Forums -> [2008-01-01] Important security fix for 2.3 - SePortal

	Resources

Users

	Topics
Home Seportal (5) News (3)

Who is Online

Currently active users: 4

There are currently 0 registered user(s) (0 among them invisible) and 4 guest(s) online.

Random Image

Ana Sayfa/Home
Comments: 0
zebaniz

	Powered By

	Rate SePortal at
Listed at Hot Scripts in PHP Scripts.com ScriptSearch.com

Home / Forums / SePortal / Hatalar & Yamalar/Bug Fixes & Patches

[2008-01-01] Important security fix for 2.3 - Önemli bir düzeltme

| Download / Print this Topic |

Email this topic



zebaniz		Posted: 01.01.2008 - 18:54

Administrator Group: Admin Total posts: 306 User No: 1 Join Date: 01.01.2007 00:00		Türkçe: [b]3 önemli düzeltmenin yapılması gereklidir[/b] Düzeltme: 1 register.php dosyasını açın: Aşağıdaki metni bulun (331.satır) PHP `$sqlst = "UPDATE ".STATS_TABLE." SET ". "MEM_COUNT=MEM_COUNT+1, ". "LAST_MEM_NAME='".$row[$user_table_fields['user_name']]."', ". "LAST_MEM_ID='".$row[$user_table_fields['user_id']]."'"; $site_db->query($sqlst);` ve aşağıdaki ile değiştirin: PHP $sql = "SELECT COUNT() as user_num FROM ".USERS_TABLE." WHERE ".get_user_table_field("", "user_level")." != ".GUEST.""; $userrow = $site_db->query_firstrow($sql); $sqlst = "UPDATE ".STATS_TABLE." SET ". "MEM_COUNT='".$userrow['user_num']."', ". "LAST_MEM_NAME='".$row[$user_table_fields['user_name']]."', ". "LAST_MEM_ID='".$row[$user_table_fields['user_id']]."'"; $site_db->query($sqlst); Düzeltme: 2* poll.php dosyasını açın: Aşağıdaki metni bulun (28.satır): PHP function pollsave() { global $site_db, $poll_id, $aid, $REMOTE_ADDR, $lang, $HTTP_COOKIE_VARS; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$poll_id'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if (!isset( $HTTP_COOKIE_VARS[$poll_id]) && $pcount == 0){ $sql = "UPDATE ".POLL_QUESTIONS_TABLE." SET voters = voters + 1 WHERE qid = '$poll_id'"; $result = $site_db->query($sql); $sql2 = "UPDATE ".POLL_ANSWERS_TABLE." SET votes = votes + 1 WHERE qid = '$poll_id' AND aid = $aid"; $result2 = $site_db->query($sql2); $current_time = time(); $sqlvolters = "INSERT INTO ".POLL_VOLTERS_TABLE." (ipaddress, date, qid) VALUES ('$REMOTE_ADDR', $current_time, '$poll_id')"; $resultvolters = $site_db->query($sqlvolters); $html .= startBlock( $lang['vote_saved'] ); $html .= $lang['vote_saved_for']." '".$site_db->db_getItem( POLL_QUESTIONS_TABLE, 'question', "qid = '{$poll_id}'" )."'"; } else { $html .= startBlock( $lang['error'] ); $html .= $lang['voting_error']; } $html .= endBlock(); $html .= pollResults($poll_id); return $html; }//end pollsave ve aşağıdaki ile değiştirin: PHP function pollsave() { global $site_db, $poll_id, $aid, $session_info, $lang, $HTTP_COOKIE_VARS; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$poll_id'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if (!isset( $HTTP_COOKIE_VARS[$poll_id]) && $pcount == 0){ $sql = "UPDATE ".POLL_QUESTIONS_TABLE." SET voters = voters + 1 WHERE qid = '$poll_id'"; $result = $site_db->query($sql); $sql2 = "UPDATE ".POLL_ANSWERS_TABLE." SET votes = votes + 1 WHERE qid = '$poll_id' AND aid = $aid"; $result2 = $site_db->query($sql2); $current_time = time(); $sqlvolters = "INSERT INTO ".POLL_VOLTERS_TABLE." (ipaddress, date, qid) VALUES ('".$session_info['session_ip']."', $current_time, '$poll_id')"; $resultvolters = $site_db->query($sqlvolters); $html .= startBlock( $lang['vote_saved'] ); $html .= $lang['vote_saved_for']." '".$site_db->db_getItem( POLL_QUESTIONS_TABLE, 'question', "qid = '{$poll_id}'" )."'"; } else { $html .= startBlock( $lang['error'] ); $html .= $lang['voting_error']; } $html .= endBlock(); $html .= pollResults($poll_id); return $html; }//end pollsave Düzeltme: 3 includes/common.php dosyasını açın: Aşağıdaki metni bulun (405.satır - 531 -): PHP function pollVote( $qid ) { global $site_db, $site_template, $lang, $HTTP_COOKIE_VARS, $REMOTE_ADDR, $config, $txt_clickstream, $site_sess; $question = "SELECT * FROM ".POLL_QUESTIONS_TABLE." WHERE qid = '$qid' AND statuscode != 2"; $result = $site_db->query($question); $nquestion = $site_db->get_numrows($result); $Q = $site_db->query_firstrow($question); $txt_clickstream = "<span class='clickstream'><a href='".$site_sess->url(ROOT_PATH."poll.php")."' class='clickstream'>".$lang['polls_in_sys']."</a>".$config['category_separator'].$Q['question']; $sql = "SELECT * FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $anresult = $site_db->query($sql); $id = $site_db->get_numrows($anresult); if ( check_perms($Q['viewpoll_perms']) ) { if( empty( $HTTP_COOKIE_VARS[$qid] ) && $id == 0 ) { $html = startBlock($lang['vote']); if( $nquestion == 1 ) { $answers = "SELECT answer, aid FROM ".POLL_ANSWERS_TABLE." WHERE qid = '$qid' ORDER BY aid"; $anresult = $site_db->query($answers); $nanswers = $site_db->get_numrows($anresult); if( $nanswers > 0 ) { $poll_answers = ""; for( $i = 1; $i <= $nanswers; $i++ ) { $A = $site_db->fetch_array($anresult); $site_template->register_vars(array( "answer_id" => $A['aid'], "answer_text" => $A['answer'] )); $poll_answers .= $site_template->parse_template("pollanswer"); } $site_template->register_vars(array( "poll_question" => $Q['question'], "poll_id" => $qid, "lang_vote" => $lang['vote'], "lang_results" => $lang['results'], "poll_results_url" => "poll.php?".URL_POLL_ID."=".$qid."&aid=-1", "num_votes" => $Q['voters'], "lang_votes" => $lang['votes'], "poll_answers" => $poll_answers )); $html .= $site_template->parse_template("pollblock"); } } $html .= endBlock(); } else { $html .= pollResults( $qid ); } }// check_perms return $html; }//end pollVote function showPoll( $size, $qid='' ) { global $site_db, $config, $HTTP_COOKIE_VARS, $REMOTE_ADDR; $desired = time() - $config['polladdresstime']; $sql = "DELETE FROM ".POLL_VOLTERS_TABLE." WHERE date < $desired"; $site_db->query($sql); if( !empty( $qid )) { $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( empty( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } else { $sqlquestion = "SELECT qid, exp_time, expire FROM ".POLL_QUESTIONS_TABLE." WHERE display = 1 AND statuscode != 2 ORDER BY date DESC"; $resultquestion = $site_db->query($sqlquestion); $nrows = $site_db->get_numrows($resultquestion); if( $nrows > 0 ) { for( $i = 1; $i <= $nrows; $i++ ) { $Q = $site_db->fetch_array($resultquestion); $qid = $Q['qid']; $exp_time = $Q['exp_time']; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && time()<$exp_time) \|\| (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && $Q['expire'] == "on") ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } } } return $html; }//end showPoll ve aşağıdaki ile değiştirin: PHP function pollVote( $qid ) { global $site_db, $site_template, $lang, $HTTP_COOKIE_VARS, $session_info, $config, $txt_clickstream, $site_sess; $question = "SELECT * FROM ".POLL_QUESTIONS_TABLE." WHERE qid = '$qid' AND statuscode != 2"; $result = $site_db->query($question); $nquestion = $site_db->get_numrows($result); $Q = $site_db->query_firstrow($question); $txt_clickstream = "<span class='clickstream'><a href='".$site_sess->url(ROOT_PATH."poll.php")."' class='clickstream'>".$lang['polls_in_sys']."</a>".$config['category_separator'].$Q['question']; $sql = "SELECT * FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $anresult = $site_db->query($sql); $id = $site_db->get_numrows($anresult); if ( check_perms($Q['viewpoll_perms']) ) { if( empty( $HTTP_COOKIE_VARS[$qid] ) && $id == 0 ) { $html = startBlock($lang['vote']); if( $nquestion == 1 ) { $answers = "SELECT answer, aid FROM ".POLL_ANSWERS_TABLE." WHERE qid = '$qid' ORDER BY aid"; $anresult = $site_db->query($answers); $nanswers = $site_db->get_numrows($anresult); if( $nanswers > 0 ) { $poll_answers = ""; for( $i = 1; $i <= $nanswers; $i++ ) { $A = $site_db->fetch_array($anresult); $site_template->register_vars(array( "answer_id" => $A['aid'], "answer_text" => $A['answer'] )); $poll_answers .= $site_template->parse_template("pollanswer"); } $site_template->register_vars(array( "poll_question" => $Q['question'], "poll_id" => $qid, "lang_vote" => $lang['vote'], "lang_results" => $lang['results'], "poll_results_url" => "poll.php?".URL_POLL_ID."=".$qid."&aid=-1", "num_votes" => $Q['voters'], "lang_votes" => $lang['votes'], "poll_answers" => $poll_answers )); $html .= $site_template->parse_template("pollblock"); } } $html .= endBlock(); } else { $html .= pollResults( $qid ); } }// check_perms return $html; }//end pollVote function showPoll( $size, $qid='' ) { global $site_db, $config, $HTTP_COOKIE_VARS, $session_info; $desired = time() - $config['polladdresstime']; $sql = "DELETE FROM ".POLL_VOLTERS_TABLE." WHERE date < $desired"; $site_db->query($sql); if( !empty( $qid )) { $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( empty( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } else { $sqlquestion = "SELECT qid, exp_time, expire FROM ".POLL_QUESTIONS_TABLE." WHERE display = 1 AND statuscode != 2 ORDER BY date DESC"; $resultquestion = $site_db->query($sqlquestion); $nrows = $site_db->get_numrows($resultquestion); if( $nrows > 0 ) { for( $i = 1; $i <= $nrows; $i++ ) { $Q = $site_db->fetch_array($resultquestion); $qid = $Q['qid']; $exp_time = $Q['exp_time']; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && time()<$exp_time) \|\| (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && $Q['expire'] == "on") ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } } } return $html; }//end showPoll English: [b]This is an important security fix[/b] Step 1 Open register.php (line 331): Replace PHP `$sqlst = "UPDATE ".STATS_TABLE." SET ". "MEM_COUNT=MEM_COUNT+1, ". "LAST_MEM_NAME='".$row[$user_table_fields['user_name']]."', ". "LAST_MEM_ID='".$row[$user_table_fields['user_id']]."'"; $site_db->query($sqlst);` with PHP $sql = "SELECT COUNT() as user_num FROM ".USERS_TABLE." WHERE ".get_user_table_field("", "user_level")." != ".GUEST.""; $userrow = $site_db->query_firstrow($sql); $sqlst = "UPDATE ".STATS_TABLE." SET ". "MEM_COUNT='".$userrow['user_num']."', ". "LAST_MEM_NAME='".$row[$user_table_fields['user_name']]."', ". "LAST_MEM_ID='".$row[$user_table_fields['user_id']]."'"; $site_db->query($sqlst); Step 2* Open poll.php (line 28): Replace PHP function pollsave() { global $site_db, $poll_id, $aid, $REMOTE_ADDR, $lang, $HTTP_COOKIE_VARS; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$poll_id'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if (!isset( $HTTP_COOKIE_VARS[$poll_id]) && $pcount == 0){ $sql = "UPDATE ".POLL_QUESTIONS_TABLE." SET voters = voters + 1 WHERE qid = '$poll_id'"; $result = $site_db->query($sql); $sql2 = "UPDATE ".POLL_ANSWERS_TABLE." SET votes = votes + 1 WHERE qid = '$poll_id' AND aid = $aid"; $result2 = $site_db->query($sql2); $current_time = time(); $sqlvolters = "INSERT INTO ".POLL_VOLTERS_TABLE." (ipaddress, date, qid) VALUES ('$REMOTE_ADDR', $current_time, '$poll_id')"; $resultvolters = $site_db->query($sqlvolters); $html .= startBlock( $lang['vote_saved'] ); $html .= $lang['vote_saved_for']." '".$site_db->db_getItem( POLL_QUESTIONS_TABLE, 'question', "qid = '{$poll_id}'" )."'"; } else { $html .= startBlock( $lang['error'] ); $html .= $lang['voting_error']; } $html .= endBlock(); $html .= pollResults($poll_id); return $html; }//end pollsave with PHP function pollsave() { global $site_db, $poll_id, $aid, $session_info, $lang, $HTTP_COOKIE_VARS; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$poll_id'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if (!isset( $HTTP_COOKIE_VARS[$poll_id]) && $pcount == 0){ $sql = "UPDATE ".POLL_QUESTIONS_TABLE." SET voters = voters + 1 WHERE qid = '$poll_id'"; $result = $site_db->query($sql); $sql2 = "UPDATE ".POLL_ANSWERS_TABLE." SET votes = votes + 1 WHERE qid = '$poll_id' AND aid = $aid"; $result2 = $site_db->query($sql2); $current_time = time(); $sqlvolters = "INSERT INTO ".POLL_VOLTERS_TABLE." (ipaddress, date, qid) VALUES ('".$session_info['session_ip']."', $current_time, '$poll_id')"; $resultvolters = $site_db->query($sqlvolters); $html .= startBlock( $lang['vote_saved'] ); $html .= $lang['vote_saved_for']." '".$site_db->db_getItem( POLL_QUESTIONS_TABLE, 'question', "qid = '{$poll_id}'" )."'"; } else { $html .= startBlock( $lang['error'] ); $html .= $lang['voting_error']; } $html .= endBlock(); $html .= pollResults($poll_id); return $html; }//end pollsave Step 3 Open includes/common.php (line 405 -531-): Replace PHP function pollVote( $qid ) { global $site_db, $site_template, $lang, $HTTP_COOKIE_VARS, $REMOTE_ADDR, $config, $txt_clickstream, $site_sess; $question = "SELECT * FROM ".POLL_QUESTIONS_TABLE." WHERE qid = '$qid' AND statuscode != 2"; $result = $site_db->query($question); $nquestion = $site_db->get_numrows($result); $Q = $site_db->query_firstrow($question); $txt_clickstream = "<span class='clickstream'><a href='".$site_sess->url(ROOT_PATH."poll.php")."' class='clickstream'>".$lang['polls_in_sys']."</a>".$config['category_separator'].$Q['question']; $sql = "SELECT * FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $anresult = $site_db->query($sql); $id = $site_db->get_numrows($anresult); if ( check_perms($Q['viewpoll_perms']) ) { if( empty( $HTTP_COOKIE_VARS[$qid] ) && $id == 0 ) { $html = startBlock($lang['vote']); if( $nquestion == 1 ) { $answers = "SELECT answer, aid FROM ".POLL_ANSWERS_TABLE." WHERE qid = '$qid' ORDER BY aid"; $anresult = $site_db->query($answers); $nanswers = $site_db->get_numrows($anresult); if( $nanswers > 0 ) { $poll_answers = ""; for( $i = 1; $i <= $nanswers; $i++ ) { $A = $site_db->fetch_array($anresult); $site_template->register_vars(array( "answer_id" => $A['aid'], "answer_text" => $A['answer'] )); $poll_answers .= $site_template->parse_template("pollanswer"); } $site_template->register_vars(array( "poll_question" => $Q['question'], "poll_id" => $qid, "lang_vote" => $lang['vote'], "lang_results" => $lang['results'], "poll_results_url" => "poll.php?".URL_POLL_ID."=".$qid."&aid=-1", "num_votes" => $Q['voters'], "lang_votes" => $lang['votes'], "poll_answers" => $poll_answers )); $html .= $site_template->parse_template("pollblock"); } } $html .= endBlock(); } else { $html .= pollResults( $qid ); } }// check_perms return $html; }//end pollVote function showPoll( $size, $qid='' ) { global $site_db, $config, $HTTP_COOKIE_VARS, $REMOTE_ADDR; $desired = time() - $config['polladdresstime']; $sql = "DELETE FROM ".POLL_VOLTERS_TABLE." WHERE date < $desired"; $site_db->query($sql); if( !empty( $qid )) { $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( empty( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } else { $sqlquestion = "SELECT qid, exp_time, expire FROM ".POLL_QUESTIONS_TABLE." WHERE display = 1 AND statuscode != 2 ORDER BY date DESC"; $resultquestion = $site_db->query($sqlquestion); $nrows = $site_db->get_numrows($resultquestion); if( $nrows > 0 ) { for( $i = 1; $i <= $nrows; $i++ ) { $Q = $site_db->fetch_array($resultquestion); $qid = $Q['qid']; $exp_time = $Q['exp_time']; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '$REMOTE_ADDR' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && time()<$exp_time) \|\| (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && $Q['expire'] == "on") ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } } } return $html; }//end showPoll with PHP function pollVote( $qid ) { global $site_db, $site_template, $lang, $HTTP_COOKIE_VARS, $session_info, $config, $txt_clickstream, $site_sess; $question = "SELECT * FROM ".POLL_QUESTIONS_TABLE." WHERE qid = '$qid' AND statuscode != 2"; $result = $site_db->query($question); $nquestion = $site_db->get_numrows($result); $Q = $site_db->query_firstrow($question); $txt_clickstream = "<span class='clickstream'><a href='".$site_sess->url(ROOT_PATH."poll.php")."' class='clickstream'>".$lang['polls_in_sys']."</a>".$config['category_separator'].$Q['question']; $sql = "SELECT * FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $anresult = $site_db->query($sql); $id = $site_db->get_numrows($anresult); if ( check_perms($Q['viewpoll_perms']) ) { if( empty( $HTTP_COOKIE_VARS[$qid] ) && $id == 0 ) { $html = startBlock($lang['vote']); if( $nquestion == 1 ) { $answers = "SELECT answer, aid FROM ".POLL_ANSWERS_TABLE." WHERE qid = '$qid' ORDER BY aid"; $anresult = $site_db->query($answers); $nanswers = $site_db->get_numrows($anresult); if( $nanswers > 0 ) { $poll_answers = ""; for( $i = 1; $i <= $nanswers; $i++ ) { $A = $site_db->fetch_array($anresult); $site_template->register_vars(array( "answer_id" => $A['aid'], "answer_text" => $A['answer'] )); $poll_answers .= $site_template->parse_template("pollanswer"); } $site_template->register_vars(array( "poll_question" => $Q['question'], "poll_id" => $qid, "lang_vote" => $lang['vote'], "lang_results" => $lang['results'], "poll_results_url" => "poll.php?".URL_POLL_ID."=".$qid."&aid=-1", "num_votes" => $Q['voters'], "lang_votes" => $lang['votes'], "poll_answers" => $poll_answers )); $html .= $site_template->parse_template("pollblock"); } } $html .= endBlock(); } else { $html .= pollResults( $qid ); } }// check_perms return $html; }//end pollVote function showPoll( $size, $qid='' ) { global $site_db, $config, $HTTP_COOKIE_VARS, $session_info; $desired = time() - $config['polladdresstime']; $sql = "DELETE FROM ".POLL_VOLTERS_TABLE." WHERE date < $desired"; $site_db->query($sql); if( !empty( $qid )) { $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( empty( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } else { $sqlquestion = "SELECT qid, exp_time, expire FROM ".POLL_QUESTIONS_TABLE." WHERE display = 1 AND statuscode != 2 ORDER BY date DESC"; $resultquestion = $site_db->query($sqlquestion); $nrows = $site_db->get_numrows($resultquestion); if( $nrows > 0 ) { for( $i = 1; $i <= $nrows; $i++ ) { $Q = $site_db->fetch_array($resultquestion); $qid = $Q['qid']; $exp_time = $Q['exp_time']; $sql = "SELECT ipaddress, qid FROM ".POLL_VOLTERS_TABLE." WHERE ipaddress = '".$session_info['session_ip']."' AND qid = '$qid'"; $result = $site_db->query($sql); $pcount = $site_db->get_numrows($result); if( (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && time()<$exp_time) \|\| (!isset( $HTTP_COOKIE_VARS[$qid]) && $pcount == 0 && $Q['expire'] == "on") ) { $html .= pollVote( $qid ); } else { $html .= pollResults( $qid, $size ); } } } } return $html; }//end showPoll



CarpMadness		Posted: 01.01.2008 - 20:58

Member Group: Üyeler Total posts: 40 User No: 2 Join Date: 26.12.2007 23:25		Hello, Well i changed everything like you said, but now i have only a white page! I tried to change it back in the normal scripting,but the pages tayes white now?? What could be the problem now? Regards, Raymond



zebaniz		Posted: 01.01.2008 - 22:46

Administrator Group: Admin Total posts: 306 User No: 1 Join Date: 01.01.2007 00:00		Place, try again now.



CarpMadness		Posted: 01.01.2008 - 23:31

Member Group: Üyeler Total posts: 40 User No: 2 Join Date: 26.12.2007 23:25		Hello Zebaniz, And again you did it! Now it's working, no white pages but just the normal Portal! Really perfect!!!



zebaniz		Posted: 01.01.2008 - 23:49

Administrator Group: Admin Total posts: 306 User No: 1 Join Date: 01.01.2007 00:00		Türkçe includes/common.php dosyasını açın ve aşağıdaki kodu bulun (354.satır): CODE gallery_image.php.php ve bu kod ile değiştirin CODE gallery_image.php English Open includes/common.php and find the following code (line 354): CODE gallery_image.php.php replace this code with the following code: CODE gallery_image.php



CarpMadness		Posted: 01.01.2008 - 23:57

Member Group: Üyeler Total posts: 40 User No: 2 Join Date: 26.12.2007 23:25		Hello Zebaniz, I deleted the extra .php, but still you can't change the images of the gallery categories. It still shows the standard stamp or something



CarpMadness		Posted: 02.01.2008 - 10:34

Member Group: Üyeler Total posts: 40 User No: 2 Join Date: 26.12.2007 23:25		Hello zebaniz, I think the new code you wrote here for security is not working well. When people are not logged in, and they want to vote,the pages are white again! Regards, CarpMadness -------------------- The man who said it's impossible, is alway's interupt by the man who just did.



zebaniz		Posted: 02.01.2008 - 11:58

Administrator Group: Admin Total posts: 306 User No: 1 Join Date: 01.01.2007 00:00		Sorry, this error reson explaning in the text (php code) at the above. I did fixed. Place, try again (Step 2).



Romantic_Boy		Posted: 04.01.2008 - 10:09

Member Group: Üyeler Total posts: 5 User No: 22 Join Date: 04.01.2008 08:21		@Admin: You can type by English langue? Thank!

Lo-Fi Version


	Contribute \| Forums \| Gallery \| Calendar \| Links \| Downloads \| Members \| Search \| Guestbook \| Article Directory Powered by SePortal 2.5 Copyright © 2007-2012 SePortal.org