Support Forums - All Posts - XOOPS Web Application System

91

Re: theme.html problem!

2003/11/17 21:18
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

Have you turned on PHP warnings?... maybe we can get an error to see what is wrong.

I'm not sure it's your problem, but I am wondering about your structures like <img src="<a href... Is this valid HTML? I could be wrong, but I think it should be something like:

<a href="blahblah" target="_blank"><img src="blahblah" /></a>

92

Re: user IP's

2003/11/17 10:17
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

I'll just point out that blocking on the basis of IP is generally not a good idea. People on dialup or cable often have dynamically assigned IP addresses. The next time they connect they could have a different address, and someone else may get the previous address they had. If you block an IP you could be blocking (occasionally) a lot of other users at the same ISP.

That said, XOOPS does not log the IP address of each login (I don't think). Some modules store this information, but if you just want IPs for logins you may have to make some tiny modifications to the XOOPS code to do this for you. Alternatively if you have access to the http server logs, look for all requests to pages yoursite.com/user.php and find the IP address that way. With the second approach it may be difficult to connect user ID with IP address though.

93

Re: Recent Downloads - php include

2003/11/17 0:59
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

This could be a lot of work as XOOPS has not really been designed to work this way. When an XOOPS page is viewed, several files are included to load all kinds of things like database config info and session information, in addition to all kinds of stuff for building a page. Not sure it would work, but you could try including mainfile.php from your php file then access the mydownloads table(s) directly using the $xoopsDB database object. An easier solution is probably just hardcode in PHP a connection to your MySQL database, query the mydownloads table(s) and output the results.

94

Re: Web Links and My Links for Articles

2003/11/17 0:52
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

Instead of:

http://mywebsite.com/modules/mylinks/visit.php?lid=12345

you could instead use:

[ siteurl modules/mylinks/visit.php?lid=12345]Link to full story[/ siteurl] (remove spaces)

I think this is a great idea. Although I've never done this because it isn't as easy as I'd like, I always have thought it would be a good idea to store and refer to "long-lived" links this way. By "long-lived" I mean documents which are quite popular and will be around for a long time on the net. Mirrors having this document may come and go, but the links module can automatically alert you when it breaks and you can find a new one.

The best thing I like about it is for frequently used links. It means if an external URL breaks, you change it once in the links module, then ALL your forums/news/etc which refer to that link will be fixed automatically. The ability to track statistics, and maybe provide a frame around the external page also seem like good uses for this.

95

Re: How do I reset the post count for individual members?

2003/11/16 23:56
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

You can do it directly from MySQL in the users table (the 'posts' column). However, if you ever 'synchronize' the number of posts, then this will be reset to its true value.

96

Re: Xoops.org needs search box on EVERY page

2003/11/16 0:45
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

There is a search but it is available only from the home page. (Upper right corner.)

In my opinion it should be present on ALL pages, and the lack of it causes the problems you talk about. I have requested a few times in the forums and via mailing list that the search box be enabled on all xoops.org pages, but I guess either it was missed or the site admin disagrees. I will try to bring this up once more.

97

Re: NEWBB - topics deleted by posters !?

2003/11/15 22:35
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

*You* may be done with the topic, but if *others* have the same problem we like to leave the question and answer available for them when they search through the forums (hopefully most people do this before posting their questions

).

If there truly is no reason for the topic to be there you can possibly send a PM to the forum moderator(s) and request that it be removed. They will *rarely* do this though unless a thread is a duplicate post or if it is very offensive.

98

Re: Xoops Hacked!!!

2003/11/15 22:23
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

Looks to me more like someone hacked the webserver. Try going tohttp://www.inconnueteam.net/admin.php and you get the correct behaviour (no permission). Try going tohttp://www.inconnueteam.net/modules/news/article.php and you get the correct message 'article does not exist'.

But if you go tohttp://www.inconnueteam.net/modules/mylinks/index.php then you get the hacked page. This could be done either by replacing the actual index.php file with the hacked script... OR, it could be done with a 'mod_rewrite' type of rule (in the webserver) which loads the hacked scripted whenever the URL is e.g.http://www.inconnueteam.net/modules/[.+]/index.php . Anyways, this is just a guess. I hope the admins of that site can post here (or PM the core team) once the problem is found. I'd be very interested to know if it is just a webserver hack (especially a risk on shared hosting) or if it is an actual XOOPS vulnerability that has been unconvered.

Thanks.

99

Re: Gosh Darn Hackers

2003/11/15 3:17
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

Get access how? Get access to what... administrator privilege? Have you set a 'difficult' password? Do you log out after you have been signed into the administrator account? What does "crash the site" mean? Do they just vandalize by posting offensive content in e.g. the forums?

It could also be a security problem with your hoster. I don't know anything about them, but if they are poorly set up it is possible for someone to read your mainfile.php containing MySQL user/password info, and perhaps attack the site that way.

If you can provide *much* more specific details on what is going wrong, we can try and help figure out how to prevent it. THanks

100

Re: Advanced Downloads per posts

2003/11/15 3:12
mvandam
Quite a regular
Posts: 253
Since: 2003/2/7 2

You could 'implement' such a feature now by using different user groups. If a user has more than x posts, then they go into the group which allows download access. The only trouble is that this would have to be done by hand (which could be tough if you have a large online community).

But consider if this is what you really want. IMHO, forcing posts will not likely 'keep interest' in the site but will probably attract a lot of useless posts (e.g. "asdf") that would dilute any interesting discussion and perhaps actually diminish interest by others in the site. It could also simply drive those people to look elsewhere for the downloads. Depending on the crowd your site normally attracts I guess this could go either way... Good luck!

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: theme.html problem!

Re: user IP's

Re: Recent Downloads - php include

Re: Web Links and My Links for Articles

Re: How do I reset the post count for individual members?

Re: Xoops.org needs search box on EVERY page

Re: NEWBB - topics deleted by posters !?

Re: Xoops Hacked!!!

Re: Gosh Darn Hackers

Re: Advanced Downloads per posts

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}