The signature of a member is processed once and it appears OK the first time, however, the second time it is sanatizing the already sanatized signature causing all havoc to be released when the user's signature contains bbcode.

Around line 276 in newbb/viewtopic.php it contains:

$post_text .= "<p><br />----------------<br />". $myts->makeTareaData4Show($myts->makeTareaData4Show($eachposter->getvar('user_sig', 'N'), 0, 1, 1)."</p>";


makeTareaData4Show takes a reference to the text, therefore any changes made to it is made also to the source. Therefore, it's being processed twice.

I made the simplest change I could to make it work, and it was simply:

$sig = $eachposter->getVar('user_sig', 'N');
$post_text .= "<p><br />----------------<br />". $myts->makeTareaData4Show($sig, 0, 1, 1)."</p>";

This obviously causes it not to be processed twice because no reference is back to the original source of the variable. This fixes the bug. The core developers may have a better way as I am not super familure with the text sanatization code.

Oh, the same code appears again around line 322. I say around because I did not look at the line numbers before I started editing the code to add my own lines, sorry.

Jeremy
http://lifewithchrist.org

I read that others were having this problem and I tried to locate the original post but could not but wanted to get this simple fix out there so I created a new thread. Sorry!

----

Got tired of seeing messages as new all the time, especially with the pmblock module I made so I dove into the code and the fix is very easy.

On line 163 in modules/pm/readpmsg.php it contains:



Well, the "from_userid" if portion says, if the person who sent the PM is reading equal to the person currently reading the PM (getVar("uid") part) then mark it read.

In reality it should be when "to_userid" is currently reading it, then mark it read.

So, simply change "from_userid" to "to_userid" and everything will work as sopose to.

Jeremy
http://lifewithchrist.org

Please see:https://xoops.org/modules/newbb/viewtopic.php?topic_id=39951&forum=39&post_id=186155#forumpost186155

I made a simple Inbox indicator block that's easy to install that will hopefully get us all through until FINAL is released.

Jeremy
http://lifewithchrist.org

I have resolved this on my XOOPS install of 2.2.2 by making a module called pmblock. The only thing that the module has is 1 block and a template. It creates a block that looks like:

* Private Messages

You have 8 new messages
and 13 old message.

View Inbox

That's all it does. Nothing fancy but it works. You can download this very simple module by accessing:

http://lifewithchrist.org/pmblock.tar.gz

I want you to know something about this module though... I hacked it together in 15 minutes. It's no art work, it has no promise to do anything at all. I don't have time to support it in a thousand different installs. I thought about not even giving it to anyone else, but I decided maybe someone could make use of it.

Another thing, once 2.2.3 final is out and I verify that it does the Inbox correctly like old versions (or has something equivelent) I *will* be removing pmblock.tar.gz from my website.

It does work on my test XOOPS install of 2.2.2 and also my production 2.2.2 (http://lifewithchrist.org) install. Those are the only two places I have tested it.

I hope this quick fix that really doesn't fix anything good will be helpful to someone.

To install it, copy the pmblock.tar.gz into your modules directory on your XOOPS install, then uncompress it. It will create:

pmblock/xoops_version.php
pmblock/blocks/pmblock_pmcount_show.php
pmblock/templates/blocks/pmblock_pmcount.html

From there, just go to your module admin and install it like any other module and enjoy!

Jeremy
Life with Christ
http://lifewithchrist.org

Ah! That is a very handy feature. I actually implemented that in my custom blog module on Life with Christ (http://lifewithchrist.org) because it allows anonymous comments and that soon got way out of hand with spammers.

I also added two other things that *really* helped out.

1. Before posting anyonymous comments, it checks the time that is stored in the user session as to when they viewed the page. If that time is less than 5 seconds (who can read a story, type a response and hit the submit button in less than 5 seconds but a bot?)
2. It checks the subject for common spam phrases (almost 1,000 of them are in there now)
3. It checks the body of the comment for common spam URLs (tons of them).

Anyway, what you've done with the security tokens is a much appriciated addition, thanks for the pointer!

Jeremy
http://lifewithchrist.org

Can anyone give me an overview as to what the security tokens are all about and how they work? I am looking at the code trying to figure them out but am not really seeing enough info to catch on.

Jeremy

I seem to be getting this in a few areas and other misc errors when I upgraded from 2.0.13.1 to 2.2.2 via the Upgrade patch.

For instance, reading a news article, I try to add a notification to my Email when a new comment is posted. I recieve the "No valid security token found in session" error, then when it tries to go back to the news article, I recieved: "Sorry, the selected story does not exist." and it takes me to the news listing.

Any help would be greatly appriciated. I did this upgrade on my test box and all seemed to work ok, but I just did not find these errors before upgrading my live site,http://lifewithchrist.org ...

Thanks for any help,

Jeremy

Add me to the list on 2.2.2.

When will 2.2.2 be stable? I did not realize 2.2.2 was not a stable release, I did not see that anywhere. I update my site,http://lifewithchrist.org/ w/about 1,300 members and I am having minor problems here and there. I was hoping to find the solution but now I fear I will not due to 2.2.2 not being stable.

Jeremy

Only 1 comment and/or intrest on such an email change addition?