Temos pavadinimas: WordPress, Shopify ir PHPFusion programuotojų bendruomenė :: PHP-Fusion print.php bug fix

Parašė BloodKiller· 2007 Rugp. 2 23:08:41
#1
Ech, vel digis prisidare kruva spragu. :D Sikart per jo spragas, pasinaudojus print.php failu gali kas nori skaityti naujienas (ne, visai nesvarbu ar nustatytas priejimas tik tam tikrai grupei). :D Taigi, kaip mes galime istaisyti sia digio ziopla spraga? Ogi labai paprastai. :D

Kiauras print.php failo turinys.

<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright Ā© 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "maincore.php";
include LOCALE.LOCALESET."print.php";

if (!isset($item_id) || !isNum($item_id)) fallback("index.php");

echo "<html>
<head>
<title>".$settings['sitename']."</title>
<style type=\"text/css\">
body { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:14px; }
hr { height:1px;color:#ccc; }
.small { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:12px; }
.small2 { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:12px;color:#666; }
</style>
</head>
<body>\n";
if ($type == "A") {
   $res = dbquery(
      "SELECT ta.*, user_id, user_name FROM ".$db_prefix."articles ta
      LEFT JOIN ".$db_prefix."users tu ON ta.article_name=tu.user_id
      WHERE article_id='$item_id'"
   );
   if (dbrows($res) != 0) {
      $data = dbarray($res);
      $article = str_replace("<--PAGEBREAK-->", "", stripslashes($data['article_article']));
      if ($data['article_breaks'] == "y") $article = nl2br($article);
      echo "<b>".$data['article_subject']."</b><br>
<span class='small'>".$locale['400'].$data['user_name'].$locale['401'].ucfirst(showdate("longdate", $data['article_datestamp']))."</span>
<hr>
$article\n";
   }
} elseif ($type == "N") {
   $res = dbquery(
      "SELECT tn.*, user_id, user_name FROM ".$db_prefix."news tn
      LEFT JOIN ".$db_prefix."users tu ON tn.news_name=tu.user_id
      WHERE news_id='$item_id'"
   );
   if (dbrows($res) != 0) {
      $data = dbarray($res);
      $news = stripslashes($data['news_news']);
      if ($data['news_breaks'] == "y") $news = nl2br($news);
      if ($data['news_extended']) {
         $news_extended = stripslashes($data['news_extended']);
         if ($data['news_breaks'] == "y") $news_extended = nl2br($news_extended);
      } else {
         $news_extended = "";
      }
      echo "<b>".$data['news_subject']."</b><br>
<span class='small'>".$locale['400'].$data['user_name'].$locale['401'].ucfirst(showdate("longdate", $data['news_datestamp']))."</span>
<hr>
$news\n";
      if (isset($news_extended)) echo "<hr>\n<b>".$locale['402']."</b>\n<hr>\n$news_extended\n";
   }
}
echo "</body>
</html>\n";
?>




Puikiai uzlopytas print.php failo turinys mano deka. :D

<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright Ā© 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "maincore.php";
include LOCALE.LOCALESET."print.php";

if (!isset($item_id) || !isNum($item_id)) fallback("index.php");

echo "<html>
<head>
<title>".$settings['sitename']."</title>
<style type=\"text/css\">
body { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:14px; }
hr { height:1px;color:#ccc; }
.small { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:12px; }
.small2 { font-family:Verdana,Tahoma,Arial,Sans-Serif;font-size:12px;color:#666; }
</style>
</head>
<body>\n";
if ($type == "A") {
   $res = dbquery(
      "SELECT ta.*, user_id, user_name, article_cat_access FROM ".$db_prefix."articles ta
      LEFT JOIN ".$db_prefix."users tu ON ta.article_name=tu.user_id
      LEFT JOIN ".$db_prefix."article_cats ON ta.article_cat = article_cat_id
      WHERE article_id='$item_id'"
   );
   if (dbrows($res) != 0) {
      $data = dbarray($res);
      if (checkgroup($data['article_cat_access'])) {
         $article = str_replace("<--PAGEBREAK-->", "", stripslashes($data['article_article']));
         if ($data['article_breaks'] == "y") $article = nl2br($article);
         echo "<b>".$data['article_subject']."</b><br>
<span class='small'>".$locale['400'].$data['user_name'].$locale['401'].ucfirst(showdate("longdate", $data['article_datestamp']))."</span>
<hr>
$article\n";
      }
   }
} elseif ($type == "N") {
   $res = dbquery(
      "SELECT tn.*, user_id, user_name FROM ".$db_prefix."news tn
      LEFT JOIN ".$db_prefix."users tu ON tn.news_name=tu.user_id
      WHERE news_id='$item_id'"
   );
   if (dbrows($res) != 0) {
      $data = dbarray($res);
      if (checkgroup($data['news_visibility'])) {
         $news = stripslashes($data['news_news']);
         if ($data['news_breaks'] == "y") $news = nl2br($news);
         if ($data['news_extended']) {
            $news_extended = stripslashes($data['news_extended']);
            if ($data['news_breaks'] == "y") $news_extended = nl2br($news_extended);
         } else {
            $news_extended = "";
         }
         echo "<b>".$data['news_subject']."</b><br>
<span class='small'>".$locale['400'].$data['user_name'].$locale['401'].ucfirst(showdate("longdate", $data['news_datestamp']))."</span>
<hr>
$news\n";
         if (isset($news_extended)) echo "<hr>\n<b>".$locale['402']."</b>\n<hr>\n$news_extended\n";
      }
   }
}
echo "</body>
</html>\n";
?>




P.S. Lietuva vel vienu laipteliu auksciau saugumo atzvilgiu nei uzsienio salys. :D :D Taip pat prisegu print.php faila (pataisyta). Jei neveiks nuoroda, siuskites is CIA.

EDIT: Regis digis vel paliko ziopla klaida, kuria katik istaisiau. :D
Redagavo BloodKiller· 2007 Rugp. 3 12:08:01

Parašė Fanio· 2007 Rugp. 3 01:08:03
#2
šauniai pasidarbavai ;)

Parašė Ewro· 2007 Rugp. 3 01:08:15
#3
Dabar visi dėkokite Blood, ir neklausinėkite kaip padaryt... :);)

Parašė MAnjack· 2007 Rugp. 3 09:08:31
#4
Klausinėt ir nereikia, viskas padoryta :D

Parašė Toonis· 2007 Rugp. 3 09:08:09
#5
Gal aš geriau pats pasitaisysiu, bet tavo kodo nesisiųsiu :]

Parašė WantedBoy· 2007 Rugp. 3 10:08:55
#6
Nu tu ka nori ta daryk.Labai cia visiems idomu ka tu darysi? ?|

Parašė Toonis· 2007 Rugp. 3 10:08:20
#7
O tu galvoji man labai įdomi tavo nuomonė? Ar aš tavęs jos klausiau?

Parašė DarK-SouL· 2007 Rugp. 3 14:08:04
#8
Man gal idomu bl ka toonis darys? Wantedboy, ziuriu tu durnius...
Redagavo DarK-SouL· 2007 Rugp. 3 14:08:21

Parašė Ewro· 2007 Rugp. 3 17:08:55
#9
MAnjack parašė:
Klausinėt ir nereikia, viskas padoryta :D


aš turėjau meny kitas temas (kad nekurtų tokių "kaip istrint print )

Parašė LeBro· 2007 Rugp. 15 11:08:02
#10
man bent jau neisarchyvuoja to failiuko... :/

Parašė diadingo· 2009 Kov. 10 19:03:55
#11
o jei paprasciausiai istrynus print.php neatsirastu kokiu klaidu ar erroru?(aisku to print nenaudojant)