Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Problems with forum plugin  (Read 3644 times)

0 Members and 1 Guest are viewing this topic.

PhotoFan

  • Coppermine newbie
  • Offline Offline
  • Posts: 6
Problems with forum plugin
« on: January 27, 2012, 03:39:01 pm »

Hello,

My name is Paul and I am completely new to Coppermine.
I have build a website for people to share their pictures in an online community. http://www.whats-hot-nl.com/photofan
Also I installed the Forum plugin, so they can disscus technical information and other  topics.

When I or someone else using the forum try to post a new message I get a blanc page with this message:

"Array (
  • => Error Number: 1064 [1] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's mag maken. :-D Mvg, Paul ', 1327674879, '2', 'Paul', '84.80.87.182', 1, 26, ' at line 1 [2] => INSERT INTO cpg_fr_messages (icon, subject, body, poster_time, poster_id, poster_name, poster_ip, smileys_enabled, topic_id, board_id) VALUES ('icon2', 'Er is er één jarig, hoera, hoera', 'Reg, beter een dag te laat da helemaal niet! Van harte gefeliciteerd en dat je nog maar veel foto's mag maken. :-D Mvg, Paul ', 1327674879, '2', 'Paul', '84.80.87.182', 1, 26, 6) )"


My webhost told me to renstall the plugin, so I did. But the problem did not disapeare.
I really have no idea how to solve this, please help

Regards, Paul
Logged

Αndr

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15760
Re: Problems with forum plugin
« Reply #1 on: January 27, 2012, 03:46:35 pm »

I'll check that. Seems to be a serious error in the code.
Logged

PhotoFan

  • Coppermine newbie
  • Offline Offline
  • Posts: 6
Re: Problems with forum plugin
« Reply #2 on: January 27, 2012, 03:50:35 pm »

Thnx Andr,

I have made a test account.

Username: Test
ww: Test123

Regards, Paul
Logged

Αndr

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15760
Re: Problems with forum plugin
« Reply #3 on: January 27, 2012, 04:18:19 pm »

Obviously the input doesn't get escaped. Usually it should, as it's processed by that function:
Code: [Select]
    function escape_str($str) {   
        if (get_magic_quotes_gpc()) {
            return $str;
        }
        if (function_exists('mysql_real_escape_string')) {
            return mysql_real_escape_string($str, $this->conn_id);
        } elseif (function_exists('mysql_escape_string')) {
            return mysql_escape_string($str);
        } else {
            return addslashes($str);
        }
    }

We have 2 options:
1. I'd need FTP access to the forum plugin directory (if you trust me) to debug what's going on. I'll give you my contact details so you can send me the login data, don't post them publicly!
2. Talk again to your webhost, tell them magic_quotes_gpc seems to work incorrectly (not recommended yet, as that's just an assumption without further tests)
Logged

PhotoFan

  • Coppermine newbie
  • Offline Offline
  • Posts: 6
Re: Problems with forum plugin
« Reply #4 on: January 27, 2012, 04:57:58 pm »

Andr, that would be great.

If you send me youre contact details, I will send you my admin login.

Thnx, Paul
Logged

Αndr

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15760
Re: Problems with forum plugin
« Reply #5 on: January 27, 2012, 05:04:31 pm »

PM sent.
Logged

Αndr

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15760
Re: Problems with forum plugin
« Reply #6 on: January 30, 2012, 03:51:13 pm »

This part of the function will be used:
Code: [Select]
        if (get_magic_quotes_gpc()) {
            return $str;
        }
as magic_quotes_gpc is enabled, at least that function tells that it does.


I haven't investigated if magic_quotes_gpc generally doesn't work as expected or if it's just an issue with the forum plugin. I commented out that part and everything seems to work fine now.
Logged

PhotoFan

  • Coppermine newbie
  • Offline Offline
  • Posts: 6
Re: Problems with forum plugin
« Reply #7 on: February 02, 2012, 08:57:18 am »

Hi Andr,

Sorry for the delay in reaction, I've had a bad flew!

Thanx for the help, For as much as I did online I did not encounter any problems so far.
It seems everything is working fine now.

Thanx from the whole PhotoFan Community  :D
Logged
Pages: [1]   Go Up
 

Page created in 0.019 seconds with 21 queries.