If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Messages posted by: amber222
Forum Index » Profile for amber222 » Messages posted by amber222
Author Message
Advanced Guestbook 2.2 has an exploit. You should upgrade to the latest version.

Sticky: READ THIS BEFORE POSTING ANY QUESTIONS!
http://proxy2.de/forum/viewtopic.php?t=4473

See if either of these posts helps:
http://proxy2.de/forum/viewtopic.php?t=3796
http://proxy2.de/forum/viewtopic.php?t=5170
http://proxy2.de/forum/viewtopic.php?t=5618

Switch to Lazarus:
http://www.carbonize.co.uk/Lazarus/index.php
It looks like you are trying for Demo4, but you have changed $poll_path to proxy2.de website, not yours. You should not have to change that $poll_path line for this poll to work. Leave it at:



Also, I don't see where you called the form or ended the php code.

Below is the sample code for demo4. In your poll directory, there is already a file named demo_4.php. You can copy that file and then tweak it to remove the sample code on the left, or you can create your own file using the sample code (probably easier).



If you put the file in your poll directory, it should work as is. (Of course, if you are calling for poll ID 2, that poll must exist.) If you put the file in a different directory, you need to change the location of the files in the first few lines. Here's how it would be done if the file containing the comment poll is placed in the root directory, but the poll script files are in a directory named poll:



To summarize, locate in the demos which poll you want to use. From the left side of the demo page, copy the sample code and paste in the file you want the poll to appear in. If the file is going in a directory other than the poll directory, edit the lines that show the location of poll_cookie.php and the config.inc.php and other files in the include folder. Upload to your server and it should work.

If you still can't see comments, perhaps the issue could be with your database.
Checked the database, saw it was weird (possibly corrupted) so I figured I'd delete it, make a new one.


Don't know what you mean by weird, but if you use CPanel, you can repair a database instead of deleting it.

On a totally fresh install, I put in 'admin' and 'poll' as my password and I can't log in!


Advanced Poll 2.0.7 db allows you to enter your own username and password upon successful installation. You get a screen asking for it. So, why would you use something as generic as "admin" and "poll" for your username and password? Perhaps you missed this in the installation.

Anyway, I used a test site to see if I could change the admin password from the database. Everything went wrong and as you said, I could no longer access admin, so I guess I had better make sure I only change the password by using the "Change Password" feature in Admin, as is no doubt how it was meant to be.

I was only able to get back into admin by deleting all of the poll tables from the database and running install.php again.
Check path settings in Poll Admin General Settings.

Search for admin loop.

You should update to the latest poll script.
In poll/admin/index.php you see the poll list. Click on a poll question and at the bottom of the "Edit this poll" page is a link to "Reset this poll ".
I'm a firm believer in keeping guestbooks out of search engines. People should find your guestbook when they visit your site - not on any search engine.

I exclude the guestbook directory in the robots.txt file and also replace the keywords meta tag in templates/header.php with a robots tag:



If your guestbook has already been in the search engines, spammers know where to find you, so consider renaming the guestbook directory. I did this on one guestbook that was getting spammed. Then I kept the old directory name and put a surprise there - just for the spammers... thought I'd show my gratitude.
Try adding a poll list on the server where the poll script is installed:

Link to poll archives

Then, following the guidelines in item 2 of that post, place the second doc, with absolute links, on the other server. Using this method, the actual poll would probably still be on a page by itself, though.
Same thing here. Once I edit General Settings, the text disappears. Click on an icon and it goes back to normal until the next edit.
Here's how I did it, based on the sample in Demo 3:

1. Create a .php document to hold the code to list all the polls. (I named this file listpolls.php). It will list links to all polls, including expired:



I have my listpolls.php file in the root directory and not in the polls directory, which is why I needed to add poll/ to the path. If you put listpolls.php in your poll directory, it would be:



2. If you only want to link to certain polls, create a second .php document to list only the polls you want. (I named this file opinionpolls.php). Link to each poll as follows:



Or just include the links in any existing .php file.
Also see the second poll in Demo 1. It uses the simple template, which shows the poll question as the title.
Warning: mysql_connect(): Access denied for user: 'apache@localhost' (Using password: NO) in /home/httpd/vhosts/xxxxxxx/httpdocs/poll/include/class_mysql.php on line 32


You didn't edit the include/config.inc.php file and add your database user info and password. That's why it says using password: NO
Sorry, I clicked on the wrong link.
Can you ask your host about my.cnf?

Go to PhpMyAdmin, and see if it shows an error like illegal mix. If so, see if the language on the right side is the same as what you are using. Can you change it? Not all hosts allow this. I don't know if it will help but it is worth looking at.
It works.
sluggoaafa wrote:
so when you do all the above, and then run the update, and it still requests you to update config.inc.php....then what?

I've spent 4 hours trying to figure this darn thing out, and no luck. I've even noticed that my images are gone. very frustrating. I am working inside of yahoo/geocities (I know you dislike them Carbonize) but I had 2.3.x running very well...now trying to run the update in misc....it's saying I need to update the file.
....


Re-check it and make sure you filled in all the information correctly in the new admin/config.inc.php file on you server:

lines #4 thru #7:

and

line #63:

and

line#66:


If it was working before, you should just need to copy the info from each line in the old config.inc.php file and paste into the new one.
 
Forum Index » Profile for amber222 » Messages posted by amber222
Go to:   
Based on the open source JForum