[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnuheter-dev] links,admin: buggar
From: |
Ulf Harnhammar |
Subject: |
[Gnuheter-dev] links,admin: buggar |
Date: |
Tue, 20 Aug 2002 23:27:06 +0200 (CEST) |
Hej,
jag har committat alla möjliga ändringar till links och admin. Jag såg att
det var inlagt en bugg på Savannah om att det inte fungerade att skicka in
och lägga till länkar. Jag lyckades inte återskapa problemet (mer info,
någon?), men jag gjorde allmänna ändringar. Bland annat visade sig
sökfunktionen i links inte alls tycka om sökningar på tomma strängar, och
epostmeddelandet som skickas ut när en inskickad länk läggs till var också
fel.
// Ulf
--- admin.php.old 2002-08-20 20:38:33.000000000 +0200
+++ admin.php 2002-08-20 20:48:39.000000000 +0200
@@ -546,9 +546,9 @@
mysql_query("delete from links_newlink where lid=$lid");
if ($email=="") {
} else {
- $subject = "".translate("Your Link at $sitename")."";
- $message = "".translate("Hello")." $name:\n\n".translate("We
approved your link submission for our search engine.")."\n\n".translate("Page
Name: ")."$title\n".translate("Page URL: ")."$url\n".translate("Description:
")."$description\n\n\n".translate("You can browse our search engine at:")."
$nuke_url/links.php\n\n".translate("Thanks for your
submission!")."\n\n$sitename ".translate("team.")."";
- $from = "$sitename";
+ $subject = translate("Your Link at")." $sitename";
+ $message = translate("Hello")." $name:\n\n".translate("We approved
your link submission for our search engine.")."\n\n".translate("Page Title:
")."$title\n".translate("Page URL: ")."$url\n".translate("Description:
")."$description\n\n\n".translate("You can browse our search engine at:")."
${nuke_url}links.php\n\n".translate("Thanks for your
submission!")."\n\n$sitename ".translate("team.");
+ $from = $adminmail;
mail($email, $subject, $message, "From: $from\nX-Mailer: PHP/" .
phpversion());
}
}
--- links.php.old 2002-08-20 19:26:14.000000000 +0200
+++ links.php 2002-08-20 22:50:04.000000000 +0200
@@ -147,11 +147,16 @@
if ($cat[1] == "") {
$cat[1] = 0;
}
- $title = stripslashes(FixQuotes($title));
- $url = stripslashes(FixQuotes($url));
- $description = stripslashes(FixQuotes($description));
- $name = stripslashes(FixQuotes($name));
- $email = stripslashes(FixQuotes($email));
+
+ $title = trim(strip_tags(stripslashes(FixQuotes($title))));
+ $url = trim(strip_tags(stripslashes(FixQuotes($url))));
+ $description = trim(strip_tags(stripslashes(FixQuotes($description))));
+ $name = trim(strip_tags(stripslashes(FixQuotes($name))));
+ $email = trim(strip_tags(stripslashes(FixQuotes($email))));
+
+ if (!eregi('^(f|ht)tp:', $url))
+ $url = "http://$url";
+
mysql_query("insert into links_newlink values (NULL, '$cat[0]',
'$cat[1]', '$title', '$url', '$description', '$name', '$email')");
include('header.php');
$mainlink = 1;
@@ -421,7 +426,11 @@
global $admin;
if (!isset($min)) $min=0;
if (!isset($max)) $max=$min+$linksresults;
- $query = stripslashes($query);
+
+ $query = trim(stripslashes($query));
+ if ($query == "")
+ $query = "PHP-Nuke suger.";
+
dbconnect();
$result = mysql_query("SELECT lid, cid, sid, title, url, description,
date, hits FROM links_links WHERE title LIKE '%$query%' OR description LIKE
'%$query%' ORDER BY title DESC LIMIT $min,$linksresults");
$nrows = mysql_num_rows($result);
@@ -440,7 +449,7 @@
if ($nrows>0 OR $nrowsx>0) {
$result2 = mysql_query("SELECT cid, sid, title FROM links_subcategories
WHERE title LIKE '%$query%' ORDER BY title DESC");
- echo "<font size=\"3\">Sökresultat för: <font
color=\"#ff0000\">$query</font></font><br><br>\n";
+ echo "<font size=\"3\">Sökresultat för: <font
color=\"#ff0000\">".htmlspecialchars($query)."</font></font><br><br>\n";
echo "</div><table width=\"100%\" bgcolor=\"#cccccc\"><tr><td>\n";
echo "<font
size=\"3\"><b>Underkategorier</b></font></td></tr></table>\n";
while(list($cid, $sid, $stitle) = mysql_fetch_row($result2)) {
@@ -485,7 +494,7 @@
}
} else {
- echo "<div align=\"center\"><font color=\"#ff0000\" size=\"3\">Inga
träffar på sin sökfråga</font></div><br><br>\n";
+ echo "<div align=\"center\"><font color=\"#ff0000\" size=\"3\">Inga
träffar på din sökfråga</font></div><br><br>\n";
}
$prev = $min - $linksresults;
@@ -502,21 +511,22 @@
}
+ $queryurl = urlencode($query);
echo "<br><br><div align=\"center\"><font size=\"2\"\n>
- Prova att söka \"$query\" i andra sökmotorer<br>
- <a target=\"_blank\"
href=\"http://www.altavista.com/cgi-bin/query?pg=q&sc=on&hl=on&act=2006&par=0&q=$query&kl=XX&stype=stext\">Alta
Vista</a> -
- <a target=\"_blank\"
href=\"http://www.hotbot.com/?MT=$query&DU=days&SW=web\">HotBot</a> -
- <a target=\"_blank\"
href=\"http://www.infoseek.com/Titles?qt=$query\">Infoseek</a> -
- <a target=\"_blank\"
href=\"http://www.dejanews.com/dnquery.xp?QRY=$query\">Deja News</a> -
- <a target=\"_blank\"
href=\"http://www.lycos.com/cgi-bin/pursuit?query=$query&maxhits=20\">Lycos</a>
-
- <a target=\"_blank\"
href=\"http://search.yahoo.com/bin/search?p=$query\">Yahoo</a>
+ Prova att söka \"".htmlspecialchars($query)."\" i andra sökmotorer<br>
+ <a target=\"_blank\"
href=\"http://www.altavista.com/cgi-bin/query?pg=q&sc=on&hl=on&act=2006&par=0&q=$queryurl&kl=XX&stype=stext\">Alta
Vista</a> -
+ <a target=\"_blank\"
href=\"http://www.hotbot.com/?MT=$queryurl&DU=days&SW=web\">HotBot</a> -
+ <a target=\"_blank\"
href=\"http://www.infoseek.com/Titles?qt=$queryurl\">Infoseek</a> -
+ <a target=\"_blank\"
href=\"http://www.dejanews.com/dnquery.xp?QRY=$queryurl\">Deja News</a> -
+ <a target=\"_blank\"
href=\"http://www.lycos.com/cgi-bin/pursuit?query=$queryurl&maxhits=20\">Lycos</a>
-
+ <a target=\"_blank\"
href=\"http://search.yahoo.com/bin/search?p=$queryurl\">Yahoo</a>
<br>
- <a target=\"_blank\"
href=\"http://es.linuxstart.com/cgi-bin/sqlsearch.cgi?pos=1&query=$query&language=&advanced=&urlonly=&withid=\">LinuxStart</a>
-
- <a target=\"_blank\"
href=\"http://search.1stlinuxsearch.com/compass?scope=$query&ui=sr\">1stLinuxSearch</a>
-
- <a target=\"_blank\"
href=\"http://www.google.com/search?q=$query\">Google</a> -
- <a target=\"_blank\"
href=\"http://www.linuxlinks.com/cgi-bin/search.cgi?query=$query&engine=Links\">LinuxLinks</a>
-
- <a target=\"_blank\"
href=\"http://www.freshmeat.net/search.php?query=$query\">Freshmeat</a> -
- <a target=\"_blank\"
href=\"http://www.justlinux.com/bin/search.pl?key=$query\">JustLinux</a>
+ <a target=\"_blank\"
href=\"http://es.linuxstart.com/cgi-bin/sqlsearch.cgi?pos=1&query=$queryurl&language=&advanced=&urlonly=&withid=\">LinuxStart</a>
-
+ <a target=\"_blank\"
href=\"http://search.1stlinuxsearch.com/compass?scope=$queryurl&ui=sr\">1stLinuxSearch</a>
-
+ <a target=\"_blank\"
href=\"http://www.google.com/search?q=$queryurl\">Google</a> -
+ <a target=\"_blank\"
href=\"http://www.linuxlinks.com/cgi-bin/search.cgi?query=$queryurl&engine=Links\">LinuxLinks</a>
-
+ <a target=\"_blank\"
href=\"http://www.freshmeat.net/search.php?query=$queryurl\">Freshmeat</a> -
+ <a target=\"_blank\"
href=\"http://www.justlinux.com/bin/search.pl?key=$queryurl\">JustLinux</a>
</font></div>";
html_page_foot();
- [Gnuheter-dev] links,admin: buggar,
Ulf Harnhammar <=