Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > TBDev
Reply
  #1  
Old 20th February 2016, 03:18
ndbj ndbj is offline
Senior Member
 
Join Date: Dec 2012
Portugal
Posts: 35
Default about htmlspecialchars (need some help)
Cheers!

at my userdetails.php, i have this:
PHP Code:
$modcomment htmlspecialchars($user["modcomment"]);
print(
"<tr><td class=rowhead>Notes</td><td colspan=2 align=left><textarea cols=60 rows=6 name=modcomment>$modcomment</textarea></td></tr>\n"); 

still, modcomment isn't showing things right.
Click the image to open in full size.




TBDev2008 here.
can someone point me the direction for solving this?

Thanks in advance.
Reply With Quote
  #2  
Old 20th February 2016, 03:33
fireknight's Avatar
fireknight fireknight is offline
Administrator
 
Join Date: Aug 2010
Australia
Posts: 173
Default
Post the code you have for promotion in your modtask.php.
So we can see how the modtask is writing to your comment box.

Example ( original 08 code )
Code:
  if ($curclass != $class)
  {
    // Notify user
    $what = ($class > $curclass ? "promoted" : "demoted");
    $msg = sqlesc("You have been $what to '" . get_user_class_name($class) . "' by $CURUSER[username].");
    $added = sqlesc(get_date_time());
    mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES(0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
    $updateset[] = "class = $class";
    $what = ($class > $curclass ? "Promoted" : "Demoted");
         $modcomment = gmdate("Y-m-d") . " - $what to '" . get_user_class_name($class) . "' by $CURUSER[username].\n". $modcomment;
  }
It will properly be this part that is causing the issue
Code:
    $updateset[] = "class = $class";
    $what = ($class > $curclass ? "Promoted" : "Demoted");
         $modcomment = gmdate("Y-m-d") . " - $what to '" . get_user_class_name($class) . "' by $CURUSER[username].\n".
Reply With Quote
  #3  
Old 20th February 2016, 11:05
ndbj ndbj is offline
Senior Member
 
Join Date: Dec 2012
Portugal
Posts: 35
Default
@ fireknight: thanks for the quick answer.

my modtask.php has the exact same code, nothing different.
maybe something at global.php where the class colors are defined...
I'll check it later.
Reply With Quote
  #4  
Old 20th February 2016, 12:15
fireknight's Avatar
fireknight fireknight is offline
Administrator
 
Join Date: Aug 2010
Australia
Posts: 173
Default
Original code for function get_user_class_name
Code:
function get_user_class_name($class)
{
  switch ($class)
  {
    case UC_USER: return "User";

    case UC_POWER_USER: return "Power User";

    case UC_VIP: return "VIP";

    case UC_UPLOADER: return "Uploader";

    case UC_MODERATOR: return "Moderator";

    case UC_ADMINISTRATOR: return "Administrator";

    case UC_SYSOP: return "SysOp";
  }
  return "";
}
You may have something different
For example
Code:
function get_user_class_name($class)
{
  switch ($class)
  {
    case UC_USER: return "<font color=blue><b>Admin</b></font>";
   }
  return "";
}
This will work in most areas of your site code.
That is standard HTML coding. ( a little old standard but still working )

But the textarea tag uses bbcode
So you may need to change things around a little ( tweaking )

Create a new function just for the comment box.

Example
Code:
function get_user_class_name_commentbox($class) 
{   
  switch ($class)   
  {     
    case UC_USER: return "[font color=blue]Admin[/font]";   
   }   return "";
 }
Damn code brackets are messing up with the bold bbcode.

Example
case UC_USER: return "[ font color=blue][ b]Admin[ /b][ /font]

Minus the spaces inside the [ ] boxes.
Reply With Quote
  #5  
Old 20th February 2016, 21:16
ndbj ndbj is offline
Senior Member
 
Join Date: Dec 2012
Portugal
Posts: 35
Default
You were right, so I created the new function at global.php, and called it at modtask.php, but the problem still happens, now with the bbcodes.

Click the image to open in full size.

Wonder what am I missing?
Reply With Quote
  #6  
Old 21st February 2016, 04:02
fireknight's Avatar
fireknight fireknight is offline
Administrator
 
Join Date: Aug 2010
Australia
Posts: 173
Default
Sorry mate my bad.
I forgot that textarea does not support bbcode or html code.

You may have to look at doing a work around.

Again sorry for my mistake.

EDIT

I have found a work around solution.

Add this to global.php
( change the colors to suit your existing classes & remove the spaces from the [ ] tags )
Code:
function get_user_class_name_commentbox($class)
{
  switch ($class)
  {
    case UC_USER: return "[ color=#8E35EF][ b]User[ /b][ /color]";

    case UC_POWER_USER: return "[ color=#f9a200][ b]Power User[ /b][ /color]";

    case UC_VIP: return "[ color=#009F00][ b]VIP[ /b][ /color]";

    case UC_UPLOADER: return "[ color=#0000FF][ b]Uploader[ /b][ /color]";

    case UC_MODERATOR: return "[ color=#FE2E2E][ b]Moderator[ /b][ /color]";

    case UC_ADMINISTRATOR: return "[ color=#B000B0][ b]Administrator[ /b][ /color]";

    case UC_SYSOP: return "[ color=#FF0000][ b]SysOp[ /b][ /color]";
  }
  return "";
}
userdetails.php

Find
Code:
$modcomment = htmlspecialchars($user["modcomment"]);
Change To
Code:
$modcomment = format_comment(htmlspecialchars($user["modcomment"]));
Find
Code:
<textarea cols=60 rows=6 name=modcomment>$modcomment</textarea>
Change To

Code:
<div name='modcomment' style='overflow-y:scroll; height:200px;'>$modcomment</div>
modtask.php

Find
Code:
$modcomment = gmdate("Y-m-d") . " - $what to '" . get_user_class_name($class) . "' by $CURUSER[username].\n". $modcomment;
Change To
Code:
$modcomment = gmdate("Y-m-d") . " - $what to '" .  get_user_class_name_commentbox($class) . "' by $CURUSER[username].\n".  $modcomment;
Now the only issue is !
The comment area now becomes Read Only.
And cannot be edited from the userdetails.php page.
But hey you cannot have everything.
Attached Thumbnails
comment box.png  

Last edited by fireknight; 21st February 2016 at 07:33.
Reply With Quote
  #7  
Old 22nd February 2016, 07:47
ndbj ndbj is offline
Senior Member
 
Join Date: Dec 2012
Portugal
Posts: 35
Default
Thanks, good work.
This solved the same problem inside the pm with info sent to user about demotion/promotion.

And for the comment area now becomes Read Only, I can live with that.

Only one last thing, when I do a promotion/demotion, the new info on the commentbox deletes the older promotions/demotions.

And if I change someother thing to a user, like title, warnings, ability to post in shoutbox, etc, the refresh cleans what was in the commentbox.
I see in your pic that you did some promotions and the page keep those records.

Could you point what I need to seek in my code to have the same result?

Thanks
Reply With Quote
  #8  
Old 22nd February 2016, 08:55
fireknight's Avatar
fireknight fireknight is offline
Administrator
 
Join Date: Aug 2010
Australia
Posts: 173
Default
I am one of the creators of FreeTSP.
Which we based of the TBDev 08.
We made loads of changes and brought the code up to date.

I do remember we had the same issue with the modtask.php
That was almost 6 yrs ago now, and I cannot remember the exact issue.
I do remember we changed the modtask.php.

To the Updated modtask.php MOD by Retro
And we have made many changes to it since then.
I have attached the FreeTSP modtask.php.

Make changes to it, pick it apart.
Do what ever you need to do, to make it work for you.

You may only need to changes all the includes and function names

EXAMPLE

FreeTSP
Code:
require_once(dirname(__FILE__).DIRECTORY_SEPARATOR.'functions'.DIRECTORY_SEPARATOR.'function_main.php');
require_once(FUNC_DIR.'function_user.php');
require_once(FUNC_DIR.'function_vfunctions.php');
require_once(FUNC_DIR.'function_page_verify.php');

db_connect(false);
logged_in();

$newpage = new page_verify();
$newpage->check('_modtask_');

if ($CURUSER['class'] < UC_MODERATOR)
{
    die();
}
TBDev
Code:
require "include/bittorrent.php";

dbconn(false);

loggedinorreturn();

function puke($text = "w00t")
{
  stderr("w00t", $text);
}

if (get_user_class() < UC_MODERATOR)
  puke();
Hope this helps you out.
Attached Files
File Type: php modtask.php (37.1 KB, 9 views)
Reply With Quote
  #9  
Old 22nd February 2016, 09:11
ndbj ndbj is offline
Senior Member
 
Join Date: Dec 2012
Portugal
Posts: 35
Default
Thanks mate. I'll check it later cause now I need to go to sleep.
7am here... lol

Was all night behind codes and stuff...

I have a tracker running since 2006 and in my config.php I can still see this:
// TBDevnet Versioning info
define ('TBVERSION',"XTBDev 0.10 Beta");

Of course that's full moded and I never gave a chance to TBDev 2009 cause this one I'm running has lots of personal mods made by myself and a friend of mine who knows php better than me.
I integrated punbb forum on it and aside from that, I like old stuff.

Cheers.
Reply With Quote
  #10  
Old 22nd February 2016, 11:39
fireknight's Avatar
fireknight fireknight is offline
Administrator
 
Join Date: Aug 2010
Australia
Posts: 173
Default
Sleep well mate.

As I said we based FreeTSP of the 08 code.
So the modtask.php I attached, should be easily backward converted.

And there is nothing wrong with old stuff.
As long as you have it sercured.

If you are happy with the code you are using, the better you will code it.
Reply With Quote
Reply

Tags
htmlspecialchars

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 12:04. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.