| Author |
Message |
|
|
Ok my update to the guestbook has kind of stalled and so I may just release it as it is and have a message, when the image verification is wrong, telling them that they will have to reselect the image. I have a plan on how to fix but little time at present. It's either this or I end up writing my own guestbook from scratch. I am also starting to work on the smart installer so that all you have to do is run the installer and it will update from 2.2, 2.3.1 or even a modified guestbook. Questions
1 - Do I keep AGcode? I have removed the option for HTML code.
2 - If I keep it do I make buttons for it like forums have?
3 - Also if I keep it do I remove the URL AGcode as it may be abused?
On a different note I am going to release mod files like phpBB forum uses. These will contain step by step instructions on how to apply the mod. Question is what mods would you like? At present I have written a mod instruction file for email encryption and the third gender option. WHat mods would you like to see me release files for?
ps. You can answer here although I'd probably prefer my forum as I have control of it then.
|
 |
|
|
We should regularly visit the forums of all sites where we have downloaded their software.
I try but thats an awful lot of forums lol. I'm actually an admin on 3 forums, including my own, and a member on several others. I rarely visit a forum until I get a problem. In fact I think my first post on here was a problem I had. JTD and I have, in the past, used Google to located hacked guestbooks which we then fixed and left a messaage for the webmasters. I have emailed a few sites using guestbook 2.2 explaining the exploit. Admitedly because I wanted them to test my patch out  but I agree that people whould learn to use the damn search feature 
|
|
|
|
|
What browser is it and can you see images on other guestbooks such as www.carbonize.co.uk/guestbookbeta/ ???
|
|
|
|
|
Yup. Slap this in your head section
|
|
|
|
As to why you can't see the image, god knows. The picture is there, I can see it. It is in the public folder as it should be. In theory though none of the images should be showing as thay all start with /gbook/ which would tell the browser to look for a folder called gbook within the current folder. Do you see the other images? Have you set the base_url variable in the config file?
As to the pop up problem, you've removed the javascript responsible for it. It should be in the head section.
|
|
|
|
|
If you're talking about the design of the site I have to ask why. That site is damn ugly and the code is terrible. If you mean the concept then simply set up a site with a forum and guestbook and possibly a free for all links script and then advertise in local papers.
|
|
|
|
|
you don't need to update you just need to patch the exploit.
|
|
|
|
|
What my template file says is to look at your sites html code, decide where you want the guestbook to appear,copy all the html from before that point into the header.php file and everything after to footer.php file. Then goto the guestbooks index.php page. If this fails (a link would be nice so I can try for myself) then I suggest trying a non frontpage menu. there are plenty of free dynamic menues on www.dynamicdrive.com
|
|
|
|
As has been discussed in this forum several times NO. The search function is a wonderful, yet rarely used, thing. The templates are made into strings. For a php function to get called a file has to be passed to the processor and the templates do not. You can put the function/call somewhere in the code and turn the output into a string variable and then place the string variable in the templates.
I will not be discussing this subject again.
|
|
|
|
|
Freddy and I are going through the code. Freddy's doing most of it as my understanding of MySQL calls in PHP is limited.
|
|
|
|
|
www.carbonize.co.uk/emailencryption.txt
|
|
|
|
|
www.carbonize.co.uk/template.zip download that, extract the html file, read the HTML.
|
|
|
|
|
You could always try using www.carbonize.co.uk/upgrade.zip after updating from 2.2 to 2.3.1. Just unzip the install.php file and upload it to your guestbook, ovrwriting the old one. then run it as normal. Hopefully this should change that field type and add the new fields and tables.
|
|
|
|
|
The SQL injection exploit has actually been around since 2002 from what I can gather. I assume it was only recently that kiddies with no life discovered it on the net. As for the HTML "exploit" that must of been discovered sometime this year. My fix is to disable html. I have removed the option from the version I am working on. I am also considering removing AGcode as nobody ever seems to use it.
|
|
|
|
|
I'll either upload the pre modified files to my site somewhere or write a better mod instruction.
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login