Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 Auction 2.0		  New Topic  Reply to Topic
 Printer Friendly
Previous Page | Next Page
Author Previous Topic Topic Next Topic
Page: of 11

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 10 August 2010 :  13:33:09  Show Profile  Reply with Quote
Try this:


<%
'#################################################################################
'## Snitz Forums 2000 v3.4.07
'#################################################################################
'## Copyright (C) 2000-06 Michael Anderson, Pierre Gorissen,
'##                       Huw Reddick and Richard Kinser
'##
'## This program is free software; you can redistribute it and/or
'## modify it under the terms of the GNU General Public License
'## as published by the Free Software Foundation; either version 2
'## of the License, or (at your option) any later version.
'##
'## All copyright notices regarding Snitz Forums 2000
'## must remain intact in the scripts and in the outputted HTML
'## The "powered by" text/logo with a link back to
'## http://forum.snitz.com in the footer of the pages MUST
'## remain visible when the pages are viewed on the internet or intranet.
'##
'## This program is distributed in the hope that it will be useful,
'## but WITHOUT ANY WARRANTY; without even the implied warranty of
'## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
'## GNU General Public License for more details.
'##
'## You should have received a copy of the GNU General Public License
'## along with this program; if not, write to the Free Software
'## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
'##
'## Support can be obtained from our support forums at:
'## http://forum.snitz.com
'##
'## Correspondence and Marketing Questions can be sent to:
'## manderson@snitz.com
'##
'#################################################################################
'## MOD: Auction Mod v2.6 for Snitz Forums v3.4.07
'## Author: David Greening (Classicmotorcycling)
'##
'## File: auction_save.asp
'##
'## Get the latest version of this MOD at
'## http://www.snitzbitz.com/mods/
'#################################################################################
%>
<!--#INCLUDE FILE="config.asp"-->
<!--#INCLUDE FILE="inc_sha256.asp"-->
<!--#INCLUDE FILE="inc_header.asp" -->
<!--#INCLUDE FILE="inc_func_posting.asp"-->
<!--#INCLUDE FILE="auction_language.asp" -->
<%
AuctionID=Request.QueryString("AuctionID")
Response.Write	"<table border=""0"" width=""100%"" cellpadding=""4"" cellspacing=""1"">" & vbNewLine & _
		"	<tr>" & vbNewLine & _
		"		<td colspan=""2"" valign=""top"" nowrap>" & vbNewLine & _
		"			<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """>" & getCurrentIcon(strIconFolderOpen,"","") & " <a href=""default.asp"">All Forums</a><br />" & vbNewLine & _
		"          		" & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpenTopic,"","") & " <a href=""auction.asp"">" & strLang_Auction_00000 & "</a><br />" & vbNewLine & _
		"          		" & getCurrentIcon(strIconBlank,"","") & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpenTopic,"","") & " " & strLang_Auction_00300 & "</font>" & vbNewLine & _
		"		</td>" & vbNewLine & _
		"	</tr>" & vbNewLine & _
		"</table>" & vbNewLine

if mlev = "0" then
Response.Write	"<table border=""0"" width=""100%"" cellspacing=""0"" cellpadding=""0"" align=""center"">" & vbNewLine & _
		"	<tr>" & vbNewLine & _
		"		<td align=""center"">" & vbNewLine & _
		"			<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strHiLiteFontColor & """><b>" & strLang_Auction_00006 & "</b></font><br /><br />" & vbNewLine & _
		"		</td>" & vbNewLine & _
		"	</tr>" & vbNewLine & _
		"</table>" & vbNewLine
else
Response.Write	"<table width=""100%"" cellpadding=""0"" cellspacing=""0"" border=""0"">" & vbNewLine & _
		"	<tr>" & vbNewLine & _
		"		<td align=""center"" colspan=""2"" bgcolor=""" & strHeadCellColor & """>" & vbNewLine & _
		"			<b><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strHeadFontColor & """>" & strForumTitle & " - " & strLang_Auction_00300 & "</font></b>" & vbNewLine & _
		"		</td>" & vbNewLine & _
		"	</tr>" & vbNewLine & _
		"	<tr>" & vbNewLine & _
		"		<td width=""100%"" valign=""top"" align=""center""><p> </p>" & vbNewLine
Function nextAuctionID

	Randomize
	nextAuctionID = int(Rnd * 100000)

End Function
 
	if mLev = "0" then
		Response.Write	"<div align=""center"">" & vbNewLine & _
			"	<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strDefaultFontColor & """> <p>" & strLang_Auction_00301 & "</p></b></font>" & vbNewLine & _
			"</div>" & vbNewLine
	else 
		strCategory = chkString(cStr(Request.Form("strCategory")), "SQLString")
		strName = chkString(cStr(Request.Form("strName")), "SQLString")
		curMin = cStr(Request.Form("curMin"))
		strStartDate = cStr(Request.Form("strStartDate"))
		strLength = cStr(Request.Form("strLength"))
		strDesc = chkString(cStr(Request.Form("strDesc")), "SQLString")
		strImage = chkString(cStr(Request.Form("strImage")), "SQLString")
		if strImage = "" then
			strImage = "http://"
		end if
    button = cstr(Request.form("button"))
    strUsername = MemberID

	if button = "Edit Item" then

	Response.Redirect "auction_sellItem.asp?AuctionID=" & AuctionID & "&mode=edit"
'	Response.Write	"auction_sellItem.asp?AuctionID=" & AuctionID & "&mode=edit"
	Response.Write	"</form>" & vbNewLine

'		redirURL="strCategory="&Server.URLencode(strCategory)
'		redirURL=redirURL&"&strName="&Server.URLencode(strName)
'		redirURL=redirURL&"&curMin="&Server.URLencode(curMin)
'		redirURL=redirURL&"&curOpening="&Server.URLencode(curOpening)
'		redirURL=redirURL&"&strStartDate="&Server.URLencode(strStartDate)
'		redirURL=redirURL&"&strLength="&Server.URLencode(strLength)
'		redirURL=redirURL&"&strDesc="&Server.URLencode(strDesc)
'		redirURL=redirURL&"&strImage="&Server.URLencode(strImage)

	else

		intAuctionID = nextAuctionID
		dtmStart = DateToStr(DateAdd("h", dtDateTime, strForumTimeAdjust))
		dtmEnd = DateToStr(DateAdd("h", dtDateTime+(strLength*24), strForumTimeAdjust))
			if Request.QueryString("mode")="edit" then
				strSql="UPDATE " & strTablePrefix & "AUCTIONITEMS SET ITEMNAME='" & strName & "', AUCTIONCATID='" & strCategory & "', ITEMDESC='" & strDesc & "', IMGURL='" & strImage & "', OPENINGBID='" & curMin & "', CURRENTBID='" & curMin & "', ENDDATE='" & dtmEnd & "' WHERE AUCTIONID=" & AuctionID
				my_conn.execute(strsql),,adCmdText + adExecuteNoRecords
				Response.Redirect	"auction.asp"
			else
strsql = "INSERT INTO " & strTablePrefix & "AUCTIONITEMS (SELLER, ITEMNAME, AUCTIONCATID, ITEMDESC, IMGURL, OPENINGBID, CURRENTBID, STARTDATE, ENDDATE)"
strsql = strsql & " VALUES('" & strUsername & "', '" & strName & "', '" & strCategory & "', '" & strDesc & "', '" & strImage & "', " & curMin & ", " & curMin & ", '" & dtmStart & "', '" & dtmEnd & "')"
				my_conn.execute(strsql),,adCmdText + adExecuteNoRecords

				if strEmail = "1" and strRestrictReg = "0" then
					strRecipientsName = strSender
					strRecipients = strSender
					strFrom = strSender
					strFromName = strSender
					strsubject = strForumTitle & " - " & strLang_Auction_00303
					strMessage = strLang_Auction_00304 & ": " & strName & " " & strLang_Auction_00305 & " " & strForumTitle & " (" & strForumURL & ")." & vbNewLine & vbNewLine
					strMessage = strMessage & strLang_Auction_00306 & ": " & strForumURL & "auction.asp " & strLang_Auction_00307 & ": " & strUsername & vbNewLine & vbNewLine
					strMessage = strMessage & strLang_Auction_00308 & "," & vbNewLine & vbNewLine
					strMessage = strMessage & strLang_Auction_00309 & " @ " & strForumTitle
%>
<!--#INCLUDE FILE="inc_mail.asp" -->
<%
				end if
			end if

			Response.Write	"<div align=""center"">" & vbNewLine & _
				"	<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strDefaultFontColor & """><b>" & strLang_Auction_00302 & "</b><br /><br /></font>" & vbNewLine & _
				"</div>" & vbNewLine
		end if
	end if
	Response.Write	"		</td>" & vbNewLine & _
		"	</tr>" & vbNewLine & _
		"</table>" & vbNewLine
end if
WriteFooter()
%>
Go to Top of Page

bobby131313
Senior Member

USA
1163 Posts
Posted - 10 August 2010 :  13:36:33  Show Profile  Visit bobby131313's Homepage  Reply with Quote
Same thing.
Switch the order of your title tags
Go to Top of Page

bobby131313
Senior Member

USA
1163 Posts
Posted - 10 August 2010 :  19:35:18  Show Profile  Visit bobby131313's Homepage  Reply with Quote
I'm at a loss. I've examined post_info to see how posts are handled and tried a few things but can't seem get it fixed. Grrrr...
Switch the order of your title tags
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 10 August 2010 :  19:59:41  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
Seems to me that quite a lot of data obtained from the form is not being sanitized, independent of type. That's a serious issue, security wise, and it's also the cause for the quotes problems, because if it data was sanitized using Snitz ChkString, the quotes issue wouldn't show up.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

bobby131313
Senior Member

USA
1163 Posts
Posted - 10 August 2010 :  20:06:41  Show Profile  Visit bobby131313's Homepage  Reply with Quote
It at least *appears* to me that it is though....


strCategory = chkString(cStr(Request.Form("strCategory")),"SQLString")
strName = chkString(cStr(Request.Form("strName")),"SQLString")
curMin = cStr(Request.Form("curMin"))
strStartDate = cStr(Request.Form("strStartDate"))
strLength = cStr(Request.Form("strLength"))
strDesc = chkString(cStr(Request.Form("strDesc")), "SQLString")
strImage = chkString(cStr(Request.Form("strImage")), "SQLString")


strName & strDesc are both choking on the first double quote.
Switch the order of your title tags
Edited by - bobby131313 on 10 August 2010 20:07:14
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 10 August 2010 :  20:11:29  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
CStr doesn't sanitize anything and at least three values are using it without ChkString.
Also, this file seems to be used only for creating the database record. Maybe you are trying this with existing records and those are dealt with elsewhere and likely they have the same security issues as the previous version of auction_save.asp exhibited (and the current version still does, to a lesser degree, but still vulnerable).

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 10 August 2010 :  20:36:34  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
Seems the file also updates records. I don't really know the mod and didn't look at files other than the one posted here, so I will just stick with the comments regarding the SQL injection vulnerability, which anyone using this mod should look into ASAP.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Classicmotorcycling
Development Team Leader

Australia
2084 Posts
Posted - 12 August 2010 :  06:16:49  Show Profile  Reply with Quote
Bobby,

The code you are looking for is in auction_sellItemProcess.asp to fix te issue:


		"				<input TYPE=""hidden"" NAME=""strName"" VALUE=""" & strName & """>" & vbNewLine & _

		"				<input TYPE=""hidden"" NAME=""strDesc"" VALUE=""" & strDesc & """>" & vbNewLine & _

The above 2 lines need to be changed to:


		"				<input TYPE=""hidden"" NAME=""strName"" VALUE=""" & Trim(ChkString(strName,"edit")) & """>" & vbNewLine & _

		"				<input TYPE=""hidden"" NAME=""strDesc"" VALUE=""" & Trim(ChkString(strDesc,"edit")) & """>" & vbNewLine & _

This will allow the " " in the title and the description. I have also fixed the ChkString as pointed out by Rui (So many copies going around, lost track), and uploaded it.
Cheers,

David Greening
Go to Top of Page

bobby131313
Senior Member

USA
1163 Posts
Posted - 13 August 2010 :  23:08:27  Show Profile  Visit bobby131313's Homepage  Reply with Quote
Thanks Guys, I let the dogs loose on it tonight.
Switch the order of your title tags
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 18 August 2010 :  21:59:01  Show Profile  Reply with Quote
No bids desired - this was a fun test:
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 05 September 2010 :  10:47:57  Show Profile  Visit richfed's Homepage  Reply with Quote
Just installed the latest version of this MOD from SnitzBitz because someone was actually going to list an auction - first time on my forum so I am pretty unfamiliar with the functions of the MOD. Two things:
  • First of all, the user placed a broken link for the image. I see no function that allows me to go in and attempt to fix/edit that. Is that even possible?
  • Secondly, is there a way to make the Auction link on inc_header.asp show that a Auction is going on - like PMs show up when you have one? Just a number would do ... indicating that x number of auctions are underway.


Thanks -

EDIT ---> Scratch the first one ... I see it. Perhaps, the edit icon should appear in various views? A little hard to find, I think.

EDIT #2 ---> I see no way to actually place a bid on the listed item. Am I nuts?
Edited by - richfed on 05 September 2010 10:57:20
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 05 September 2010 :  11:06:17  Show Profile  Visit richfed's Homepage  Reply with Quote
Here is a screenshot of what I see [I fixed the image URL that the user had posted incorrectly] when logged in as Admin. I can see no way to bid. I think the user may have posted the auction incorrectly, but I see no way to fix it. Obviously, something wrong with the "winning bidder" entry.
Go to Top of Page

Classicmotorcycling
Development Team Leader

Australia
2084 Posts
Posted - 05 September 2010 :  15:42:40  Show Profile  Reply with Quote
I have fixed it in the download. Was playing with some stuff and forgot to change it back before I copied the files.
Cheers,

David Greening
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 05 September 2010 :  19:27:34  Show Profile  Visit richfed's Homepage  Reply with Quote
Thanks ... that part is fixed.
Rich
[size=1]A Complete Idiot's Guide to MOD Implementation || On the Trail of the Last of the Mohicans[/size=1]
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 10 September 2010 :  07:11:37  Show Profile  Visit richfed's Homepage  Reply with Quote
quote:
Is there a way to make the Auction link on inc_header.asp show that a Auction is going on - like PMs show up when you have one? Just a number would do ... indicating that x number of auctions are underway.


Can anyone code this? It would be very helpful, I would think. When a user logs on, they would immediately see how many "live" auctions there were ... inducing, hopefully, a click on the link.
Go to Top of Page
Page: of 11 Previous Topic Topic Next Topic  
Previous Page | Next Page
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.29 seconds. Powered By: Snitz Forums 2000 Version 3.4.07