|
|
[Security] SecurityImage de DuGris et Classifieds ads |
|
Xoops accro  
Inscrit: 16/08/2005 19:46
De Nanterre
|
Bonjour à tous Si vous avez installer le module et les class de SecurityImage de DuGris, SECURITYIMAGE DE DUGRISLe fichier addlisting.php
if (!empty($_POST['submit'])) {
// Hack SecurityImage by Dugris
include_once(XOOPS_ROOT_PATH . "/class/xoopsformloader.php");
if ( defined('SECURITYIMAGE_INCLUDED') && !SecurityImage::CheckSecurityImage() ) {
redirect_header( '(script removed)history.go(-1)', 2, _SECURITYIMAGE_ERROR ) ;
exit();
}
// Hack SecurityImage by Dugris
$howlong=$xoopsModuleConfig["".$mydirname."_howlong"];
Puis vous ajouter:
if ($premium != "0") {
$form->addElement(new XoopsFormHidden("premium","yes"), false);
}else{
$form->addElement(new XoopsFormHidden("premium","no"), false);
}
// Hack SecurityImage by Dugris
if (defined('SECURITYIMAGE_INCLUDED')) {
$security_image = new SecurityImage( _SECURITYIMAGE_GETCODE );
if ($security_image->render()) {
$form->addElement($security_image, true);
}
}
// Hack SecurityImage by Dugris
if ($xoopsModuleConfig["".$mydirname."_moderated"] == "1") {
$form->addElement(new XoopsFormHidden("valid","No"), false);
} else {
$form->addElement(new XoopsFormHidden("valid","Yes"), false);
}
Bonne journée Hein? quoui??? qu'est-ce que tu dis?... je suis le meilleur? Ben ca, je le sais déjà... quoi d'autres?  
Posté le : 15/05/2008 12:12
|
|
eparcyl... tranquille.
|
|
|
Re: [Security] SecurityImage de DuGris et Classifieds ads |
|
|
Guest_
|
Merci  A rajouter à la liste donc : - News version 1.54 - TellAFriend version 1.03 - Formulaire version 3.23 - Wfdownloads version 3 + - Wordbook version 1.16 - Newbb version 1.16 - Hack Register - Hack commentaires - Block system : "Infos du site" - Module pages - Catads - Weblinks 0,96 - Mydownloads 1.43 - Mylinks 1.1 - Xmovie 2.56 - Liaise 1.26 - Smartsection 2.13 - Smartfaq 1.08 - xcgal - MyAlbum-P ... mais puisque la prochaine version de Xoops prévoit l'implémentation des captcha, je me demande s'il ne va pas falloir remettre tous les fichiers originaux  @+
Posté le : 15/05/2008 13:13
|
|
|
|
|
Re: [Security] SecurityImage de DuGris et Classifieds ads |
|
Xoops accro Inscrit: 16/08/2005 19:46
De Nanterre
|
J'ai besoin d'aide Je ne vois pas comment securitysée la partie contail par mail du module.... Duuuuuu Griiiisssssss!!!! helpeu my !!! je crois que c'est dans le fichier contact.php
<?php
//
// ------------------------------------------------------------------------- //
// E-Xoops: Content Management for the Masses //
// < http://www.e-xoops.com > ... nbsp; //
// ------------------------------------------------------------------------- //
// Original Author: Pascal Le Boustouller
// Author Website : pascal.e-xoops@perso-search.com
// Licence Type : GPL
// ------------------------------------------------------------------------- //
if ($_POST['submit']) {
// Define Variables for register_globals Off. contribution by Peekay
$id = !isset($_REQUEST['id'])? NULL : $_REQUEST['id'];
$date = !isset($_REQUEST['date'])? NULL : $_REQUEST['date'];
$namep = !isset($_REQUEST['namep'])? NULL : $_REQUEST['namep'];
$ipnumber = !isset($_REQUEST['ipnumber'])? NULL : $_REQUEST['ipnumber'];
$messtext = !isset($_REQUEST['messtext'])? NULL : $_REQUEST['messtext'];
$typeprice = !isset($_REQUEST['typeprice'])? NULL : $_REQUEST['typeprice'];
$price = !isset($_REQUEST['price'])? NULL : $_REQUEST['price'];
$tele = !isset($_REQUEST['tele'])? NULL : $_REQUEST['tele'];
// end define vars
include("header.php");
$mydirname = basename( dirname( __FILE__ ) ) ;
$main_lang = '_' . strtoupper( $mydirname ) ;
$module_id = $xoopsModule->getVar('mid');
if (is_object($xoopsUser)) {
$groups = $xoopsUser->getGroups();
} else {
$groups = XOOPS_GROUP_ANONYMOUS;
}
$gperm_handler =& xoops_gethandler('groupperm');
if (isset($_POST['item_id'])) {
$perm_itemid = intval($_POST['item_id']);
} else {
$perm_itemid = 0;
}
//If no access
if (!$gperm_handler->checkRight("".$mydirname."_view", $perm_itemid, $groups, $module_id)) {
redirect_header(XOOPS_URL."/index.php", 3, _NOPERM);
exit();
}
require_once( XOOPS_ROOT_PATH."/modules/$mydirname/include/gtickets.php" ) ;
global $xoopsConfig, $xoopsDB, $myts, $meta, $xoopsModuleConfig, $mydirname, $main_lang, $_POST;
if ( ! $xoopsGTicket->check( true , 'token' ) ) {
redirect_header(XOOPS_URL."/modules/$mydirname/index.php?pa=viewads&lid=".addslashes($id)."", 3,$xoopsGTicket->getErrors());
}
$lid = $_POST['id'];
$result = $xoopsDB->query("select email, submitter, title, type, desctext, price, typeprice FROM ".$xoopsDB->prefix("".$mydirname."_listing")." WHERE lid = ".mysql_real_escape_string($id)."");
while(list($email, $submitter, $title, $type, $desctext, $price, $typeprice) = $xoopsDB->fetchRow($result)) {
if ($_POST['tele']) {
$teles = $_POST['tele'];
} else {
$teles = "";
}
if ($price) {
$price = "".constant($main_lang."_PRICE")." ".$xoopsModuleConfig["".$mydirname."_money"]." $price";
} else {
$price = "";
}
$date = time();
$r_usid = $xoopsUser->getVar("uid", "E");
$tags=array();
$tags['TITLE'] = $title;
$tags['TYPE'] = $type;
$tags['PRICE'] = $price;
$tags['DESCTEXT'] = stripslashes($desctext);
$tags['MY_SITENAME'] = $xoopsConfig['sitename'];
$tags['REPLY_ON'] = constant($main_lang."_REMINDANN");
$tags['DESCRIPT'] = constant($main_lang."_DESC");
$tags['STARTMESS'] = constant($main_lang."_STARTMESS");
$tags['MESSFROM'] = constant($main_lang."_MESSFROM");
$tags['CANJOINT'] = constant($main_lang."_CANJOINT");
$tags['NAMEP'] = $_POST['namep'];
$tags['TO'] = constant($main_lang."_TO");
$tags['POST'] = $_POST['post'];
$tags['TELE'] = $teles;
$tags['MESSAGE_END'] = constant($main_lang."_MESSAGE_END");
$tags['ENDMESS'] = constant($main_lang."_ENDMESS");
$tags['SECURE_SEND'] = constant($main_lang."_SECURE_SEND");
$tags['SUBMITTER'] = $submitter;
$tags['MESSTEXT'] = stripslashes($messtext);
$tags['EMAIL'] = constant($main_lang."_EMAIL");
$tags['TEL'] = constant($main_lang."_TEL");
$tags['HELLO'] = constant($main_lang."_HELLO");
$tags['REPLIED_BY'] = constant($main_lang."_REPLIED_BY");
$tags['YOUR_AD'] = constant($main_lang."_YOUR_AD");
$tags['THANKS'] = constant($main_lang."_THANK");
$tags['WEBMASTER'] = constant($main_lang."_WEBMASTER");
$tags['AT'] = constant($main_lang."_AT");
$tags['LINK_URL'] = XOOPS_URL ."/modules/". $xoopsModule->getVar('dirname') ."/index.php?pa=viewads&lid=".addslashes($id)."";
$tags['VIEW_AD'] = constant($main_lang."_VIEW_AD");
$subject = "".constant($main_lang."_CONTACTAFTERANN")."";
$mail =& getMailer();
$mail->setTemplateDir(XOOPS_ROOT_PATH."/modules/". $xoopsModule->getVar('dirname') ."/language/".$xoopsConfig['language']."/mail_template/");
$mail->setTemplate("listing_contact.tpl");
$mail->useMail();
$mail->setFromEmail($_POST['post']);
$mail->setToEmails($email);
$mail->setSubject($subject);
$mail->assign($tags);
// $mail->setBody(stripslashes("$message"));
$mail->send();
echo $mail->getErrors();
$xoopsDB->query("INSERT INTO ".$xoopsDB->prefix("".$mydirname."_ip_log")." values ( '', '$lid', '$date', '$namep', '$ipnumber', '".$_POST['post']."')");
$xoopsDB->query("INSERT INTO ".$xoopsDB->prefix("".$mydirname."_replies")." values ('','$id', '$title', '$date', '$namep', '$messtext', '$tele', '".$_POST['post']."', '$r_usid')");
redirect_header("index.php",3,constant($main_lang."_MESSEND"));
exit();
}
} else {
$lid = intval($_GET['lid']);
include("header.php");
$mydirname = basename( dirname( __FILE__ ) ) ;
$main_lang = '_' . strtoupper( $mydirname ) ;
$module_id = $xoopsModule->getVar('mid');
if (is_object($xoopsUser)) {
$groups = $xoopsUser->getGroups();
} else {
$groups = XOOPS_GROUP_ANONYMOUS;
}
$gperm_handler =& xoops_gethandler('groupperm');
if (isset($_POST['item_id'])) {
$perm_itemid = intval($_POST['item_id']);
} else {
$perm_itemid = 0;
}
//If no access
if (!$gperm_handler->checkRight("".$mydirname."_view", $perm_itemid, $groups, $module_id)) {
redirect_header(XOOPS_URL."/index.php", 3, _NOPERM);
exit();
}
require_once( XOOPS_ROOT_PATH."/modules/$mydirname/include/gtickets.php" ) ;
global $xoopsConfig, $xoopsDB, $myts, $meta, $mydirname;
include(XOOPS_ROOT_PATH."/header.php");
echo "<table width='100%' border='0' cellspacing='1' cellpadding='8'><tr class='bg4'><td valign='top'>n";
$time = time();
$ipnumber = "$_SERVER[REMOTE_ADDR]";
echo "<script type="text/javascript">
function verify() {
var msg = "".constant($main_lang."_VALIDERORMSG")."\n__________________________________________________\n\n";
var errors = "FALSE";
if (window.document.cont.namep.value == "") {
errors = "TRUE";
msg += "".constant($main_lang."_VALIDSUBMITTER")."\n";
}
if (window.document.cont.post.value == "") {
errors = "TRUE";
msg += "".constant($main_lang."_VALIDEMAIL")."\n";
}
if (window.document.cont.messtext.value == "") {
errors = "TRUE";
msg += "".constant($main_lang."_VALIDMESS")."\n";
}
if (errors == "TRUE") {
msg += "__________________________________________________\n\n".constant($main_lang."_VALIDMSG")."\n";
alert(msg);
return false;
}
}
</script>";
echo "<b>".constant($main_lang."_CONTACTAUTOR")."</b><br /><br />";
echo "".constant($main_lang."_TEXTAUTO")."<br />";
echo "<form onSubmit="return verify();" method="post" action="contact.php" name="cont">";
echo "<input type="hidden" name="id" value="$lid" />";
echo "<input type="hidden" name="submit" value="1" />";
echo "<table width='100%' class='outer' cellspacing='1'>
<tr>
<td class='head'>".constant($main_lang."_YOURNAME")."</td>";
if($xoopsUser) {
$idd =$xoopsUser->getVar("uname", "E");
$idde =$xoopsUser->getVar("email", "E");
echo "<td class='even'><input type="text" name="namep" size="42" value="$idd" />";
}else{
echo "<td class='even'><input type="text" name="namep" size="42" /></td>";
}
echo "</tr>
<tr>
<td class='head'>".constant($main_lang."_YOUREMAIL")."</td>
<td class='even'><input type="text" name="post" size="42" value="$idde" /></font></td>
</tr>
<tr>
<td class='head'>".constant($main_lang."_YOURPHONE")."</td>
<td class='even'><input type="text" name="tele" size="42" /></font></td>
</tr>
<tr>
<td class='head'>".constant($main_lang."_YOURMESSAGE")."</td>
<td class='even'><textarea rows="5" name="messtext" cols="40" /></textarea></td>
</tr>
</table><table class='outer'><tr><td>".constant($main_lang."_YOUR_IP")."
<img src="".XOOPS_URL."/modules/$mydirname/ip_image.php" alt="" /><br />".constant($main_lang."_IP_LOGGED")."
</td></tr></table>
<br />";
echo "<input type="hidden" name="ip_id" value="" />";
echo "<input type="hidden" name="lid" value="$lid" />";
echo "<input type="hidden" name="ipnumber" value="$ipnumber" />";
echo "<input type="hidden" name="date" value="$time" />";
echo "<p><input type="submit" name="submit" value="".constant($main_lang."_SENDFR")."" /></p>
".$GLOBALS['xoopsGTicket']->getTicketHtml( __LINE__ , 1800 , 'token')."
</form>";
}
echo "</td></tr></table>";
include(XOOPS_ROOT_PATH."/footer.php");
?>
Merci par avance
Posté le : 15/05/2008 19:09
|
|
eparcyl... tranquille.
|
Vous pouvez voir les sujets.
Vous ne pouvez pas débuter de nouveaux sujets.
Vous ne pouvez pas répondre aux contributions.
Vous ne pouvez pas éditer vos contributions.
Vous ne pouvez pas effacez vos contributions.
Vous ne pouvez pas ajouter de nouveaux sondages.
Vous ne pouvez pas voter en sondage.
Vous ne pouvez pas attacher des fichiers à vos contributions.
Vous ne pouvez pas poster sans approbation.
|
