chaoswar4u Posted August 15, 2007 Share Posted August 15, 2007 I have a 3problems. 1 is users when posting on the forums. If they post something with a blank topic it becomes no access to all and it carnt be deleted by staff via the links. DB Only. My next problem is some members are thinking its great to start renaming there account with spaces thus resulting in a blank name. Making them invisable almost as they carnt be linked too. This also can be done for gang names also which is the 3rd problem. Anything that I could use to stop this would be great. Please help. Thx for any elp in advance my friends of CE. Quote Link to comment Share on other sites More sharing options...
Decepti0n Posted August 15, 2007 Share Posted August 15, 2007 Re: Mc Code V2 Problems. Help required. http://php.net/strlen http://php.net/eregi Quote Link to comment Share on other sites More sharing options...
Matty Posted August 16, 2007 Share Posted August 16, 2007 Re: Mc Code V2 Problems. Help required. http://us3.php.net/manual/en/function.isset.php Quote Link to comment Share on other sites More sharing options...
SaMz Posted August 16, 2007 Share Posted August 16, 2007 Re: Mc Code V2 Problems. Help required. i have this problem aswell lol Quote Link to comment Share on other sites More sharing options...
chaoswar4u Posted August 25, 2007 Author Share Posted August 25, 2007 Re: Mc Code V2 Problems. Help required. For anyone who wants it. This is one step I made to fixing the problem. In preferences find function do_name_change() { global $db,$ir,$c,$userid,$h; if($_POST['newname'] == "") { print "You did not enter a new name. > Back"; } else { $_POST['newname']=str_replace(array("<", ">", "\\\'"), array("<", ">", "'"), $_POST['newname']); $db->query("UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid"); print "Username changed!"; } } and replace with function do_name_change() { global $db,$ir,$c,$userid,$h; if($_POST['newname'] == "") { print "You did not enter a new name. > Back"; } else { if (eregi("( )", $_POST['newname'])) { print"Spaces aren't allowed."; $h->endpage(); exit; } else { $_POST['newname']=str_replace(array("<", ">", "\\\'"), array("<", ">", "'"), $_POST['newname']); $db->query("UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid"); print "Username changed!"; } } } Quote Link to comment Share on other sites More sharing options...
seanybob Posted August 25, 2007 Share Posted August 25, 2007 Re: Mc Code V2 Problems. Help required. I've always thought a fatal flaw in mccodes was the blacklist that is used for new usernames. A white list should be used, only allowing a-z and 0-9 Quote Link to comment Share on other sites More sharing options...
chaoswar4u Posted August 25, 2007 Author Share Posted August 25, 2007 Re: Mc Code V2 Problems. Help required. Here is another. Any info to make any of my fixes better are welcom. Find in forums.php under function newtopic() Find in that function $u=$ir['username']; if($ir['ul_color']) { $uname="<font color='{$ir['ul_color']}'>"; if($ir['ul_isbold']) { $uname.=""; } $uname.=$ir['username']; if($ir['ul_isbold']) { $uname.=""; } $uname.="</font>"; $u=$uname; } else if($ir['donatordays']) { $u = "<font color=red>{$ir['username']}</font>"; } add under if($_POST['ft_name'] == "") { print "You did not enter a topic name. "; $h->endpage(); exit; } This will stop users placing no names in the topics on forums that result in no access and which makes the post only removable by database. Quote Link to comment Share on other sites More sharing options...
seanybob Posted August 25, 2007 Share Posted August 25, 2007 Re: Mc Code V2 Problems. Help required. This allows only A-Z and 0-9 in usernames In preferences find function do_name_change() { global $db,$ir,$c,$userid,$h; if($_POST['newname'] == "") { print "You did not enter a new name. [url='preferences.php?action=namechange']> Back[/url]"; } else { $_POST['newname']=str_replace(array("<", ">", "\\\'"), array("<", ">", "'"), $_POST['newname']); $db->query("UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid"); print "Username changed!"; } } and replace with function do_name_change() { global $db,$ir,$c,$userid,$h; if($_POST['newname'] == "") { print "You did not enter a new name. [url='preferences.php?action=namechange']> Back[/url]"; } else if (!preg_match("/^[a-z0-9]*$/", trim($_POST['newname']))) { die("Your username contained characters that aren't allowed. Only A-Z and 0-9 accepted. [url='preferences.php?action=namechange']> Back[/url]"); } else { $_POST['newname']=str_replace(array("<", ">", "\\\'"), array("<", ">", "'"), $_POST['newname']); $db->query("UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid"); print "Username changed!"; } } } *Untested Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.