editor as the entry method. I have one somewhere on my pc somewhere.

» Last Edited By x REDRUM 781 x @ Mar 30, 2011, 11:49am

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Mar 30, 2011, 11:30am View x REDRUM 781 x's Profile Private Message x REDRUM 781 x


     
 
Poster Message
#6410
x REDRUM 781 x
Forum



Private
Let me elaborate,

when posting the reply/new post: you need to first chop the data then add the slashes like so...
NOTE: THIS IS ONLY AN EXAMPLE, I HAVE NOT COMPLETELY RESEARCHED THIS AS I FORGOT WHERE THE NECESSARY FILES ARE TO CHANGE THIS. THIS IS JUST 'OFF THE TOP OF MY HEAD' EXAMPLE.
Code:
$post_data=$_POST['post_data'];
$post_data=chop($post_data);
$post_data=quotemeta($post_data);
$post_data=addslashes($post_data);

then use the following function to remove the slashes before displaying the data....
Code:
function no_magic_quotes($query) {
        $data = explode("",$query);
        $cleaned = implode("",$data);
        return $cleaned;
}

And us the following call to the function....
Code:
$post_data = $row["post_data"];
$post_data = no_magic_quotes($post_data);


I will have to look to see where this should be implemented to fix this.

» Last Edited By x REDRUM 781 x @ Mar 30, 2011, 11:58am

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Mar 30, 2011, 11:57am View x REDRUM 781 x's Profile Private Message x REDRUM 781 x


     
 
Poster Message
#6412
x REDRUM 781 x
Forum



Private
Try this on a test site:
On your /pcw/mysql_phpclanwebsite.inc file add the function to clean the slashes
Code:
function no_magic_quotes($query) {
        $data = explode("",$query);
        $cleaned = implode("",$data);
        return $cleaned;
}

I would add it at the top below the
Quote:
//** DO NOT EDIT BELOW **//
// EXTRA SECURITY SETTING To PREVENT DIRECT LINKING LEAK
If (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME']))
{
// tell people trying To access this file directly goodbye...
Header("Location: ../index.php"Winks;
die();
}
//** DO NOT EDIT ABOVE **//
// *** Functions For the Page Load Timer *** //


Then on your /pcw/forum_post.php file look around line 121 for
Quote:
$insertSQL2 = sprintf("INSERT INTO cws_forum_data (thread_id, post_poster, post_ip, post_date_time, post_title, post_desc, post_data) VALUES (%s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString("$thread_id", "int"Winks,
GetSQLValueString($current_member_id, "int"Winks,
GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"Winks,
GetSQLValueString($today, "date"Winks,
GetSQLValueString($_POST['post_title'], "text"Winks,
GetSQLValueString(htmlspecialchars($_POST['post_desc']), "text"Winks,
GetSQLValueString(htmlspecialchars($_POST['details']), "text"Winks);
and change to this
Code:
  $post_details=$_POST['details'];
  $post_details=chop($post_details);
  $post_details=quotemeta($post_details);
  $post_details=addslashes($post_details);
  $insertSQL2 = sprintf("INSERT INTO cws_forum_data (thread_id, post_poster, post_ip, post_date_time, post_title, post_desc, post_data) VALUES (%s, %s, %s, %s, %s, %s, %s)",
  GetSQLValueString("$thread_id", "int"),
  GetSQLValueString($current_member_id, "int"),
  GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"),
  GetSQLValueString($today, "date"),
  GetSQLValueString($_POST['post_title'], "text"),
  GetSQLValueString(htmlspecialchars($_POST['post_desc']), "text"),
  //GetSQLValueString(htmlspecialchars($_POST['details']), "text"));
  GetSQLValueString($post_details, "text"));
Save that then open /pcw/forum_reply.php and start with line 111
Quote:
$insertSQL = sprintf("INSERT INTO cws_forum_data (thread_id, post_poster, post_ip, post_date_time, post_title, post_desc, post_data) VALUES (%s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($par, "int"Winks,
GetSQLValueString($current_member_id, "text"Winks,
GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"Winks,
GetSQLValueString($today, "date"Winks,
quote_smart($row_thread_info['post_title']),
quote_smart($row_thread_info['post_desc']),
GetSQLValueString(htmlspecialchars($_POST['details']), "text"Winks);
and change it to this
Code:
  $post_details=$_POST['details'];
  $post_details=chop($post_details);
  $post_details=quotemeta($post_details);
  $post_details=addslashes($post_details);
  $insertSQL = sprintf("INSERT INTO cws_forum_data (thread_id, post_poster, post_ip, post_date_time, post_title, post_desc, post_data) VALUES (%s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($par, "int"),
                       GetSQLValueString($current_member_id, "text"),
                       GetSQLValueString($_SERVER['REMOTE_ADDR'], "text"),
                       GetSQLValueString($today, "date"),
                       quote_smart($row_thread_info['post_title']),
                       quote_smart($row_thread_info['post_desc']),
                       //GetSQLValueString(htmlspecialchars($_POST['details']), "text"));
             GetSQLValueString($post_details, "text"));
then go on down to around lines 314 looking for the following
Quote:
for ($a=0; $a < $SQL_Rows; $a++)
{
$SQL_Array=mysql_fetch_array($SQL_Result);
$post_id = htmlspecialchars($SQL_Array["post_id"]);
$post_poster = htmlspecialchars($SQL_Array["post_poster"]);
$date = htmlspecialchars($SQL_Array["post_date_time"]);
$post_title = htmlspecialchars($SQL_Array["post_title"]);
$post_desc = htmlspecialchars($SQL_Array["post_desc"]);
$post_data = $SQL_Array["post_data"];
$post_ip = htmlspecialchars($SQL_Array["post_ip"]);
and change it to this
Code:
for ($a=0; $a < $SQL_Rows; $a++)
    {
    $SQL_Array=mysql_fetch_array($SQL_Result);
    $post_id = htmlspecialchars($SQL_Array["post_id"]);
    $post_poster = htmlspecialchars($SQL_Array["post_poster"]);
    $date = htmlspecialchars($SQL_Array["post_date_time"]);
    $post_title = htmlspecialchars($SQL_Array["post_title"]);
    $post_desc = htmlspecialchars($SQL_Array["post_desc"]);
    $post_data = $SQL_Array["post_data"];
  $post_data = no_magic_quotes($post_data);
    $post_ip = htmlspecialchars($SQL_Array["post_ip"]);
Save it then open /pcw/forum_view_post.php and look for line 205
Quote:
<td class="forumpost" valign="middle"><?php $post_data = $row_forum_data_grab['post_data']; $post_data = BBCodeNoHTML($post_data); $post_data = nono_filter($post_data); echo $post_data; ?>
and change it to this
Code:
    <td class="forumpost" valign="middle"><?php $post_data = $row_forum_data_grab['post_data']; $post_data = BBCodeNoHTML($post_data); $post_data = nono_filter($post_data); $post_data = no_magic_quotes($post_data); echo $post_data; ?>
Then save it and see what that does.

I haven't tested this that is why I say try it on a testsite.

» Last Edited By x REDRUM 781 x @ Mar 30, 2011, 2:25pm

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Mar 30, 2011, 2:24pm View x REDRUM 781 x's Profile Private Message x REDRUM 781 x


     
 
Poster Message
#6414
x REDRUM 781 x
Forum



Private
Ok this fix half worked. It saved it to the database correctly, but did not display it correctly.

Looks like I need to a function with noHTML. I will look into it and just post a new forum thread on the fix.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Apr 1, 2011, 11:56am View x REDRUM 781 x's Profile Private Message x REDRUM 781 x


     
 
Poster Message
#6416
x REDRUM 781 x
Forum



Private
Fixed.. Had a DUH moment and figured it out..

I posted the solution here &gt;&gt; http://www.fearintheheart.com/fith/index.php?page=forum&amp;func=post&amp;par=894

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
CALMING THE DISTURBED, AND DISTURBING THE CALM
Midnight Clan Wars


Apr 1, 2011, 12:17pm View x REDRUM 781 x's Profile Private Message x REDRUM 781 x
Current Page:
Viewing Posts:
1 to 7 of 7 posts

Login to reply!
FORUM INDEX >> Public >> PHP Clan Website

Show Permissions



     
  Forum Info
Forum Avatar Our users have posted a total of 2886 articles
We have 148 registered users
In total there is 2 users online :: 0 Members and 2 Guests
[ Owners/Senior Leaders ] [ Leaders ] [ Fear-some - #fith ] [ Inactive ] [ Forum ] [ Fear the Chileans ] [ The Ashamed ]
Registered Users:
:: This data is based on user activity over the past five minutes ::



     
     

Valid CSS!


Page loaded in
0.224436 seconds