Please login or register.

Login with username, password and session length
Advanced search  

News:

You need/want an older version of sNews ? Download an older/unsupported version here.

Pages: [1] 2

Author Topic: 1.4 testing2 + db prefix bugfix. +funny bug  (Read 13393 times)

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« on: January 16, 2006, 08:03:52 PM »

This was originally discovered by Patric!!!! ^_^
in line 1181 of snews.php in the testing2 version of 1.4 there is a n character (or something like it) and also a space between " and articles...
so if you try to use table prefixs you cannot post! :P

fix:
change this line to :
Code: [Select]
$query2 = "INSERT INTO ". s('prefix'). "articles(title,seftitle,text,textlimit,date,category,position,displaytitle,displayinfo,commentable,image,published) VALUES('". $title ."', '". $seftitle ."', '". $text ."', '". $text_limit ."', '". $date ."', '". $category ."', '". $position ."', '". $display_title ."', '". $display_info ."', '". $commentable ."', '". $image ."', '". $fpublished ."')";*there is more than meets the eye here so be sure to copy the whole line! :P

Thanx and congrats go to Patric with his patience and efforts! ^_^


ps: hehhh~~~~ also one more funny bug! :P
try posting this fixx code to your snews! ^_^
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.

Luka

  • Administrator
  • ULTIMATE member
  • ******
  • Karma: 36
  • Posts: 1716
    • http://www.snewscms.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #1 on: January 16, 2006, 09:24:44 PM »

Thanks to Patric for spotting the error and analyzerx for providing the solution.

The test version has some bugs and that's why it's called test.

On the line 1186 there are also 2 lines that are not needed due to the permanent connection.

Code: [Select]

$db = mysql_connect(s('dbhost'),s('dbuname'),s('dbpass'));
mysql_select_db(s('dbname')) or die(s('dberror'));

Logged

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #2 on: January 16, 2006, 09:35:57 PM »

there are some stuff in general that need to be fixed... ;)
heh~ :)

but it's a very good step ahead I have to admit!
(greato work luka)

this fix is just for people that wanted to test it out and couldn't...
was not intended to provide 1.4test2 as a stable or something or to imply anything about you Luka! ^_^
please keep up the good work! ^_^
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • I'm a self-made man and worships my creator.
    • p-ahlqvist.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #3 on: January 18, 2006, 07:17:19 AM »

Hehe, A. you dog... I credited you in another post ;). Well, as a testscripty thing it's pretty darn good, I'd say. I have one more thing that I don't know if folks read about, since I post so much...;) My 1.4 works almost flawlessly now, except that I can't post in the "right" section. The title turns up, but no text. However, when returning to edit mode I CAN see the text again. Once more going back to post I can't see it, and yet again in edit mode I CAN...

I have tried to look, but as the php dummie I am I don't seem to find it, so any input here would be greatly appriciated ;)

P
Logged
"It's only dead fish that goes with the flow... "
Updated

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #4 on: January 18, 2006, 09:53:22 AM »

Hello Patric, and thnx for your kind words! ^_^

Sorry but I hadn't seen your other post... o_O
open snews.txt, look for:
Code: [Select]
// RIGHT
and replace the whole region from there up to }}} (around 31 lines) with this:
Code: [Select]
// RIGHT
function right() {
$query = "SELECT * FROM " .s('prefix'). "articles WHERE position = 2 AND published = 1 ORDER BY id DESC";
$result = mysql_query($query);
  while ($r = mysql_fetch_array($result)) {
    if (isset($_SESSION['Logged_In'])) { echo l('edit'). " [ ". l('simple') ." | ". l('advanced') ." ] | ". l('delete_article') .""; }
if ($r['displaytitle'] == "YES") { echo "

". $r['title'] ."

"; }
    if ($r['textlimit'] == 0) { $textlimit = 999000; } else { $textlimit = $r['textlimit']; }

// PHP files inclusion routine
$fulltext = $r['text'];
$findme  = "[include]";
$pos = strpos($fulltext, $findme);
$findme  = "[/include]";
$pos2 = strpos($fulltext, $findme);
$file = substr($fulltext, $pos + 9, $pos2 - 9);
if ($pos2 > 0) {
$text = str_replace("[include]", "|&|", $fulltext);
$text = str_replace("[/include]", "|&|", $text);
$text = explode("|&|", $text);
$num = count($text);
for ($i = 0; ; $i++) {
if ($i == $num) {
break;
}
if (strpos($text[$i], '.php') === false AND strpos($text[$i], '.txt') === false AND strpos($text[$i], '.inc') === false) {
echo substr(stripslashes($text[$i]), 0, $textlimit);
} else {
include $text[$i];
}}} else {
echo substr(stripslashes($fulltext), 0, $textlimit);
}}}

should work ok now! :)
please tell me how to turns out! ;)
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • I'm a self-made man and worships my creator.
    • p-ahlqvist.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #5 on: January 18, 2006, 10:00:19 AM »

GREAT ! Thanks again, A. Hope Luka gives you plenty credit come release ;).

I will try this out tonite, haven't got access to my server during working hours. I'll get back to you.

Patric.
Logged
"It's only dead fish that goes with the flow... "
Updated

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #6 on: January 18, 2006, 10:10:06 AM »

lol! ^_^

no worries...
These are stuff that most likely Luka knows about and has allready fixed them... :)
These are just quick and dirty bugfixes for us to try a more stable 1.4 release! ;)
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • I'm a self-made man and worships my creator.
    • p-ahlqvist.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #7 on: January 18, 2006, 10:13:12 AM »

Yea, I understand that. I just felt that I'd like a nearly functional version to make designs to. Problems occur doing this if I can't see the different items on the page. So this won't go into "produktion" before a stable version hit's the streets, but I can develop the "looks" of it... and then just update snews.php.

So...thanks for letting me do that ;) - Patric.
Logged
"It's only dead fish that goes with the flow... "
Updated

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • I'm a self-made man and worships my creator.
    • p-ahlqvist.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #8 on: January 18, 2006, 04:01:31 PM »

Ok, analyzerx (I did it, I got your name right without looking ;))...

I swapped this:
Code: [Select]

// RIGHT



function right() {



$db = mysql_connect(s('dbhost'),s('dbuname'),s('dbpass'));



  mysql_select_db(s('dbname')) or die(s('dberror'));



  $query = "SELECT * FROM " .s('prefix'). "articles WHERE position = 2 ORDER BY id DESC";



$result = mysql_query($query);



  while ($r = mysql_fetch_array($result)) {



    if (isset($_SESSION['Username'])) { echo "". l(edit_article) ." | ". l(delete_article) .""; }



if ($r['displaytitle'] == "YES") { echo "

". $r['title'] ."

"; }



    echo $r['text'];



}



}



// ARCHIVES



function archives() {



echo "

". l('archives') ."

";



echo "

". l('home') ."

";



$query = "SELECT * FROM " .s('prefix'). "articles WHERE position = 1 AND category = 0 ORDER BY id DESC";



$result = mysql_query($query);



while ($r = mysql_fetch_array($result)) {



$date = date(s('date_format'), strtotime($r['date']));



echo "

". $r['title'] ." ". $date ."

";



}



$db = mysql_connect(s('dbhost'),s('dbuname'),s('dbpass'));



mysql_select_db(s('dbname')) or die(s('dberror'));



$cat_query = "SELECT * FROM " .s('prefix'). "categories";



$cat_result = mysql_query($cat_query);



while ($c = mysql_fetch_array($cat_result)) {



echo "

". $c['name'] ." ". $c['description'] ."

";



echo "

" .$r['title']. "

";



$catid = $c['id'];



$query = "SELECT * FROM " .s('prefix'). "articles WHERE category = $catid";



$result = mysql_query($query);



while ($r = mysql_fetch_array($result)) {



$date = date(s(date), strtotime($r['date']));



echo "

". $r['title'] ." ". $date ."

";



}}}



with this:

Code: [Select]


// RIGHT

function right() {
$query = "SELECT * FROM " .s('prefix'). "articles WHERE position = 2 AND published = 1 ORDER BY id DESC";
$result = mysql_query($query);
  while ($r = mysql_fetch_array($result)) {
    if (isset($_SESSION['Logged_In'])) { echo l('edit'). " [ ". l('simple') ." | ". l('advanced') ." ] | ". l('delete_article') .""; }
if ($r['displaytitle'] == "YES") { echo "

". $r['title'] ."

"; }
    if ($r['textlimit'] == 0) { $textlimit = 999000; } else { $textlimit = $r['textlimit']; }

// PHP files inclusion routine
$fulltext = $r['text'];
$findme  = "[include]";
$pos = strpos($fulltext, $findme);
$findme  = "[/include]";
$pos2 = strpos($fulltext, $findme);
$file = substr($fulltext, $pos + 9, $pos2 - 9);
if ($pos2 > 0) {
$text = str_replace("[include]", "|&|", $fulltext);
$text = str_replace("[/include]", "|&|", $text);
$text = explode("|&|", $text);
$num = count($text);
for ($i = 0; ; $i++) {
if ($i == $num) {
break;
}
if (strpos($text[$i], '.php') === false AND strpos($text[$i], '.txt') === false AND strpos($text[$i], '.inc') === false) {
echo substr(stripslashes($text[$i]), 0, $textlimit);
} else {
include $text[$i];
}}} else {
echo substr(stripslashes($fulltext), 0, $textlimit);
}}}


Was that right ? I do overwright the //Articles by doing that... I did it b'cause the only }}} I saw came after the Articles section of the code. Anyways, that didn't do the trick. I can still not post any text in "right" that becomes visible while logged out. I can still see it while editing the "right" post. :(
Logged
"It's only dead fish that goes with the flow... "
Updated

Jochum Meester

  • Sr. Member
  • ****
  • Karma: 1
  • Posts: 309
    • JochumMeester.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #9 on: January 27, 2006, 04:25:55 PM »

I think you need to leave the archives-part in. Perhaps your PHP editor (different than notepad?) is changing }}} into:
}
          }
}

Or something like that, I dunno.



My problem: the path to CSS is wrong because those /home/search-engine-friendly/   -links are there. A 'solucija' please :)
Logged

Luka

  • Administrator
  • ULTIMATE member
  • ******
  • Karma: 36
  • Posts: 1716
    • http://www.snewscms.com
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #10 on: January 27, 2006, 05:14:16 PM »

Quote from: JM

My problem: the path to CSS is wrong because those /home/search-engine-friendly/   -links are there. A 'solucija' please :)

Have you define the whole path?

This works for me: http://www.solucija.com/images/style.css
Logged

tigolo

  • Newbie
  • *
  • Karma: 0
  • Posts: 16
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #11 on: January 29, 2006, 01:46:26 AM »

Good Evening,

i work on beta sNews 1.4, i have this error

Fatal error: Call to undefined function: mysql_real_escape_string() in c:program fileseasyphpwwwsnews.php on line 240

Thankds for help
Logged
Sorry for my english, i speak french and creole

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #12 on: January 29, 2006, 07:10:37 AM »

mysql_real_escape_string is a function that php has after version 4.3 ...
most likely your server does not have a new php...
find this:
Code: [Select]
$query = mysql_real_escape_string(addslashes($query));
and replace it with this:
Code: [Select]
$query = addslashes($query);this will make your site vunerable to some mysql injections but you should be ok until 1.4 final is out...

I'm trying to make an alternative to mysql_real_escape_string...
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.

tigolo

  • Newbie
  • *
  • Karma: 0
  • Posts: 16
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #13 on: January 30, 2006, 12:31:04 AM »

Thank you
Logged
Sorry for my english, i speak french and creole

George Antoniadis

  • Sr. Member
  • ****
  • Karma: 0
  • Posts: 479
1.4 testing2 + db prefix bugfix. +funny bug
« Reply #14 on: January 30, 2006, 06:55:01 AM »

did it work?
Logged
How I feel like I'm starless, I'm ready to fade now.
And how I feel like I'm starless, I'm hopeless and greyed out.
Pages: [1] 2