| Author |
Message |
|
|
They amuse me also. But hey thats my standard answer when someone posts a question that has been asked and answered countless times. And they are to lazy to use the SEARCH BUTTON. And no there would still be the few who didnt bother to read anything before posting there help me question. So my search the forums sign would still work.  I have even fired off a few emails to Chi Kien Uong With no replys at all about appointing a couple of mods. Maybe one of us should just make our own guestbook help forums and put up the links here.
|
 |
|
|
Very good Idea Trevor. Another good Idea would be if the owner of all this was active and would appoint 1 or 2 mods. Then certain topics could be stickyied. But anyway to help you out. You need to use the most asked questions. I think what I have below is a good start for you.
#1. Problem with smilies and images.
#2. Forgot password and login.
#3. How do you change.* Welcome to my guestbook* or whatever it says
#4. Adding includes.
#5. sql exploit
#6. guestbook spam.
#7. Topics for setting up the config.php file correctly.
#8. any good fixes that people come up with. coughcarbonizecough
|
|
|
|
|
Please do a SEARCH This was just discussed 2 days ago on these forums.
|
|
|
|
|
Well I did a google on these 2 here "nahuy753" and "nahuy194" The first one I only found twice and the second only once. And if a person sets up there forums to where they have to approve all members they wouldnt have alot of problems. Also in the guestbook we have an image verification script. To prevent bots and spammers. And the option to turn on or off html. Which all works fine.
|
|
|
|
|
*BUMP*
|
|
|
|
|
Try this. http://proxy2.de/forum/viewtopic.php?t=3628&highlight=missing+pictures
|
|
|
|
|
have you set the permissions correctly?
|
|
|
|
|
First you need to uninstall the 2.2 version and install the 2.3.1 version. 2.2 has a exploit that will allow hackers to gain access.
|
|
|
|
|
try re uploading the admin files.
|
|
|
|
This is for anyone wanting a sessions class php file. From advanced guestbook 2.2
<?php
/**
* ----------------------------------------------
* Advanced Guestbook 2.2 (PHP/MySQL)
* Copyright (c)2001 Chi Kien Uong
* URL: http://www.proxy2.de
* ----------------------------------------------
*/
class gb_session extends gbook_sql {
var $expire = 7200;
var $include_path;
var $table;
function gb_session($path='') {
global $GB_TBL;
$this->table =& $GB_TBL;
$this->gbook_sql();
$this->connect();
$this->include_path = $path;
}
function isValidSession($session,$user_id) {
$this->query("SELECT session, LAST_VISIT from ".$this->table['auth']." WHERE session='$session' and ID='$user_id'");
$row = $this->fetch_array($this->result);
if ($row) {
$year = substr($row["LAST_VISIT"],0,4);
$date = substr($row["LAST_VISIT"],4,10);
$date_strg = chunk_split($date,2,"-");
list($month,$day,$hour,$minute,$second) = explode("-",$date_strg);
$tstamp = mktime($hour,$minute,$second,$month,$day,$year);
return ($this->expire + $tstamp > time()) ? $row["session"] : false;
} else {
return false;
}
}
function isValidUser($user_id) {
$this->query("SELECT username FROM ".$this->table['auth']." WHERE ID='$user_id'");
$this->fetch_array($this->result);
return ($this->record) ? true : false;
}
function changePass($user_id,$new_password) {
$this->query("UPDATE ".$this->table['auth']." SET password=PASSWORD('$new_password') WHERE ID='$user_id'");
return ($this->record) ? true : false;
}
function generateNewSessionID($user_id) {
srand((double)microtime()*1000000);
$session = md5 (uniqid (rand()));
$this->query("UPDATE ".$this->table['auth']." SET session='$session' WHERE ID='$user_id'");
return $session;
}
function checkPass($username,$password) {
$this->query("SELECT ID FROM ".$this->table['auth']." WHERE username='$username' and password=PASSWORD('$password')");
$this->fetch_array($this->result);
return ($this->record) ? $this->record["ID"] : false;
}
function checkSessionID() {
global $username, $password, $session, $uid;
if (isset($session) && isset($uid)) {
return ($this->isValidSession($session,$uid)) ? array("session" => "$session", "uid" => "$uid") : false;
} elseif (isset($username) && isset($password)) {
if (get_magic_quotes_gpc()) {
$username = stripslashes($username);
$password = stripslashes($password);
}
$ID = $this->checkPass($username,$password);
if ($ID) {
$session = $this->generateNewSessionID($ID);
return array("session" => "$session", "uid" => "$ID");
} else {
return false;
}
} else {
return false;
}
}
}
?>
|
|
|
|
_blackout wrote:Thnaks for the heads up, but....
Yes we do know how to fix it. Right up above is alittle button called SEARCH
^ chill out man  .. 
Well its really hard to do. When this question is posed atleast once per week and answered that many times also. Most any question a new person has about advanced guestbook has been answered at one time or another. Plus the fact that the creator doesnt seem to work on this program any longer nor care. And there are no mods here that I have found to sticky certain topics to keep them at the top of the pages so they can be found with ease.
|
|
|
|
|
Yes we do know how to fix it. Right up above is alittle button called SEARCH. But for this one time only refer to this thread.--> http://proxy2.de/forum/viewtopic.php?t=3656&highlight=guestbook+password
|
|
|
|
|
Yea we know about the mp3 part I have told him about it and there might be a fix for it already I havnt spoke to him yet.
|
|
|
|
Johncr wrote:Very nice... and vulnerable. I moved, killed, restored, unploaded some stuff and got some errors too. However, is it really useful to have such a vulnerable pseudo server? I can't envision any serious application for this code other than a php exercise.
It is still in its early stages. But it can be password protected. The hope is to replace the normal file manager in a host's cpanel with this application. And please post any errors you get or pm them to me.
|
|
|
|
This application and statement was submitted by a friend of mine. Please give it a try. You might be pleasantly surprised. Here also is a working Demo of the application. Please feel free to check it out. Click-->*Demo*
If you have web hosting, then you should have had the joy of working with the default file manager. webExplorer was designed with the end user in mind, as it tries to mimic Windows Explorer. Instead of clicking on the image to view contextual options and the filename to open it, you can double click to open, single click (with extra keys like CTRL or SHIFT for multiple selects) to select, and right clicks to access contextual options. Files are displayed like the "Icon View" in Windows Explorer. It has all the features of a file manager, and it has support for multiple applications to open files, themes, and more icons. You can also access a "File Options" like dialog box to change how files and icons should be displayed. There are many more features to come, such as multiple user authentication (one application can manage many different directories). Eventually drag and drop and drag selection will be implemented as well. More applications to open files (i.e. WYSIWYG HTML editor) will also be developed. [Current version: 1.0b]
Here is a download of the app if you care to try it out. Click-->*WebExplorer.zip* And here is the link to vote for the application. You will need to register but that part is no big deal.
http://www.zend.com/php5/contest/contest.php?id=104&single=1
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login