Latest posts for the topic "image verification script for 2.31"

image verification script for 2.31

Anonymous — GMT

I recently install the script and it seems to work halfway. I not at all used to php. Html I know better so I am lost.

Where I sign in, it doesn't get complete because of the image vertification and it doesn't supply with new numbers even when I refresh. I'm pretty sure I messed up somewhere but I don't know to figure that out.

Anonymous — GMT

Sorry the guestbook is here [url]http://www.ccgrove.com/samemme/index.php[/url]

Jared — GMT

you didn't install the script right. If you view the source, nothing changes

always says verifyimage.php?k= but should say verifyimage.php?k=234234 or some other number. Recheck your work. Or maybe your server does not support the script.

Anonymous — GMT

I only change the 8 characters in the verify.php and basically went through the process again. So I figuring it the verify.php

I did the eight different character but in the file it says do not go below this line but I am still suppose to change something beside the eight characters.

Jared — GMT

[code]how to add the Image Verification mod.

1 - First to prevent the spammers from being able to figure out our image verifcation characters we need to make them unique to our site.

Open up verify.php and follow the instructions.

2 - Upload both verify.php and verifyimge.php to the same directory (folder) as your addentry.php.

3 - Open addentry.php.

Find
$include_path = dirname(__FILE__);

and replace it with
include("verify.php");
$include_path = dirname(__FILE__);

Find
if (isset($HTTP_POST_VARS["gb_action"])) {
$gb_post->name = (isset($HTTP_POST_VARS["gb_name"])) ? $HTTP_POST_VARS["gb_name"] : '';
or if you use version 2.2 of the guestbook find
if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") {
$gb_post->name = (isset($HTTP_POST_VARS["name"])) ? $HTTP_POST_VARS["name"] : '';

For version 2.3.1 replace it with
if (isset($HTTP_POST_VARS["gb_action"])) {
if (strtoupper($_POST["keycode"])!=$Vword)
{
echo ("The Image Verication code you supplied is incorrect.
\nPlease enter the 8 characters that appear in the image.");
echo $gb_post->process();
die();
}
$gb_post->Vrand = $Vrand;
$gb_post->name = (isset($HTTP_POST_VARS["gb_name"])) ? $HTTP_POST_VARS["gb_name"] : '';

For version 2.2 replace it with
if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST") {
if (strtoupper($_POST["keycode"])!=$Vword)
{
echo ("The Image Verication code you supplied is incorrect.
\nPlease enter the 8 characters that appear in the image.");
echo $gb_post->process();
die();
}
$gb_post->Vrand = $Vrand;
$gb_post->name = (isset($HTTP_POST_VARS["name"])) ? $HTTP_POST_VARS["name"] : '';

If you use a footer file for your site place the include code between the echo $gb_post->process; and the die();

Close addentry.php

4 - Open templates/form.php

Find
flag=1;
Replace with
if(document.book.keycode.value == "") {
alert("You Must Enter The Image Verification Characters Into The Box");
document.book.keycode.focus();
return false;
}
flag=1;

Find

$HTML_CODE
$SMILE_CODE
$AG_CODE

If you use 2.2 then look for

For 2.3.1 replace it with

Image Verification:
Enter these characters into this text box

$HTML_CODE
$SMILE_CODE
$AG_CODE

For 2.2 replace it with

Enter the Characters:

Save and close form.php

5 - Open lib/add.class.php

Find
var $table = array();

Just below it put
var $Vrand = '';

Find
$HIDDEN .= "name."\">\n";

For 2.2 find
$HIDDEN .= "name."\">\n";

2.3.1 replace it with
$HIDDEN .= "";
$HIDDEN .= "\n"; //Hidden Random Value
$HIDDEN .= "name."\">\n";

2.2 replace it with
$HIDDEN .= "name."\">\n";
$HIDDEN .= "";
$HIDDEN .= "\n"; //Hidden Random Value

Save and close add.class.php

And thats it.[/code]

Just follow the directions. That is correct, you only need to change the numbers

Sam Emme — GMT

Ok let's see if you can see it.
[b]Addentry.php[/b]

[code] include("verify.php");
$include_path = dirname(__FILE__);
include_once $include_path."/admin/config.inc.php";
include_once $include_path."/lib/$DB_CLASS";
include_once $include_path."/lib/image.class.php";
include_once $include_path."/lib/template.class.php";

include_once $include_path."/lib/vars.class.php";
include_once $include_path."/lib/add.class.php";

$gb_post = new addentry($include_path);

if (isset($HTTP_POST_VARS["gb_action"])) {
if (strtoupper($_POST["keycode"])!=$Vword)
{
echo ("The Image Verication code you supplied is incorrect.
\nPlease enter the 8 characters that appear in the image.");
echo $gb_post->process();
die();
}
$gb_post->Vrand = $Vrand;
$gb_post->name = (isset($HTTP_POST_VARS["gb_name"])) ? $HTTP_POST_VARS["gb_name"] : '';

$gb_post->email = (isset($HTTP_POST_VARS["gb_email"])) ? $HTTP_POST_VARS["gb_email"] : '';
$gb_post->url = (isset($HTTP_POST_VARS["gb_url"])) ? $HTTP_POST_VARS["gb_url"] : '';
$gb_post->comment = (isset($HTTP_POST_VARS["gb_comment"])) ? $HTTP_POST_VARS["gb_comment"] : '';
$gb_post->location = (isset($HTTP_POST_VARS["gb_location"])) ? $HTTP_POST_VARS["gb_location"] : '';
$gb_post->icq = (isset($HTTP_POST_VARS["gb_icq"])) ? $HTTP_POST_VARS["gb_icq"] : '';
$gb_post->aim = (isset($HTTP_POST_VARS["gb_aim"])) ? $HTTP_POST_VARS["gb_aim"] : '';
$gb_post->gender = (isset($HTTP_POST_VARS["gb_gender"])) ? $HTTP_POST_VARS["gb_gender"] : '';
$gb_post->userfile = (isset($HTTP_POST_FILES["userfile"]["tmp_name"]) && $HTTP_POST_FILES["userfile"]["tmp_name"] != "") ? $HTTP_POST_FILES : '';
$gb_post->user_img = (isset($HTTP_POST_VARS["gb_user_img"])) ? $HTTP_POST_VARS["gb_user_img"] : '';
$gb_post->preview = (isset($HTTP_POST_VARS["gb_preview"])) ? 1 : 0;
$gb_post->private = (isset($HTTP_POST_VARS["gb_private"])) ? 1 : 0;
echo $gb_post->process($HTTP_POST_VARS["gb_action"]);
} else {
echo $gb_post->process();
}

?>[/code]

I don't know about the footer...I didn't mess with it. That could something...

[code]If you use a footer file for your site place the include code between the echo $gb_post->process; and the die();[/code]

[b]Form.php[/b]

[code]

$LANG[BookMess3]
$LANG[FormMess1]	$LANG[BookMess4] \| $LANG[BookMess5]

$OPTIONAL

$LANG[BookMess3]:

$LANG[FormName]*:

$LANG[FormEmail]:

$LANG[FormLoc]:

$LANG[FormUrl]:

$LANG[FormMessage]*:





$LANG[FormMess4]

$LANG[FormPriv]

Image Verification:

Enter these characters into this text box

$HTML_CODE
$SMILE_CODE
$AG_CODE

[/code]

[b]add.class.php[/b]

[code]
/**
* ----------------------------------------------
* Advanced Guestbook 2.3.1 (PHP/MySQL)
* Copyright (c)2001 Chi Kien Uong
* URL: http://www.proxy2.de
* ----------------------------------------------
*/

class addentry {

var $db;
var $ip;
var $include_path;
var $template;
var $name = '';
var $email = '';
var $url = '';
var $comment = '';
var $location = '';
var $icq = '';
var $aim = '';
var $gender = '';
var $userfile = '';
var $user_img = '';
var $preview = '';
var $private = '';
var $image_file = '';
var $image_tag = '';
var $GB_TPL = array();
var $table = array();
var $Vrand = '';

function addentry($path='') {
global $GB_TPL, $GB_TBL, $HTTP_SERVER_VARS;
if (isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']) && eregi("^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$",$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])) {
$this->ip = $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'];
} else {
$this->ip = getenv("REMOTE_ADDR");
}
$this->db = new guestbook_vars($path);
$this->db->getVars();
$this->template = &$this->db->template;
$this->include_path = $path;
$this->GB_TPL = &$GB_TPL;
$this->table = &$GB_TBL;
}

function undo_htmlspecialchars($string) {
$html = array (
"&" => "&",
""" => "\"",
"<" => "<",
">" => ">"
);
for(reset($html); $key=key($html); next($html)) {
$string = str_replace("$key","$html[$key]",$string);
}
return ($string);
}

function clear_tmpfiles($cachetime=1800) {
global $GB_TMP;
$delfiles = 0;
$filelist = '';
if (is_dir("$this->include_path/$GB_TMP")) {
chdir("$this->include_path/$GB_TMP");
$hnd = opendir(".");
while ($file = readdir($hnd)) {
if(is_file($file)) {
$filelist[] = $file;
}
}
closedir($hnd);
}
if (is_array($filelist)) {
while (list ($key, $file) = each ($filelist)) {
$tmpfile = explode(".",$file);
$tmpfile[0] = ereg_replace ("img-", "", $tmpfile[0]);
if ($tmpfile[0] < (time()-$cachetime)) {
if (unlink($file)) {
$delfiles ++;
}
}
}
}
return $delfiles;
}

function is_uploaded_file_readable($uploaded_file_tmp_name) {
$check = @fopen($uploaded_file_tmp_name, "rb");
if ($check) {
fclose($check);
return 1;
} else {
$is_safe_mode = get_cfg_var("safe_mode");
if ($is_safe_mode) {
return -1;
} else {
return 2;
}
}
}

function check_entry($type='') {
global $GB_UPLOAD, $GB_TMP, $GB_PG;
$this->db->VARS["max_img_size"] = $this->db->VARS["max_img_size"]*1024;
if ($this->db->VARS["banned_ip"]==1) {
if ($this->db->isBannedIp($this->ip)) {
return $this->db->gb_error($this->db->LANG["ErrorPost9"]);
}
}
if ($this->db->VARS["flood_check"]==1) {
if ($this->db->FloodCheck($this->ip)) {
return $this->db->gb_error($this->db->LANG["ErrorPost8"]);
}
}
if (is_array($this->userfile) && $this->userfile["userfile"]["tmp_name"] != "none") {
$uploaded_img_file_stat = $this->is_uploaded_file_readable($this->userfile["userfile"]["tmp_name"]);
} else {
$uploaded_img_file_stat = -1;
}
if ($uploaded_img_file_stat > 0) {
$extension = array("1" => 'gif',"2" => 'jpg',"3" => 'png',"4" => 'swf');
$the_time = time();
if ($this->userfile["userfile"]["size"] > $this->db->VARS["max_img_size"]) {
return $this->db->gb_error($this->db->LANG["ErrorPost6"]);
} else {
if ($uploaded_img_file_stat == 1) {
$size = GetImageSize($this->userfile["userfile"]["tmp_name"]);
$open_basedir_res = false;
} else {
$open_basedir_res = true;
if (!eregi("WIN",PHP_OS)) {
exec("cp ".$this->userfile["userfile"]["tmp_name"]." $this->include_path/$GB_TMP/img-$the_time.tmp");
} else {
$win_command = str_replace("/","\\",$this->userfile["userfile"]["tmp_name"]);
$win_loc = str_replace("/","\\", "$this->include_path/$GB_TMP/img-$the_time.tmp");
exec("copy $win_command $win_loc");
}
$size = GetImageSize("$this->include_path/$GB_TMP/img-$the_time.tmp");
}
if ($size[2]>0 && $size[2]<4) {
$this->image_file = "img-$the_time.".$extension[$size[2]];
$img = new gb_image();
$img->set_destdir("$this->include_path/$GB_UPLOAD");
$img->set_border_size($this->db->VARS["img_width"], $this->db->VARS["img_height"]);
if ($type=="preview") {
if (!$open_basedir_res) {
copy($this->userfile["userfile"]["tmp_name"], "$this->include_path/$GB_TMP/$this->image_file");
} else {
rename("$this->include_path/$GB_TMP/img-$the_time.tmp", "$this->include_path/$GB_TMP/$this->image_file");
}
$new_img_size = $img->get_img_size_format($size[0], $size[1]);
$GB_UPLOAD = $GB_TMP;
$row['p_filename'] = $this->image_file;
$row['width'] = $size[0];
$row['height'] = $size[1];
eval("\$this->tmp_image = \"".$this->template->get_template($this->GB_TPL['image'])."\";");
} else {
if (!$open_basedir_res) {
copy($this->userfile["userfile"]["tmp_name"], "$this->include_path/$GB_UPLOAD/$this->image_file");
} else {
rename("$this->include_path/$GB_TMP/img-$the_time.tmp", "$this->include_path/$GB_UPLOAD/$this->image_file");
}
if ($this->db->VARS["thumbnail"]==1) {
$min_size = 1024*$this->db->VARS["thumb_min_fsize"];
$img->set_min_filesize($min_size);
$img->set_prefix("t_");
$img->create_thumbnail("$this->include_path/$GB_UPLOAD/$this->image_file","$this->image_file");
}
}
} else {
return $this->db->gb_error($this->db->LANG["ErrorPost7"]);
}
}
}
if (!empty($this->user_img)) {
$this->image_file = trim($this->user_img);
}
$this->name = $this->db->FormatString($this->name);
$this->location = $this->db->FormatString($this->location);
$this->comment = $this->db->FormatString($this->comment);
$this->icq = $this->db->FormatString($this->icq);
$this->aim = $this->db->FormatString($this->aim);
$this->aim = htmlspecialchars($this->aim);
if ($this->icq < 1000 || $this->icq >999999999) {
$this->icq='';
}
if ($this->name == "") {
return $this->db->gb_error($this->db->LANG["ErrorPost1"]);
} elseif (strlen($this->comment)<$this->db->VARS["min_text"] || strlen($this->comment)>$this->db->VARS["max_text"]) {
return $this->db->gb_error($this->db->LANG["ErrorPost3"]);
} else {
$this->url = trim($this->url);
$this->email = trim($this->email);
if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@([0-9a-z][0-9a-z-]*[0-9a-z]\\.)+[a-z]{2,5}$", $this->email) ) {
$this->email = '';
}
if (!eregi("^http://[_a-z0-9-]+\\.[_a-z0-9-]+", $this->url)) {
$this->url = '';
}
if (htmlspecialchars($this->url) != "$this->url") {
$this->url = '';
}
}
if ($this->db->VARS["censor"]==1) {
$this->name = $this->db->CensorBadWords($this->name);
$this->location = $this->db->CensorBadWords($this->location);
$this->comment = $this->db->CensorBadWords($this->comment);
}
if (!$this->db->CheckWordLength($this->name) || !$this->db->CheckWordLength($this->location)) {
return $this->db->gb_error($this->db->LANG["ErrorPost4"]);
}
if (!$this->db->CheckWordLength($this->comment)) {
return $this->db->gb_error($this->db->LANG["ErrorPost10"]);
}
return 1;
}

function add_guest() {
global $GB_TMP, $GB_UPLOAD, $GB_PG;
if ($this->preview==1 && $this->user_img) {
$img = new gb_image();
$img->set_destdir("$this->include_path/$GB_UPLOAD");
$img->set_border_size($this->db->VARS["img_width"], $this->db->VARS["img_height"]);
if ($this->db->VARS["thumbnail"]==1) {
$min_size = 1024*$this->db->VARS["thumb_min_fsize"];
$img->set_min_filesize($min_size);
$img->set_prefix("t_");
$img->create_thumbnail("$this->include_path/$GB_TMP/$this->user_img",$this->user_img);
}
copy("$this->include_path/$GB_TMP/$this->user_img", "$this->include_path/$GB_UPLOAD/$this->user_img");
unlink("$this->include_path/$GB_TMP/$this->user_img");
$this->image_file = $this->user_img;
}
$this->name = htmlspecialchars($this->name);
$this->location = htmlspecialchars($this->location);
if ($this->db->VARS["allow_html"] == 0) {
$this->comment = htmlspecialchars($this->comment);
}
if ($this->db->VARS["agcode"] == 1) {
$this->comment = $this->db->AGCode($this->comment);
}
if (!get_magic_quotes_gpc()) {
$this->name = addslashes($this->name);
$this->location = addslashes($this->location);
$this->aim = addslashes($this->aim);
$this->email = addslashes($this->email);
$this->url = addslashes($this->url);
$this->comment = addslashes($this->comment);
}
$host = @gethostbyaddr($this->ip);
$agent = getenv("HTTP_USER_AGENT");
$the_time = time();
$sql_usertable = ($this->private==1) ? $this->table['priv'] : $this->table['data'];
$this->db->query("INSERT INTO $sql_usertable (name,gender,email,url,date,location,host,browser,comment,icq,aim) VALUES ('$this->name','$this->gender','$this->email','$this->url','$the_time','$this->location','$host','$agent','$this->comment','$this->icq','$this->aim')");
if (!empty($this->image_file) || !empty($this->user_img)) {
$size = GetImageSize("$this->include_path/$GB_UPLOAD/$this->image_file");
if (is_array($size) && $size[2]>0 && $size[2]<4) {
$book_id = ($this->private==1) ? 1 : 2;
$p_filesize = filesize("$this->include_path/$GB_UPLOAD/$this->image_file");
$this->db->fetch_array($this->db->query("SELECT MAX(id) AS msg_id FROM $sql_usertable"));
$this->db->query("INSERT INTO ".$this->table['pics']." (msg_id,book_id,p_filename,p_size,width,height) VALUES ('".$this->db->record['msg_id']."',$book_id,'$this->image_file','$p_filesize','$size[0]','$size[1]')");
}
}
$from_email = ($this->email == "") ? "nobody@$host" : $this->email;
if ($this->db->VARS["notify_private"]==1 && $this->private==1) {
@mail($this->db->VARS["admin_mail"],$this->db->LANG["EmailAdminSubject"],"$this->name\n$this->host\n\n$this->comment", "From: <".$this->name."> $from_email\nX-Mailer: Advanced Guestbook 2");
}
if ($this->db->VARS["notify_admin"]==1 && $this->private==0) {
@mail($this->db->VARS["admin_mail"],$this->db->LANG["EmailAdminSubject"],"$this->name\n$this->host\n\n$this->comment", "From: <".$this->name."> $from_email\nX-Mailer: Advanced Guestbook 2");
}
if ($this->db->VARS["notify_guest"]==1 && $this->email != '') {
@mail($this->email,$this->db->LANG["EmailGuestSubject"],$this->db->VARS["notify_mes"], "From: <".$this->db->VARS['admin_mail']."> ".$this->db->VARS['admin_mail']."\nX-Mailer: Advanced Guestbook 2");
}
if ($this->db->VARS["flood_check"]==1) {
$this->db->query("INSERT INTO ".$this->table['ip']." (guest_ip,timestamp) VALUES ('$this->ip','$the_time')");
}
$LANG =& $this->db->LANG;
$VARS =& $this->db->VARS;
eval("\$success_html = \"".$this->template->get_template($this->GB_TPL['success'])."\";");
eval("\$success_html .= \"".$this->template->get_template($this->GB_TPL['footer'])."\";");
return $success_html;
}

function form_addguest() {
global $GB_PG, $HTTP_COOKIE_VARS;
$HTML_CODE = ($this->db->VARS["allow_html"] == 1) ? $this->db->LANG["BookMess2"] : $this->db->LANG["BookMess1"];
$SMILE_CODE = ($this->db->VARS["smilies"] == 1) ? $this->db->LANG["FormMess2"] : $this->db->LANG["FormMess7"];
$AG_CODE = ($this->db->VARS["agcode"] == 1) ? $this->db->LANG["FormMess3"] : $this->db->LANG["FormMess6"];
$LANG =& $this->db->LANG;
$VARS =& $this->db->VARS;
$OPTIONS[] ='';
if ($this->db->VARS["allow_icq"]==1) {
eval("\$OPTIONS['icq'] = \"".$this->template->get_template($this->GB_TPL['frm_icq'])."\";");
}
if ($this->db->VARS["allow_aim"]==1) {
eval("\$OPTIONS['aim'] = \"".$this->template->get_template($this->GB_TPL['frm_aim'])."\";");
}
if ($this->db->VARS["allow_gender"]==1) {
eval("\$OPTIONS['gender'] = \"".$this->template->get_template($this->GB_TPL['frm_gender'])."\";");
}
if ($this->db->VARS["allow_img"]==1) {
eval("\$OPTIONS['img'] = \"".$this->template->get_template($this->GB_TPL['frm_image'])."\";");
}
$OPTIONAL = implode("\n",$OPTIONS);
if (isset($HTTP_COOKIE_VARS['lang']) && !empty($HTTP_COOKIE_VARS['lang']) && file_exists("$this->include_path/lang/codes-".$HTTP_COOKIE_VARS['lang'].".php")) {
$LANG_CODES = "$GB_PG[base_url]/lang/codes-".$HTTP_COOKIE_VARS['lang'].".php";
} elseif (file_exists("$this->include_path/lang/codes-".$VARS['lang'].".php")) {
$LANG_CODES = "$GB_PG[base_url]/lang/codes-".$VARS['lang'].".php";
} else {
$LANG_CODES = "$GB_PG[base_url]/lang/codes-english.php";
}
eval("\$addform_html = \"".$this->template->get_template($this->GB_TPL['header'])."\";");
eval("\$addform_html .= \"".$this->template->get_template($this->GB_TPL['form'])."\";");
eval("\$addform_html .= \"".$this->template->get_template($this->GB_TPL['footer'])."\";");
return $addform_html;
}

function preview_entry() {
global $GB_PG;
if (get_magic_quotes_gpc()) {
$this->name = stripslashes($this->name);
$this->comment = stripslashes($this->comment);
$this->location = stripslashes($this->location);
}
$this->name = htmlspecialchars($this->name);
if ($this->db->VARS["allow_html"] == 0) {
$message = htmlspecialchars($this->comment);
$message = nl2br($message);
} else {
$message = nl2br($this->comment);
}
if ($this->db->VARS["smilies"] == 1) {
$message = $this->db->emotion($message);
}
if ($this->db->VARS["agcode"] == 1) {
$message = $this->db->AGCode($message);
}
$this->location = htmlspecialchars($this->location);
$this->comment = htmlspecialchars($this->comment);
$USER_PIC =(isset($this->tmp_image)) ? $this->tmp_image : '';
$DATE = $this->db->DateFormat(time());
$host = @gethostbyaddr($this->ip);
$AGENT = getenv("HTTP_USER_AGENT");
$LANG =& $this->db->LANG;
$VARS =& $this->db->VARS;
if ($this->url) {
$row['url'] = $this->url;
eval("\$URL = \"".$this->template->get_template($this->GB_TPL['url'])."\";");
} else {
$URL = '';
}
if ($this->icq && $this->db->VARS["allow_icq"]==1) {
$row['icq'] = $this->icq;
eval("\$ICQ = \"".$this->template->get_template($this->GB_TPL['icq'])."\";");
} else {
$ICQ = '';
}
if ($this->aim && $this->db->VARS["allow_aim"]==1) {
$row['aim'] = $this->aim;
eval("\$AIM = \"".$this->template->get_template($this->GB_TPL['aim'])."\";");
} else {
$AIM = '';
}
if ($this->email) {
$row['email'] = $this->email;
eval("\$EMAIL = \"".$this->template->get_template($this->GB_TPL['email'])."\";");
} else {
$EMAIL = '';
}
if ($this->db->VARS["allow_gender"]==1) {
$GENDER = ($this->gender=="f") ? " " : " ";
} else {
$GENDER = '';
}
if ($this->db->VARS["show_ip"] == 1) {
$hostname = ( eregi("^[-a-z_]+", $host) ) ? "Host" : "IP";
$HOST = "$hostname: $host\n";
} else {
$HOST = '';
}
$HIDDEN = "\n";

$HIDDEN .= "";
$HIDDEN .= "\n"; //Hidden Random Value
$HIDDEN .= "name."\">\n";

$HIDDEN .= "email."\">\n";
$HIDDEN .= "url."\">\n";
$HIDDEN .= "comment."\">\n";
$HIDDEN .= "location."\">\n";
if ($this->image_file) {
$HIDDEN .= "image_file."\">\n";
}
if ($this->private==1) {
$HIDDEN .= "private."\">\n";
}
if ($this->db->VARS["allow_gender"]==1) {
$HIDDEN .= "gender."\">\n";
}
if ($this->icq && $this->db->VARS["allow_icq"]==1) {
$HIDDEN .= "icq."\">\n";
}
if ($this->aim && $this->db->VARS["allow_aim"]==1) {
$HIDDEN .= "aim."\">\n";
}
$row['name'] = $this->name;
$row['location'] = $this->location;
$row['email'] = $this->email;
eval("\$GB_PREVIEW = \"".$this->template->get_template($this->GB_TPL['prev_entry'])."\";");
eval("\$preview_html = \"".$this->template->get_template($this->GB_TPL['header'])."\";");
eval("\$preview_html .= \"".$this->template->get_template($this->GB_TPL['preview'])."\";");
eval("\$preview_html .= \"".$this->template->get_template($this->GB_TPL['footer'])."\";");
return $preview_html;
}

function process($action='') {
switch ($action) {
case $this->db->LANG["FormSubmit"]:
if ($this->preview==1) {
$this->comment = $this->undo_htmlspecialchars($this->comment);
$this->name = $this->undo_htmlspecialchars($this->name);
}
$this->clear_tmpfiles();
$status = $this->check_entry();
return ($status == 1) ? $this->add_guest() : $status;
break;

case $this->db->LANG["FormPreview"]:
$status = $this->check_entry("preview");
return ($status == 1) ? $this->preview_entry() : $status;
break;

default:
return $this->form_addguest();
}
}

}

?>
[/code]

I am pretty sure I've followed to the letter but as everything in life I could be wrong. Did I say thank you for helping me. :D

Carbonize — GMT

[code] function form_addguest() {
global $GB_PG, $HTTP_COOKIE_VARS; [/code]
should be
[code] function form_addguest() {
global $GB_PG, $HTTP_COOKIE_VARS, $Vrand; [/code]

find
[code] function preview_entry() {
global $GB_PG; [/code]

and make it
[code] function preview_entry() {
global $GB_PG,$Vrand; [/code]

I left the first instruction out and only discovered the preview error yesterday.

partially working image verification - help!

Anonymous — GMT

I have installed and updated all the necessary files, but must have missed something somewhere.
In adding a new guestbook (v 2.3.1) entry, the form is ok - shows verification line, generated Image numbers, and acceptance box. If I do not enter anything into the acceptance box, ie leave blank, I get the pop-up saying I must enter the characters - ok.
If I enter just 1 character, or any amount of characters, whether they be the random image chars or not, the entry passes the test and gets added to the guestbook.
Initially in the form.php I had to add the $GB_PG[base_url] to get the Image to display. ie :
[b]
Image Verification:
Enter these characters
into this text box
[/b]

Any other ideas?

Thanks in anticipation.

Paul ( www.1820Settlers.com )

Carbonize — GMT

If it's not verifying if the code is correct or not then the error must lie in the the lib/add.class.php file. Check that you have added everything to that as per the instructions.

Anonymous — GMT

Hi Carbonize,

I've checked my add.class.php code and compared it to the earlier post above, plus the corrections, and there is no difference. Still won't verify. Any other pointers?

Paul

Carbonize — GMT

Redownload the verification.zip file then go through the instructions step by step just to make sure. ALso make sure you have the verify.php and verifyimage.php fils in the same folder as addentry.php. I'm at work right now but if you still can't get it to work I will try and upload a zip containing pre modded files.

Anonymous — GMT

Started afresh.. Re-extracted the base files from the guestbook original download. Downloaded your verification.zip again, and went very slowly cut'n'paste all the requirements. ftp'd the files up to correct directories on website. Exactly the same results. Did not display the generated Image on first entry to the 'sign the guestbook'. Added the $GB_PG[base_url] as per earlier post, , re-ftp'd, and then it displayed the Image. Something I didn't notice before was that when I 'previewed' the entry and then clicked Go Back, the Image is not redisplayed unless I refresh the page.
Me thinks it has to be something to do with the path or folder structure?

PaulTT www.1820settlers.com

Anonymous — GMT

Send me the three files addentry.php lib/add.class.php and templates/form.php I think I know what is missing but I want to make sure.

Carbonize — GMT

The above post was me

amber222 — GMT

Do you know why this and the other scripts will not work in phpnuke?

I have two guestbooks, one in a phpnuke module. Using duplicate copies of the files, the first guestbook is fine, but the one in th phpnuke module won't show the image.

Same problem with other scripts, like admin logout redirect and renaming the admin file.

amber222 — GMT

I just noticed that PaulTT www.1820settlers.com is a phpnuke site. Can somebody give me the 411?

Carbonize — GMT

I'm wondering if PHPNuke didn't change something since AG 2.3.1 was released as AG 2.3.1 was written to integrate into it form what I have seen in the code.

amber222 — GMT

I am not using the Advanced Guestbook for Phpnuke. I am actually using the basic program. I just put it in a phpnuke module myself. ( This was before I knew there was such a thing as Advanced Guestbook for Phpnuke.) I believe the only thing I changed was one file where it says something like "... is running in a postnuke or phpnuke module; false". I changed it to "true" and I think I had to change the path.

I noticed with the Admin logout redirect, the problem seemed to be the path. I tried changing it myself, but couldn't get it to work, probably because I really don't know php.

It seemed that earlier in this thread Paul was having problems which he thought were related to the path. He sent you the files, and I guess you fixed them, because the guestbook on his site has the image. I sent him an email requesting info, but there is no guarantee he will respond.

I was wondering if you recalled what you did to help him solve his problem?

Carbonize — GMT

think I would have to install PHP Nuke to fix this one. Images are easy to fix as you can right click to get the properties and see where it is pointing to. Pauls problem is a weird one as the files are correct and it appears to be working right so I need to delve into how the book interacts with the CMS.

amber222 — GMT

Thank you, but I don't want you to have to install Phpnuke - we're talking huge. It would be much simpler to just not allow image upload until I figure this one out.

Btw, how vulnerable is it having image upload without the verification? Will maybe excluding certain file types get around this?

As always, your expertise is appreciated.

Carbonize — GMT

The guestbook already limits the file types they can upload. The image verification is just to stop spam.