Profile Signatures

[The Coder]

Hi all, I've downloaded a Profile Signature Mod, everything works great apart from when I submit my changes into "Signature Change" and check my profile to see whether the changes were made, nothing seems to happen.

Here is the instructions the mod came with;

Run this SQL in phpmyadmin etc:

 

ALTER TABLE `users` ADD `profileSIG` text NOT NULL

 

Open viewuser.php and find:

 

function checkblank($in)
{
if(!$in) { return "N/A"; }
return $in;
}
$h->endpage();
?>

 

Replace with:

 

function checkblank($in)
{
if(!$in) { return "N/A"; }
return $in;
}
if($r['profileSIG'] == "")
{
print "<br /><table cellspacing=1 class='table' width='95%'>
<tr style='background:gray'>
<th><b><center>Profile Signature</center></b></th>
</tr>
<tr>
<td><b><center>This user has not got a profile signature!</center></b></td>
</tr>
</table>";
}
else
{
print "<br /><table cellspacing=1 class='table' width='95%'>
<tr style='background:gray'>
<th><b><center>Profile Signature</center></b></th>
</tr>
<tr>
<td>{$r['profileSIG']}</td>
</tr>
</table>";
}
$h->endpage();
?>

 

Save and close viewuser.php

Open preferences.php and find:

 

case 'picchange2':
do_pic_change();
break;

case 'picchange':
pic_change();
break;

 

Add after:

 

case 'signaturechange2': do_signature_change(); break;
case 'signaturechange': signature_change(); break;

 

Also in preferences.php find:

 

function do_pic_change()
{
global $db,$ir,$c,$userid,$h;
if($_POST['newpic'] == "")
{
print "You did not enter a new pic.<br />
<a href='preferences.php?action=picchange'>> Back</a>";
}
else
{
$_POST['newpic']=str_replace('\\\'',''', $_POST['newpic']);
$db->query("UPDATE users SET display_pic='{$_POST['newpic']}' WHERE userid=$userid");
print "Pic changed!";
}
}

 

Add after:

 

function signature_change()
{
global $ir,$c,$userid,$h;
print "<h3>Profile Signature Change</h3>
<form action='preferences.php?action=signaturechange2' method='post'>
New Profile Signature: <br /><textarea rows=30 cols=90 name='newsignature' wrap='virtual' class='input'>{$ir['profileSIG']}</textarea><br /><br />
<input type='submit' value='Change Signature' /></form><br />
<small>> </small><a href='preferences.php'>Back</a>";
}
function do_signature_change()
{
global $db,$ir,$c,$userid,$h;
if($_POST['newsignature'] == "")
{
print "You did not enter a new profile signature.<br />
<small>> </small><a href='preferences.php?action=signaturechange'>Back</a>";
}
else
{
$db->query("UPDATE users SET profileSIG='{$_POST['newsignature']}' WHERE userid=$userid");
print "Profile Signature changed!<br />
<small>> </small><a href='preferences.php'>Back</a>";
}
}

 

Save and close preferences.php and then you have done!

Anyone know the issue? Thanks.

[Curt]

Hey,

I would suggest securing this feature before adding it to your game.

$_POST['newsignature']=htmlentities(mysql_real_escape_string($_POST['newsignature']));

Also when you display the contents of that variable you should use htmlentities on that as well...

 

The top of the viewuser.php page, do you have the query selecting all data from the users table ?..or just whats needed ?...

If you have it selecting whats needed only, then you have to add the 'profileSIG' column to the query.

Also check to see if the data is being updated in the database.

Edited August 7, 2012 by Curt

[KyleMassacre]

This looks like the same mod I used to run and the instructions sound familiar and the problem I ran across was if you have a modified viewuser look for the query towards the top that retrieves info from the db, if it calls out for specific columns you need to add in there profileSIG. If it says $q=$db->query("SELECT u* blah blah blah") then check your users table and make sure your sig is even being placed in there.