| Author |
 Topic  |
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
 Posted - 03 October 2003 : 07:33:27
|
Alright there,
I have active users 4.0.17 and Private Messages v3.4.01 installed.
It's been reported to me that when a member is sending a private message they can be clicked on in the active users panel and the private message they have just sent can be read... not very private ay 
Anyone come across this, any ideas if I've instaled it wrongly somewhere? |
http://www.carp-uk.net |
|
|
masterao
Senior Member
Sweden
1678 Posts |
Posted - 03 October 2003 : 09:12:41
|
| If you re-read the readme-file in the PM mod, you will find instructions for securing PMs in Active Users. Search for Code to Remove Private Messages from Active Users in the readme, and you will find the instructions. |
Jan
===========
FR Portal Forums | Active Users 4.0.20 Mod |
 |
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 03 October 2003 : 09:51:24
|
Thank you masterao I'll ava look  |
|
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 03 October 2003 : 10:12:23
|
Alright masterao,
I found it but it wasn't in the readme of the version I'm using, so far the code looks like it can be used in v3.4.01 is that correct?
Could you help me a little with inc_header.asp please!
Can I put the suggested code, the first piece of code (I won't post it here unless you need me too I assume you would know the code) above the line in green and blow the code above it?
'########### GROUP Categories ########### %>
<!--#INCLUDE FILE="inc_groupjump_to.asp" -->
<% '######## GROUP Categories ##############
Response.Write " <tr>" & vbNewLine & _
" <td>" & vbNewLine
sub sForumNavigation()
Thanks, Robin. |
Edited by - Doughnut on 03 October 2003 10:14:07 |
|
|
|
masterao
Senior Member
Sweden
1678 Posts |
Posted - 03 October 2003 : 12:35:10
|
I would advise you to add the latest version of PM, unless you have added all the bug- and security fixes yourself.
The AU code that I wrote should work for the PM version that you are using.
The only changes needed for AU is in the file active_users.asp. The changes mentioned after for inc_header.asp is only for creating a link to pm_view.asp (which displays the number of new, unread PMs) among the forum navigation links. It has nothing to do with the AU mod.
As for helping you with inc_header.asp, sure. Exactly which code are you refering to as wanting to paste above the green line?
You can remove the code marked Group Categories if you are not using them, but by doing so you cannot enable that feature until you add those lines again. |
Jan
===========
FR Portal Forums | Active Users 4.0.20 Mod |
Edited by - masterao on 03 October 2003 12:37:41 |
|
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 03 October 2003 : 12:44:31
|
Okay...
I've already made a link on my inc_header so I don't need that then...thanks anyway!
I have added all the security updates already, my main worry is that people can read other users pm's.... I've done the active_users ao all should be cool now.
Thanks very much |
|
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 03 October 2003 : 12:49:22
|
As it goes I just looked again...this code doesn't look like a link!
The instructions say to put it into inc_header "This code needs to be after the connection is opened near the top of the page and after
strDBNTUserName is defined. It needs to be placed before sForumNavigation() is called"
' Get Private Message count for display
if strDBType = "access" then
strSqL = "SELECT count(M_TO) as [pmcount] "
else
strSqL = "SELECT count(M_TO) as pmcount "
end if
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS , " & strTablePrefix & "PM "
strSql = strSql & " WHERE " & strMemberTablePrefix & "MEMBERS.M_NAME = '" & strDBNTUserName & "'"
strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "PM.M_TO "
strSql = strSql & " AND " & strTablePrefix & "PM.M_READ = 0 "
Set rsPM = my_Conn.Execute(strSql)
pmcount = rsPM("pmcount")
rsPM.close
set rsPM = nothing
This is the code I meant, sorry!
|
http://www.carp-uk.net |
|
|
|
masterao
Senior Member
Sweden
1678 Posts |
Posted - 03 October 2003 : 15:40:35
|
The code you posted counts any unread PMs that a member might have. This determines if the link will have X new after the actual link.
Im not sure if the security problem you had with the PM mod is completely solved. I've tried to recreate the scenario you described in the first post with PM version 3.4.02, but without success. Have you been able to recreate it as well? |
Jan
===========
FR Portal Forums | Active Users 4.0.20 Mod |
|
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 05 October 2003 : 06:05:50
|
okay thanks masterao,
I don't need that code either then.
The problem seems to have been totally solved now, your code has stopped the pm's from being seen by other members...I found it difficult to recreate this as well but I was informed by some of the members (don't know what they was doing looking anyway) they now say that they can no longer view the pm's from active ysers.
Clever dudes you lot
Thanks again, Robin. |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 05 October 2003 : 06:18:15
|
| are you using the most recent version of the Private Messages MOD? There was a flaw in that MOD that was exposed by the Active Users MOD. But, there was a fix posted for the Private Messages MOD. |
|
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 05 October 2003 : 06:28:27
|
Alright Richard,
No I'm not using the latest but the one before, I did try the new one but it totally screwed up the PM system.... I probably done it wrong as usual, it nearly always takes me a few attempts at installing even the simplist mods   
I will have another go at a later date, as long as that bug is fixed and it does seem to be I can live with the old mod .. for now!
Thanks again, Robin. |
Edited by - Doughnut on 05 October 2003 06:28:43 |
|
|
|
masterao
Senior Member
Sweden
1678 Posts |
|
|
Doughnut
Starting Member
United Kingdom
40 Posts |
Posted - 05 October 2003 : 09:04:24
|
| Thank you masterao, excellent mod |
|
|
| |
Topic |
|
Topic Locked
