RKSport

March 9, 2011

Problema tada, shoutboxa var ievadit visus html tagu <script></script> ut....

Man vajag lai nevaretu to izdarit.


<?php
if($_COOKIE['member_id'] > 0) {
               define('WWW','www');
       if (!defined('WWW')) { header('Location: http://'.$_SERVER['HTTP_HOST'].''); die(); }

$host = "localhost"; // db hosts
$dbname = "rs"; // foruma datubaze
$dbuser = "rs"; // foruma db users
$dbpass = "pass"; // juusu foruma datubaazes parole
$link = mysql_connect($host, $dbuser, $dbpass)
or die("NEsanaaca piekontektities: " . mysql_error());
mysql_select_db($dbname) or die("Datubaaze neekstistee");
$rez=mysql_query("SELECT * FROM shoutbox ORDER BY date");


if (isset($_POST['ierakstiit']))      {$body = stripslashes(mysql_real_escape_string($_POST['body'])); if ($body == '') {unset($_POST['ierakstiit']);}}
echo $r['date'];
$selekts=mysql_query("SELECT * FROM ibf_members WHERE id=".$_COOKIE['member_id']);
while ($r = mysql_fetch_array($selekts))
{
if(isset($_POST['ierakstiit'])) {
$body = stripslashes(mysql_real_escape_string($_POST['body']));

$datums = date('Y-m-d, H:i:s');
$memb_id = $_COOKIE['member_id'];
$membera_niks=$r['members_display_name'];

mysql_query("INSERT INTO shoutbox (nick, body, date, userid) VALUES ('$membera_niks','$body','$datums','$memb_id')");
   echo "<meta http-equiv='refresh' content='0;url=#'>";
}
}
if($_COOKIE['member_id'] > 0) {
echo '<script>
v=0
function chk(n){
v=n
}

function insert(str){
if(v==0){
return
}
if(v==1){
document.forms["form"]["body"].value+=str
}

}
</script>';
echo '

<center>
<form name="form" action="" method="post">
<a href="#s" onclick="insert(\':)\')"><img border=0 src="'.main_WEB_URL.'images/smiles/smile.gif"></a>
<a href="#s" onclick="insert(\';)\')"><img border=0 src="'.main_WEB_URL.'images/smiles/wink.gif"></a>
<a href="#s" onclick="insert(\':D\')"><img border=0 src="'.main_WEB_URL.'images/smiles/lol.gif"></a>
<a href="#s" onclick="insert(\':good:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/good.gif"></a>
<a href="#s" onclick="insert(\':shit:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/shit.gif"></a>
<a href="#s" onclick="insert(\':(\')"><img border=0 src="'.main_WEB_URL.'images/smiles/cry.gif"></a>
<a href="#s" onclick="insert(\';(\')"><img border=0 src="'.main_WEB_URL.'images/smiles/bigcry.gif"></a>
<a href="#s" onclick="insert(\'O_o\')"><img border=0 src="'.main_WEB_URL.'images/smiles/blink.gif"></a>
<a href="#s" onclick="insert(\':lohs:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/lohs.gif"></a>
<a href="#s" onclick="insert(\':fuck:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/fu.gif"></a>
<a href="#s" onclick="insert(\':lmfao:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/lmfao.gif"></a>
<a href="#s" onclick="insert(\':love:\')"><img border=0 src="'.main_WEB_URL.'images/smiles/loveheart.gif"></a>
<a href="#s" onclick="insert(\'-10\')"><img border=0 src="'.main_WEB_URL.'images/smiles/minus10.gif"></a>
<a href="#s" onclick="insert(\'+10\')"><img border=0 src="'.main_WEB_URL.'images/smiles/plus10.gif"></a>
<textarea style="width:140px;" onclick="chk(1)" type="post" name="body" /></textarea></center>
<input class="submit"; style="margin-bottom:5px; width:67px;" type="submit" name="ierakstiit" value="Pievienot" />
</form>
';
}


//Un visbeidzot pats selekts

$dati=mysql_query("SELECT * FROM shoutbox ORDER by date DESc LIMIT 10");
while($er=mysql_fetch_array($dati)) {
echo str_replace($smileys_in, $smileys_out, $text);
$bodijs = $er['body'];
$body = wordwrap($wrap, 20, "\n", true);
 $smileys_in = array(':)', ';)', ':D', ':good:', ':(', ';(', 'O_o', ':lohs:', ':fuck:', ':lmfao:', ':love:', '-10', '+10', ':blush:', ':rofl:', ':shit:', ':o)', ':P', ';P');
 $smileys_out = array(
   '<img src="'.main_WEB_URL.'images/smiles/smile.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/wink.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/lol.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/good.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/cry.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/bigcry.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/blink.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/lohs.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/fu.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/lmfao.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/loveheart.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/minus10.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/plus10.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/modest.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/rofl.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/shit.gif"/>');
 $prev = str_replace($smileys_in, $smileys_out, $bodijs);
echo "
<div class='chatcom' style='overflow: hidden;'><div style='float: left;'>
<a href='../user/".$er['userid']."'>".$er['nick']."</a> <span style='font-size:8px; color:#000;'> ".$er['date']."</span></div></div>
<div class='chattcom'>".$prev." </div>
";
}
echo "<div style='float: right; padding-bottom: 4px;'><a href='".main_WEB_URL."shoutbox' title='Bļautuves pārskats'><b>Lastīt vairāk</b></a></font></div><br />";
}else{
       echo "<center><div class='innerchat'><font color='#0398cd'>Lai izmantotu bļautuvi tev jāautorizējas.</font></div></center>";
$dati=mysql_query("SELECT * FROM shoutbox ORDER by date DESc LIMIT 10");
while($er=mysql_fetch_array($dati)) {
echo str_replace($smileys_in, $smileys_out, $text);
$bodijs = $er['body'];
$body = wordwrap($wrap, 20, "\n", true);
 $smileys_in = array(':)', ';)', ':D', ':good:', ':(', ';(', 'O_o', ':lohs:', ':fuck:', ':lmfao:', ':love:', '-10', '+10', ':blush:', ':rofl:', ':shit:', ':o)', ':P', ';P');
 $smileys_out = array(
   '<img src="'.main_WEB_URL.'images/smiles/smile.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/wink.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/lol.gif"/>',
   '<img src="'.main_WEB_URL.'images/smiles/good.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/cry.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/bigcry.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/blink.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/lohs.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/fu.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/lmfao.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/loveheart.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/minus10.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/plus10.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/modest.gif"/>',
       '<img src="'.main_WEB_URL.'images/smiles/rofl.gif"/>',
   '<img src="images/smiles/shit.gif"/>');
 $prev = str_replace($smileys_in, $smileys_out, $bodijs);

echo "<div class='chatcom' style='overflow: hidden;'><div style='float: left;'>
<a href='../user/".$er['userid']."'>".$er['nick']."</a> <span style='font-size:8px; color:#000;'> ".$er['date']."</span></div></div>
<div class='chattcom'>".$prev." </div>";
}

}
?>

atradu ineta šādu bet nemaku ielikt

function no_html( $text )
{
   $text = preg_replace(
       array(

         // Remove invisible content
           '@<head[^>]*?>.*?</head>@siu',
           '@<style[^>]*?>.*?</style>@siu',
           '@<script[^>]*?.*?</script>@siu',
           '@<object[^>]*?.*?</object>@siu',
           '@<embed[^>]*?.*?</embed>@siu',
           '@<applet[^>]*?.*?</applet>@siu',
           '@<noframes[^>]*?.*?</noframes>@siu',
           '@<noscript[^>]*?.*?</noscript>@siu',
           '@<noembed[^>]*?.*?</noembed>@siu',
         // Add line breaks before and after blocks
           '@</?((address)|(blockquote)|(center)|(del))@iu',
           '@</?((div)|(h[1-9])|(ins)|(isindex)|(p)|(pre))@iu',
           '@</?((dir)|(dl)|(dt)|(dd)|(li)|(menu)|(ol)|(ul))@iu',
           '@</?((table)|(th)|(td)|(caption))@iu',
           '@</?((form)|(button)|(fieldset)|(legend)|(input))@iu',
           '@</?((label)|(select)|(optgroup)|(option)|(textarea))@iu',
           '@</?((frameset)|(frame)|(iframe))@iu',
       ),
       array(
           ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ',
           "\n\$0", "\n\$0", "\n\$0", "\n\$0", "\n\$0", "\n\$0",
           "\n\$0", "\n\$0",
       ),
       $text );
   return strip_tags( $text );
}

June 10, 2008

RKSport, drīkst zināt, kāpēc tev vajag tieši MSSQL (as in Microsoft SQL) bāzētu forumu ?

tas pagaidaam ir noslepums ! bet varu pateikt tikai to ka tas domats speles datubazei !

June 10, 2008

vai tad tas ir MSSQL forums ?

---

Bez MD5? Tātad SHA512 var būt? ;)

---

ne man vaig tadu forumu kas paroles nehaso, tikai tiiras.

June 10, 2008

Sveiki.

Butu ljoti pateiciigs ja kads varetu ieteikt kadu tutoriali kuraa varetu uztaisiit MSSql forumu.

Forumam jabut bez MD5.

Ljoti vienkjarsham bez kkadam ipasham cms extram vnk pliku forumu, parejo pats vareshu izdariit datu bazee.

May 1, 2008

man to vaig prieks php faila nevis pa taisno MSSQL, un ja man tadas gramatas butu tad sen butu izlasijis.

SOLVED

May 1, 2008

Sveiki.

Tatad problema nekadigi nevaru izdomat ka uzraxtit to lai pec attiecigas darbibas datubazee "Users" users tiktu updeitotas teibla "Capital" Rindinjas.

Piemeram teibla ir userid un ls.

userid Janis ls 159.78, vaig updeitot tikai summu, un janja vardu actat tadu pashu ! Pec attiecigas darbibas vaidzetu pieskaitit 20 ls. Butu pateicigs par palidzibu.

Sign In

RKSport

Posts

Joined

Last visited

Content Type

Profiles

Forums

Posts posted by RKSport

shoutbox problema

MSSql forums

MSSql forums

MSSql forums

MSSQL datubazes teibla updeitoshana

MSSQL datubazes teibla updeitoshana

Browse

Activity