Greeting Card Mod 3.6 (RC1) - Posted (7434 Views)
Classicmotorcycling
Development Team Leader
Classicmotorcycling
Posts: 2085
2085
Rolling on from this MOD over 6 years ago: Greeting Card Mod
I have re-written the Greeting Card to now work off the Forum database and a few other things including easy to install (being 1 out 10 and 1 being the easiest). I have included 10 Greeting Cards to get you started and all appears to work fine on Access & MSSQL.
I have also made it work using the forums inc_mail.asp so there is no need for a special mail component.

You can download it from: Greeting Card Mod 3.6
Enjoy... bigsmile tongue<
Cheers,

David Greening
 Sort direction, for dates DESC means newest first  
 Page size 
Posted
HuwR
Forum Admin
HuwR
Posts: 20611
20611
I have removed the link until the code for this mod is sanitised against SQL injection, currently it is not. I found several request variables in the _preview.asp file that were not being sanitised prior to using in a query.<
Posted
Classicmotorcycling
Development Team Leader
Classicmotorcycling
Posts: 2085
2085
HuwR,

I have rechecked the code and made the changes now it should be right on all the files. Do you want to put the link back up? <
Cheers,

David Greening
Posted
HuwR
Forum Admin
HuwR
Posts: 20611
20611
did you also check greeting_cards_get.asp ? I think that had some vulnerabilities too<
Posted
Classicmotorcycling
Development Team Leader
Classicmotorcycling
Posts: 2085
2085
All files where chaecked and the zip updated...<
Cheers,

David Greening
Posted
HuwR
Forum Admin
HuwR
Posts: 20611
20611
ok great smile feel free to put the link back up<
Posted
texanman
Junior Member
texanman
Posts: 410
410
Hi,

I am getting this error message when I click on "Cards" in the Admin Section.
Microsoft OLE DB Provider for SQL Server error '80040e14'
Incorrect syntax near '*'.
/greeting_cards_clean.asp, line 92

line 92: set rs = conn.execute (strsql)

The two lines above it are:

strSQL = "DELETE * FROM " & strTablePrefix & "GREETING_SENT WHERE SENTDATE" _
& "< #" & rev & "#;"

Any idea what the problem is?
Thanks
<
Posted
ruirib
Snitz Forums Admin
ruirib
Posts: 26364
26364
Remove the '*', so that the SQL statement is "DELETE FROM " &...<
Snitz 3.4 Readme | Like the support? Support Snitz too
Posted
mdelcour2000
Junior Member
mdelcour2000
Posts: 133
133
VERY IMPRESSIVE!<
http://lacledeforum.com/

"Never get so busy doing the work of the kingdom that you forget who the King is"
Posted
leatherlips
Senior Member
leatherlips
Posts: 1838
1838
When I go into General Settings and click "Send Config" I get this error:

Code:
You need to put in a SMTP Server
Back
Please enter the greetings URL!
Back

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/forumtest/greeting_cards_docard.asp, line 188
<
Mangione Magic Forum - The Music of Chuck Mangione
My Mods: Googiespell MOD | Link To Reply MOD | Petition MOD | Contact Page MOD | Share This Topic MOD | MP3 MOD | PageEar MOD | Google Viewer MOD
Posted
texanman
Junior Member
texanman
Posts: 410
410
Originally posted by ruirib
Remove the '*', so that the SQL statement is "DELETE FROM " &...

Thanks ruirib
Tried that but still gives the same error sad<
You Must enter a message