Guest Sniko` Posted January 4, 2009 Posted January 4, 2009 Description This allows users to post comments of a length of 100 characters Run this sql You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Create a file called random_comments.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. If you just want staff to post on this page create a file called staff_comments.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. If you want the page to be open to anyone add this page add_comments.php You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Links In explore.php add this link - You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. If you added staff_comments.php add this in smenu.php - You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. If the comment board is open to everyone add this link in random_comments.php - You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. This just basically get users chatting :D Thanks Sniko` +1 If you use please +1 if you like EDITED: add_comments.php THERE WAS AN ERROR Quote
zbirc3 Posted January 4, 2009 Posted January 4, 2009 Re: [Mccode V2] Comment Board +1 using this AND I like it. PM me later to remind me to +1 you again in 10 hours :P EDIT: Found ONE little tiny problem: Quote
Guest Sniko` Posted January 4, 2009 Posted January 4, 2009 Re: [Mccode V2] Comment Board +1 using this AND I like it. PM me later to remind me to +1 you again in 10 hours :P Thanks I know its pretty basic but im just getting used to forms Quote
zbirc3 Posted January 4, 2009 Posted January 4, 2009 Re: [Mccode V2] Comment Board No problem. Just check my post ... I edited it. Quote
Guest Sniko` Posted January 4, 2009 Posted January 4, 2009 Re: [Mccode V2] Comment Board Alrigth replace random_comments.php with You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. All i missed was a <tr> Thanks Quote
Waffle Posted January 4, 2009 Posted January 4, 2009 Re: [Mccode V2] Comment Board Although your idea is a good one, the implementation is flawed.. From what I've seen you have two really big security issues in the code. 1). In the form on the second input: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. What stops someone changing the value of that to another username? As the value goes client side before being processed. How about adding the ID to the comment when it gets processed, that way you can query the ID when the comment gets displayed. That way when if the person changes their username, the name to the comment gets changed as well. 2). You don't check and/or sanitize the data before it gets put in the database... You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. What stops someone putting their own code in there? Javascript or SQL. How about doing something like: You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Anyhoo, nice mod, just always make sure to check the input before it goes into the database.. :-) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.