Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: for casper or anyone who could help.  (Read 4215 times)

0 Members and 1 Guest are viewing this topic.

qt4eva

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
for casper or anyone who could help.
« on: February 12, 2005, 11:44:50 pm »

hi casper, you helped me solved the problem i go here a few day ago.

http://forum.coppermine-gallery.net/index.php?topic=14619.0

now i also would like to know how do i get rid of the horizontal scollbar in the iframe?? i do want the verticle though. thank first.. thank to anyone who could help also.
Logged

Casper

  • VIP
  • Coppermine addict
  • ***
  • Country: 00
  • Offline Offline
  • Gender: Male
  • Posts: 5231
Re: for casper or anyone who could help.
« Reply #1 on: February 13, 2005, 12:16:32 pm »

Edit your file pabox.php so that it is in a table slightly narrower than the iframe. 
Logged
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

qt4eva

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Re: for casper or anyone who could help.
« Reply #2 on: February 14, 2005, 03:07:14 pm »

can you help me do that? am not very good at html or php..

here is my pabox.php stuff.

Code: [Select]
<?php


/*---------------------
code begin---------------------*/

$starttime microtime();
$starttime explode(" ",$starttime);
$starttime $starttime[1] + $starttime[0];
/*---------------------
If register_globals is off, we'll extract all of the superglobals so they can be used.
---------------------*/
if (!@ini_get('register_globals')) {
extract($_GET);
extract($_POST);
extract($_COOKIE);
extract($_SERVER);
}
/*---------------------
Shout! Shout! Let it all out...
---------------------*/
require('./pabox.conf.php');
require(
'./pabox.functions.php');
require(
'./paboxadmin/auth.php');
$conf query('SELECT * FROM '.$db['prefix'].'_settings'1);
require(
'./languages/'.$conf['lang']);


$version '2.0';

/*---------------------
...these are the things I can do without...

(actually we can't do anything without these things)
---------------------*/
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Request Board</title>
<style type="text/css" media="all">@import "./styles/<?php echo($conf['css']); ?>";</style>
<script language="JavaScript" src="./pabox.js" type="text/javascript"></script>
</head>
<body>
<?php
/*---------------------
This will check to see if the user's IP is banned or not. If it is, deny access and end execution....
...Isn't it funny that if you end the execution of someone, they live, but if you end the execution of a script, it dies?
---------------------*/
$bannedips explode('|'$conf['bannedips']);
if (
in_array($REMOTE_ADDR$bannedips)) {
die($lang['banned']);
}

/*---------------------
We're adding a shout, yay!
---------------------*/
if ($action == "add") {
/*---------------------
Step one, instead of 'ass', say 'buns',
like 'kiss my buns', and 'you're a buns-hole'. - South Park: Bigger, Longer, and Uncut

Since some people like to be buns-holes, we have to remove their naughty words, m'kay?
---------------------*/
$result query('SELECT * FROM '.$db['prefix'].'_badwords'0);
while ($eminem mysql_fetch_array($result)) {
$name preg_replace('/'.$eminem['badword'].'/i'$eminem['goodword'], $name);
$site preg_replace('/'.$eminem['badword'].'/i'$eminem['goodword'], $site);
$shout preg_replace('/'.$eminem['badword'].'/i'$eminem['goodword'], $shout);
}
/*---------------------
Set up the smileys. If they're enabled, replace the text, like :) or whatever it is with the image.
You might notice that instead of using < and > for the HTML tag, we're using #* and *#. Why? So it doesn't interfere with the code to disable HTML. The #* and *# will eventually be converted into < and > later on when displaying the shout.
---------------------*/
if ($conf['smileys']) {
$result query('SELECT * FROM '.$db['prefix'].'_smileys'0);
while ($smile mysql_fetch_array($result)) {
$shout str_replace($smile['text'], '#*img src=\'./smileys/'.$smile['file'].'\' /*#'$shout);
}
}
/*---------------------
Step two, instead of 'sh*t', say 'poo',
as in 'bull-poo', 'poo-head' and 'this poo is cold'.

So, here's the poo for flood control. See when the last time someone using this IP address posted a shout. If the time difference is less than the set flood control, prevent them from posting.
---------------------*/
if ($conf['flood'] > 0) {
$lastshout query('SELECT * FROM '.$db['prefix'].'_shouts WHERE ip=\''.$REMOTE_ADDR.'\' ORDER BY date DESC LIMIT 0,1'1);
if (time() - $lastshout['date'] < $conf['flood']) {
die($lang['floodcontrol']);
}
}
/*---------------------
Step three, with 'bi*ch' - drop the 't',
cause 'bich' is Latin for 'generosity'.

And we add the shout to the database and redirect the user to the shoutbox. The URL to the shoutbox has the time stuck on the end of it to make a unique URL, since sometimes browser caches like to be bichs.
---------------------*/
query("INSERT INTO ".$db['prefix']."_shouts VALUES (NULL, '".addslashes($name)."', '".addslashes($shout)."', '".addslashes($site)."', '$posticon', '".time()."', '$REMOTE_ADDR')"0);
echo '<META HTTP-EQUIV="Refresh" CONTENT="0;URL=./pabox.php?'.time().'">';
/*---------------------
Show the shoutbox....
---------------------*/
} else {
?>

<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr><td class="border" width="100%">
<table border="0" cellpadding="2" cellspacing="1" width="100%">
<?php
/*---------------------
Get the shouts from the database and limit it to only get the amount of shouts you set it to show.
---------------------*/
$tearsforfears query('SELECT * FROM '.$db['prefix'].'_shouts ORDER BY date DESC LIMIT 0,'.$conf['display'], 0);
while ($theshout=mysql_fetch_array($tearsforfears)) {
$disturbed = (++$i 1) ? 'row1' 'row2';
/*---------------------
The Disturbed cover of "Shout" is better.....

Step four, don't say 'f**k' anymore,
cause 'f**k' is the worst word that you can say,
so just use the word 'm'kay!'

Back on topic, this code is stripping HTML from the URL and name to prevent someone from m'kay-ing up the page.
---------------------*/
$url trim($theshout['site']);
$url htmlspecialchars($urlENT_QUOTES);
$theshout['name'] = htmlspecialchars($theshout['name'], ENT_QUOTES);
/*---------------------
If HTML is disabled, then strip < and > from the output (&lt; and &gt; instead)
If paCode is enabled, parse it and turn it into HTML.
Set up the link for the poster's name. If they provided a URL, put the <a href> tag there, if not, leave it out.
---------------------*/
if (!$conf['html']) {
$theshout['shout'] = htmlspecialchars($theshout['shout']);
}
if ($conf['pacode']) {
$theshout['shout'] = dopacode($theshout['shout']);
}
if (!empty($url)) { 
$name '<a href="'.$url.'" target="_blank"><b>'.$theshout['name'].'</b></a>'
} else {
$name '<b>'.$theshout['name'].'</b>';
}
/*---------------------
These next lines are where we convert the #* and *# for emoticons into HTML code to show the smileys
After that, we set up the shouticon (or posticon) to display it if needed
---------------------*/
$theshout['shout'] = str_replace('#*img''<img'$theshout['shout']);
$theshout['shout'] = str_replace('/*#''/>'$theshout['shout']);
if (empty($theshout['posticon'])) {
$shouticon '';
} else {
$shouticon '<img src="./smileys/'.$theshout['posticon'].'" alt="" />&nbsp;';
}
?>

<tr><td valign="top" width="100%" class="<?php echo($disturbed); ?>">
<?php 
/*---------------------
Set the time offset, and, finally, output the shout. Then, if shouticons are enabled, generate the output for the list to be shown by the Post Shout boxes
---------------------*/
if ($logged) {
$adminstuff '<div align="right"><a title="'.$lang['lookip'].'" href="http://ws.arin.net/cgi-bin/whois.pl?queryinput='.$theshout['ip'].'">'.$theshout['ip'].'</a> - <a href="javascript:pop(\'./paboxadmin/shouts.php?act=edit&id='.$theshout['id'].'\', 550, 350);">'.$lang['edit'].'</a> - <a href="javascript:deleteconf('.$theshout['id'].')">'.$lang['delete'].'</a></div>';
}
$theshout['date'] = $theshout['date'] + ($conf['timeoffset'] * 3600);
echo('<a name="'.$theshout['id'].'"></a>'$shouticon.$lang['postedby'].stripslashes($name).$lang['postedon'].'<b>'.date($conf['dateformat'],$theshout['date']).'</b><hr>'.stripslashes($theshout['shout']).$adminstuff.'</td></tr>'."\n");

if ($conf['posticons']) {
$result query('SELECT * FROM '.$db['prefix'].'_smileys'0);
while ($icon=mysql_fetch_array($result)) {
$posticons .= '<input type="radio" name="posticon" value="'.$icon['file'].'" /><img src="./smileys/'.$icon['file'].'" alt="" /> ';
}
$posticons .= '<input type="radio" name="posticon" value="" checked="checked" />'.$lang['none'];
} else {
$posticons '&nbsp;';
}
?>

<tr><td class="main" width="100%" align="center">
<div align="left">
<?php
if (!empty($conf['timezone'])) {
echo($lang['times'].$conf['timezone']);
}
if ($conf['maxlength'] > 0) {
$maxl 'maxlength="'.$conf['maxlength'].'"';
} else {
$maxl '';
}
?>

</div>
<form action="./pabox.php?action=add" method="post" name="shoutbox" onsubmit="return verify(this.form)">
<input type="text" name="name" size="20" maxlength="30" value="<?php echo($lang['yname']); ?>" onfocus="clearText(this)" /><br />

<input type="text" name="shout" size="20" <?php echo($maxl); ?> value="<?php echo($lang['yshout']); ?>" onfocus="clearText(this)" /><br />

<?php
if ($conf['pacode']) {
?>
<p />
<input style="font-weight:bold" type="button" value="B" onclick="javascript:dobold();" />&nbsp;
<input style="font-weight:italic" type="button" value="I" onclick="javascript:doitalic();" />&nbsp;
<input style="text-decoration:underline" type="button" value="U" onclick="javascript:dounderlined();" />&nbsp;
<input type="button" value="http://" onclick="javascript:dourl();" />&nbsp;
<input type="button" value="@" onclick="javascript:doemail();" />&nbsp;
<br />

<?php
if ($conf['smileys']) {
echo '<a href="javascript:pop(\'pabox.smileys.php\', 250, 300);">'.$lang['smileys'].'</a><br />';
}
echo $posticons;
}
?>

<br />
<input type="submit" value="<?php echo($lang['shoutshoutletitallout']); ?>" />&nbsp;<input type="reset" value="<?php echo($lang['reset']); ?>" />
</form><p /><a href="http://www.freepgs.com/qt4eva/forum/paboxadmin/index.php">Click</a> to access admin page!<p />
Powered by paBox <?php echo($version); ?><br />
&copy;2003 <a href="http://www.phparena.net" target="_blank">PHP Arena</a><br />

</td></tr>
</table>

</td></tr></table>

<?php
}
if (
$conf['debug']) {
$endtime microtime();
$endtime explode(" ",$endtime);
$endtime $endtime[1] + $endtime[0];
$stime $endtime $starttime;
echo '<div align="center">This page was generated in '.$stime.' seconds using '.$query_count.' queries. Queries used:<br />'.$queries_used.'</div>';
}
?>


        </tr>
</table>

</body>
</html>
Logged

Hein Traag

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: nl
  • Offline Offline
  • Gender: Male
  • Posts: 2166
  • A, B, Cpg
    • Personal website - Spintires.nl
Re: for casper or anyone who could help.
« Reply #3 on: February 14, 2005, 05:03:42 pm »

Code: [Select]
/*---------------------
Show the shoutbox....
---------------------*/
} else {
?>
<table border="0" cellpadding="0" cellspacing="0" width="100%">

Find the above and adjust the setting for width to a value which is less then the value set for the iframe.
Logged
Pages: [1]   Go Up
 

Page created in 0.023 seconds with 21 queries.