XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / [SOLVED] Wordbook : can't edit any definition
Register
11
Shine
Re: Wordbook : cant edit any definition

  • 2006/10/16 20:00

  • Shine

  • Just can't stay away

  • Posts: 822

  • Since: 2002/7/22


I've read and read........ but since it concerns difficult code language and lines which should be removed/replaced, I cannot understand what needs to be done exactly. Can somebody please translate the workarounds here into english?
Thanks in advance!

Grtz., Shine
12
Mithrandir
Re: Wordbook : cant edit any definition

My French is not very good (despite 10 years of learning... or at least people trying to teach me) and since I don't have the code, this may not be accurate.

BUT, it seems that inside the module, these lines exist:
$definition ereg_replace("'","'",$definition);
$term ereg_replace("'","'",$term);


I would suggest you change it to
$myts =& MyTextSanitizer::getInstance();
$definition $myts->addSlashes($definition);
$term $myts->addSlashes($term);


and see if that changes anything.
"When you can flatten entire cities at a whim, a tendency towards quiet reflection and seeing-things-from-the-other-fellow's-point-of-view is seldom necessary."

Cusix Software
13
tcnet
Re: Wordbook : cant edit any definition

  • 2006/10/17 0:56

  • tcnet

  • Friend of XOOPS

  • Posts: 297

  • Since: 2006/5/12


1) Is this a fix for WB 1.17? I can't find the above in WB 1.16.

2) Requesting advice on closing the WB 1.16 hole please.

Mithrandir:
Quote:
Ahh, it seems that wordbook 1.16 has a nasty security hole, caused by the ' character.


Thank you!
14
bakou
Re: Wordbook : cant edit any definition

  • 2006/11/17 14:50

  • bakou

  • Just popping in

  • Posts: 1

  • Since: 2006/11/17


Hi there,

If it's the problem with the ' character you could try this:

Edit admin/entry.php and add the following (line 223 v1.17/ line 210 v1.16)

$definition addSlashes($definition);
$term addSlashes($term);


With 1.17 you may also choose the wysiwyg editor instead of the default one to get the same results. But the problem still appears when you want to create a category/description with the ' character. Use the same trick:

Edit admin/category.php and add the following (line 130, all versions)

$description addSlashes($description);
$name addSlashes($name);


Hope it'll work for you :)

Pascal
« 1 (2)

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

413 user(s) are online (303 user(s) are browsing Support Forums)

Members: 0

Guests: 413

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits