Forums-viewtopic-Feedback Module Security Code if STATEMENT DaDaNuke

Welcome Guest! Please Login or Register

Your Account | Forums | Club | Downloads | Contact Us

Subscribe Today

You are not subscriber of DaDaNuke | Making PHP-Nuke Better!. You can subscribe from here now!

Who's Online

There are currently, 32 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

Total Hits

We received
3866813
page views since September 2005

DaDaNuke :: View topic - Feedback Module Security Code if STATEMENT

Forum FAQ

Usergroups

Profile

Feedback Module Security Code if STATEMENT

DaDaNuke Forum Index -> PHP-Nuke

View previous topic :: View next topic

Author

Message

dadaBIT
General Manager

Joined: Jun 23, 2005
Posts: 582
Location: United States

Posted: Thu Oct 04, 2007 8:47 pm Post subject: Feedback Module Security Code if STATEMENT

Greetings all, have completed adding CAPTCHA to Feedback module. A wee bit of a pain in the neck. Only issues now is adding if statement for CAPTCHA system off or on and getting script to validate security code. Here is the code thus far...

Code:

<?php

/************************************************************************/
/* PHP-NUKE: Web Portal System */
/* =========================== */
/* */
/* Copyright (c) 2007 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* Based on Feedback Addon 1.0 */
/* Copyright (c) 2001 by Jack Kozbial (jack@internetintl.com) */
/* http://www.InternetIntl.com */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/

if (!defined('MODULE_FILE')) {
die ("You can't access this file directly...");
}

require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);

define('INDEX_FILE', true);
$subject = $sitename." "._FEEDBACK;
define('NO_EDITOR', true);

include("header.php");

if (!isset($opi) OR ($opi != "ds")) {
$intcookie = intval($cookie[0]);
if (!empty($cookie[1])) {
$sql = "SELECT name, username, user_email FROM ".$user_prefix."_users WHERE user_id='".$intcookie."'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!empty($row['name'])) {
   $sender_name = filter($row['name'], "nohtml");
} else {
   $sender_name = filter($row['username'], "nohtml");
}
$sender_email = filter($row['user_email'], "nohtml");
} else {
$sender_email = "";
$sender_name = "";
}
}

if (!isset($message)) { $message = ""; }
if (!isset($opi)) { $opi = ""; }
if (!isset($send)) { $send = ""; }
title(_FEEDBACKTITLE);
global $user, $cookie, $prefix, $db, $user_prefix, $module_name, $gfx_chk;
info_box("note", _FEEDBACKNOTE);
echo "<br>";
mt_srand ((double)microtime()*1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
$form_block = "
<table border=\"0\" width=\"100%\">
<tr><td nowrap><FORM METHOD=\"post\" ACTION=\"modules.php?name=$module_name\">
<strong>"._YOURNAME.":</strong></td><td><INPUT type=\"text\" NAME=\"sender_name\" VALUE=\"$sender_name\" SIZE=30></td></tr>
<tr><td nowrap><strong>"._YOUREMAIL.":</strong></td><td><INPUT type=\"text\" NAME=\"sender_email\" VALUE=\"$sender_email\" SIZE=30></td></tr>
<tr><td><strong>"._MESSAGE.":</strong></td><td><TEXTAREA NAME=\"message\" COLS=60 ROWS=10 WRAP=virtual>$message</TEXTAREA><br>
<i>"._HTMLNOTALLOWED2."</i></td></tr>
   <tr><td>"._SECURITYCODE.":</td><td><img src='?gfx=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>
   <tr><td>"._TYPESECCODE.":</td><td><input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>
   <input type=\"hidden\" name=\"random_num\" value=\"$random_num\">
   <tr><td> </td><td><INPUT type=\"hidden\" name=\"opi\" value=\"ds\">
<INPUT TYPE=\"submit\" NAME=\"submit\" VALUE=\""._SEND."\">
</FORM></td></tr></table>
";

OpenTable();
if ($_POST['opi'] != "ds") {
echo $form_block;
} else {
if (empty($sender_name)) {
   $name_err = "<div align=\"center\"><span class=\"option\"><strong><em>"._FBENTERNAME."</em></strong></span></div>";
   $send = "no";
}
if (empty($sender_email)) {
   $email_err = "<div align=\"center\"><span class=\"option\"><strong><em>"._FBENTEREMAIL."</em></strong></span></div>";
   $send = "no";
}
if (empty($message)) {
$message_err = "<div align=\"center\"><span class=\"option\"><strong><em>"._FBENTERMESSAGE."</em></span></font></div>";
   $send = "no";
}
      if (empty($gfx_check)) {
$check_err = "<div align=\"center\"><span class=\"option\"><strong><em>"._SECURITYCODEERROR."</em></span></font></div>";
   $send = "no";
}
if ($send != "no") {
   $sender_name = removecrlf(filter($sender_name, "nohtml"));
   $sender_email = removecrlf(filter($sender_email, "nohtml"));
   $message = filter($message, "nohtml");
   $msg = "$sitename\n\n";
   $msg .= ""._SENDERNAME.": $sender_name\n";
   $msg .= ""._SENDEREMAIL.": $sender_email\n";
   $msg .= ""._MESSAGE.": $message\n\n";
   $to = $adminmail;
   $mailheaders = "From: $sender_name <$sender_email>\n";
   $mailheaders .= "Reply-To: $sender_email\n\n";
   mail($to, $subject, $msg, $mailheaders);
   echo "<p><div align=\"center\">"._FBMAILSENT."</div></p>";
   echo "<p><div align=\"center\">"._FBTHANKSFORCONTACT."</div></p>";
} elseif ($send == "no") {
   OpenTable2();
   if (!empty($name_err)) { echo "$name_err"; }
   if (!empty($email_err)) {echo "$email_err"; }
   if (!empty($message_err)) {echo "$message_err"; }
   if (!empty($check_err)) {echo "$check_err"; }
   CloseTable2();
   echo "<br><br>";
   echo $form_block;
}
}

CloseTable();
include("footer.php");

?>

Understandbly, FB updated Feedback form layout with release of 8.o. Much more effecient, just don't know how to add if statement in code. Was easier with ECHO form_block coding, but now is in this format.

Code:

$form_block = " ";

And, adding this line to form layout, gives the dreaded WSOD!

Code:

mt_srand ((double)microtime()*1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
if (extension_loaded("gd") AND $gfx_chk != 0 ) {

The file depository is now updated with changes made. I have updated download for 8.1.0.3.4.1 as well.

Any assistance would be appreciated. Thanks!

-BIT
_________________

Visit the DaDaNuke Wish List

Display posts from previous:

	DaDaNuke Forum Index -> PHP-Nuke	All times are GMT - 4 Hours
Page 1 of 1

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Forums ©

NewsRSS ForumRSS GalleryRSS

PHP-Nuke Copyright © 2006 by Francisco Burzi. This is free software, and you may redistribute it under the GPL.
PHP-Nuke comes with absolutely no warranty, for details, see the license.

Theme Designed by Western Studios