| Author |
 Topic  |
|
lsakizada
New Member
USA
90 Posts |
 Posted - 31 July 2003 : 02:34:38
|
Hi,
Just browsing the dbs file, its content a bug. The creation of the tables created with double prefix.
my $0.02 for this nice contribution.. |
 |
|
|
lsakizada
New Member
USA
90 Posts |
Posted - 31 July 2003 : 03:04:12
|
oops couple more bugs:
1. No email validation.
2. No Zip code validation.
3. "How to Submit an Image" pop up the window but show error " The page cannot be found"
Thanks |
|
|
|
AWD_ENVY
Junior Member
103 Posts |
Posted - 31 July 2003 : 09:54:27
|
quote:
Originally posted by lsakizada
oops couple more bugs:
1. No email validation.
2. No Zip code validation.
I wouldn't call those bugs... more of lacking the featurequote:
3. "How to Submit an Image" pop up the window but show error " The page cannot be found"
Thats because you didn't copy the "howtosubpicc.htm" from the zip.
Kent: I'm looking into a good way to post the inline attatchment modification, but I've already hacked my install of the classifieds up to suit my purpose.
It's working quite well though. I'm also using the Image Resize mod to keep any uploaded pictures from destorting the Ad.
I'll try and post the code soon.
|
Edited by - AWD_ENVY on 31 July 2003 09:56:35 |
|
|
|
Ryan
Average Member
USA
858 Posts |
Posted - 31 July 2003 : 12:21:25
|
quote:
Originally posted by lsakizada
3. "How to Submit an Image" pop up the window but show error " The page cannot be found"
The page cannot be found indicates it isnt uploaded to your forum. Make sure you have done that. The link for me works. |
The Poultry Link - "Serving the best of the fancy with the best of the web"
Forum Setup Help |
|
|
|
AWD_ENVY
Junior Member
103 Posts |
Posted - 31 July 2003 : 12:38:33
|
Came accross 2 big bugs this morining.....
In ClassViewAds.asp Starting @ line #84:<%
catID = Request.Querystring("CatID")
if (request("mode") = "delete") and (mLev > 0) then
delSQL = "DELETE FROM " & strTablePrefix & "ADS_CONTENT WHERE ID=" & request("classID")
my_conn.execute (delSQL) %>
<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">Advert Deleted!</font></p>
<meta http-equiv="Refresh" content="2; URL=classViewAds.asp?catID=<%= catID %>">
<% response.end
end if
With the above, the script is only checking that the user is a registerd member of the forum, and if the requesting user is a member, it will delete the requested ad. Basicly people could start randomly deleting others ads by entering a url such as: http:||www_YourSiteName.com/forum/classViewAds.asp?classID=THE_NUMBER_OF_AD_TO_DELETE_HERE&mode=delete
Below is the patch that I've made on my site. Your welcome to use it, just be aware that I've changed the look of the delete notice(I think it looks better ).... Just replace the above code with whats below.
EDITED/PATCHED CODE:<%
catID = Request.Querystring("CatID")
if (request("mode") = "delete") then
ChkSQL = "Select added_By FROM " & strTablePrefix & "ADS_CONTENT WHERE ID=" & request("classID")
Set AdCheck = my_Conn.Execute(ChkSQL)
If mLev = 4 or AdCheck("added_by") = getNewMemberNumber() then
delSQL = "DELETE FROM " & strTablePrefix & "ADS_CONTENT WHERE ID=" & request("classID")
my_conn.execute (delSQL) %>
<meta http-equiv="Refresh" content="2; URL=classViewAds.asp?catID=<%= catID %>">
<br> <br>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="5" bgcolor="<% =strPageBGColor %>">
<tr>
<td bgcolor="<% =strForumCellColor %>"><div align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">
<br>
The Ad has been removed from the system!</font> <br>
<br>
</div></td>
</tr>
</table>
<br> <br>
<%
WriteFooter
ELSE
%>
<meta http-equiv="Refresh" content="2; URL=classifieds.asp">
<br> <br>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="5" bgcolor="<% =strPageBGColor %>">
<tr>
<td bgcolor="<% =strForumCellColor %>"><div align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">
<br>
You do not have permissions to remove this Ad !</font> <br>
<br>
</div></td>
</tr>
</table>
<br> <br>
<%
WriteFooter
END IF
Response.End()
end if
In ClassEditAds.asp Starting @ line #66:if Request.Form("adcontent") <> "" then
call EditingAD
else
Same Senerio as the first bug... With the above, the script is only checking that the user is a registerd member of the forum, and if the requesting user is a member, it will allow the Edit of the requested ad. Basicly people could start randomly editing others ads by entering a url such as: http:||www_YourSiteName.com/forum/classEditAd.asp?classID=THE_NUMBER_OF_AD_TO_EDIT_HERE
Below is the patch that I've made on my site. Your welcome to use it if you wish.... Just replace the above code with whats below.
ChkSQL = "Select added_By FROM " & strTablePrefix & "ADS_CONTENT WHERE ID=" & request("classID")
Set AdCheck = my_Conn.Execute(ChkSQL)
If mLev <> 4 AND AdCheck("added_by") <> getNewMemberNumber() then
%>
<meta http-equiv="Refresh" content="2; URL=classifieds.asp">
<br> <br>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="5" bgcolor="<% =strPageBGColor %>">
<tr>
<td bgcolor="<% =strForumCellColor %>"><div align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">
<br>
You do not have permissions to Edit this Ad !</font> <br>
<br>
</div></td>
</tr>
</table>
<br> <br>
<%
WriteFooter
Response.End()
END IF
if Request.Form("adcontent") <> "" then
call EditingAD
else
|
Edited by - AWD_ENVY on 31 July 2003 14:45:33 |
|
|
|
Ryan
Average Member
USA
858 Posts |
Posted - 31 July 2003 : 13:34:55
|
| WOW. thanks for letting me know! Ill update the .zip file ASAP. |
The Poultry Link - "Serving the best of the fancy with the best of the web"
Forum Setup Help |
|
|
|
Ryan
Average Member
USA
858 Posts |
Posted - 31 July 2003 : 13:47:28
|
.zip updated with current bug reports fixed. I fixed the code with what OneWay gave me (making the MOD compatible for all databases) and twice with what AWD ENVY suggested (the ' error and the security leaks).  Hope you all like it now and let me know of any more! |
The Poultry Link - "Serving the best of the fancy with the best of the web"
Forum Setup Help |
|
|
|
Davio
Development Team Member
Jamaica
12217 Posts |
Posted - 05 August 2003 : 07:34:46
|
| Reducks87, you uploaded this mod over at SnitzBitz.com. But the zip file is empty. I emailed you several days ago concerning it, but I heard no response from you. I have emailed you again, letting you know I will delete it within 24 hours if I haven't heard from you. |
Support Snitz Forums
|
|
|
|
Ryan
Average Member
USA
858 Posts |
Posted - 05 August 2003 : 10:43:24
|
Yes. I replied. A couple of days ago I had some difficulty receiving e-mail but that is fixed now. Sorry about that.  |
The Poultry Link - "Serving the best of the fancy with the best of the web"
Forum Setup Help |
|
|
|
DavidRhodes
Senior Member
United Kingdom
1222 Posts |
Posted - 05 August 2003 : 11:04:43
|
quote:
Originally posted by reducks87
Webbo,
Just wondering where you got that auction script?
Wondering that myself, found it on http://www.xcent.com/ |
The UK MkIVs Forum |
|
|
|
AWD_ENVY
Junior Member
103 Posts |
Posted - 05 August 2003 : 12:07:04
|
Here's two little quick addons if you guys want them. I know somepeople already did this, but nobody put out the code... so here it is. Not hard, but figured if it saved someone time.
Basicly, it's so you can list the "classified" category in the main Forums listing. It also allows you to put it in "active topics". Giving the count of "new ad's since your last visit".
I'm running MySQL, but the SQL syntax should work fine with MSSQL or Access.
http://66.165.92.149/Classified_CatListing_Addon.zip
|
Edited by - AWD_ENVY on 05 August 2003 12:12:58 |
|
|
|
Davio
Development Team Member
Jamaica
12217 Posts |
Posted - 05 August 2003 : 13:29:10
|
quote:
Originally posted by reducks87
Yes. I replied. A couple of days ago I had some difficulty receiving e-mail but that is fixed now. Sorry about that.
Don't worry about it. I downloaded the mod from your link in this topic and uploaded to your post at snitzbitz. |
Support Snitz Forums
|
|
|
|
lsakizada
New Member
USA
90 Posts |
Posted - 08 August 2003 : 04:27:07
|
Did somebody implemented pagings to the Viewads.asp page?
if not, Is anybody any idea how to do it? The number of items can be very big after a while.
The mod working good so far (development) except one issue related to Active User and Classified implementations..
see http://forum.snitz.com/forum/topic.asp?TOPIC_ID=46684
|
|
|
|
JMT
Starting Member
17 Posts |
Posted - 09 August 2003 : 18:17:06
|
I'm <WAS> having problems with MySQL as a backend. Tables are created, but never recognized by the .asp. Any clues at all???
Microsoft OLE DB Provider for ODBC Drivers error '80040e37'
[MySQL][ODBC 3.51 Driver][mysqld-4.0.13-nt]Table 'test.forum_ads_content' doesn't exist
___ What happened was that the table naming put an extra forum_ in front of 2 of the table names (possibly 3 including one now named forum_forum). Not sure if it was a bug or an anomalie, but after removing the extra forum_ from the table names all is well. I am curious about whether or not anone else had an issue with table name generation. |
Edited by - JMT on 10 August 2003 17:32:30 |
|
|
|
lsakizada
New Member
USA
90 Posts |
Posted - 11 August 2003 : 13:48:55
|
JMT,
I had this issue.
You resolved the issue already :) |
|
|
|
Topic |
|
Topic Locked
