Elxis CMS Forum
Extensions => Components => Topic started by: babis1 on July 27, 2009, 16:34:33
-
when i login and try to put a new ad with text who have taken from copy paste then everything goes to hell....can we make something with that validation ? i thing in write_ad.php in line 370 have that
/* input validation */
if( $mode == "db") {
$bInputFields = 0;
if ( eUTF::utf8_strlen ( $name) < 3) {
$bInputFields = 1;
$afNameClass = "marketplace_error";
}
if ( eUTF::utf8_strlen ( $email) < 7) {
$bInputFields = 1;
$afEmailClass = "marketplace_error";
}
if ( eUTF::utf8_strlen ( $ad_headline) < 5) {
$bInputFields = 1;
$afHeadlineClass = "marketplace_error";
}
if ( eUTF::utf8_strlen ( $ad_text) < 5) {
$bInputFields = 1;
$afTextClass = "marketplace_error";
}
}
can someone help because its major problem because everyone in that case can hack the site....simply he make a new add take a copy paste text from one html page and he broke your site
-
ok.......the problem is when you copy and paste in text area greek characters...with english characters even and if you use copy paste works good.....something goes wrong with greek characters or with greek language
-
The code you copy-pasted has nothing to do with clearing of submitted html.
Simple html removal
<?php
//$html : user submitted html text
$html = strip_tags($html);
$pat = "([\']|[\"]|[\$]|[\#]|[\<]|[\>]|[\*]|[\%]|[\~]|[\`]|[\^]|[\|]|[\{]|[\}]|[\\\])";
html = eUTF::utf8_trim(preg_replace($pat, '', $html));
?>
-
john i thing that i have seen that code somewhere yesterday in ios gallery or in com_eblog....ok that code i have to put in the write_ad.php file? i came back with images of what it happens give me 30' because i have to make another one installation of the component
-
i dont understand now i have put the greek language file, but first i add one text with greeklish characters and works good, after that i put an add with greek characters and still works good, in the same server before 1 hour i put with copy paste one text with greek characters and it broken everything....what happens? when you put an add and in text area(title-text) put the greek text, after that put an image ---- save the add its ok, but when you go to the marketpalce home page (from the topmenu) then the template goes on, you have only the top menu of the marketplace with all the characters even and those of topmenu like that ΕÏευνα και συμμετοχή σε ε...
-
ok i cache it
1 with greeklish
2 greek text
[attachment deleted by admin]
-
3 go to home page
4 look that
[attachment deleted by admin]
-
but i found something important...........i dont belive it the all thing is the title length when you have a small title works fine when you have a big title the site is broken...i thing somewhere i found how many characters you must put in title i go to see what happens
-
ok thanks to ivan we make some change in the recent5.php because there was the problem with the long titles, at the line 152.........before
echo "<a href=".sefRelToAbs( "index.php?option=com_marketplace&page=show_ad&catid=$mes->category&adid=$mes->id&Itemid=$Itemid").">";
if ( eUTF::utf8_strlen($mes->ad_headline)>30){
echo eUTF::utf8_strlen_substr( $mes->ad_headline, 0, 27)."...";
}
else {
echo $mes->ad_headline;
}
echo "</a>";
.........after
echo "<a href=".sefRelToAbs( "index.php?option=com_marketplace&page=show_ad&catid=$mes->category&adid=$mes->id&Itemid=$Itemid").">";
echo "</a>";................and work
but this is a little hack for me if anyone dont want to change this .... dont change......