SMF Shop
SMFShop => Items => Topic started by: eugeniu on January 08, 2007, 09:42:06 am
-
Sorry everyone, it never crossed my mind that others will want to use this script later on =(. Well the download link has been updated, enjoy!
This script has a user type a question and submit it. On the next page, the user sees a magic 8 ball, his question, and a random answer from the script. A very useful script. ;)
Download: http://www.fuzillion.com/SMF/personal/downloads/magic8ball.zip (http://www.fuzillion.com/SMF/personal/downloads/magic8ball.zip)
-
Best item ever! :P
Its very pointless, but I love it, thanks for the great item! :D
-
Thanks. :)
-
Great Item and it is a hit on my forum! Great job!
-
can u plzz check those linkz again..... thnxxx
-
Can we possibly get another link please?
-
Link is dead.
Update link plz?
-
please fix the links lol
-
your best bet is to probably try emailing the author of the mod
-
Wow! I completely forgot about this! Must have been all those months ago when I lost my forums :P. Hm, I hope it still works with whatever version of the SMF-Shop there is now...lol.
I'll look for the download in my backups folder ^_^.
-
did you find it?
-
Yes, I updated the link about 16 days ago...
-
I think you have a bug in your script:
Excuse my English. :-)
If an bad-intentioned user buys the Magic Ball, he can insert any html code in the "question" field. That´s very dangerous, because he can obtain the admin password, or hack the forum.....
Here is the solution:
You have to replace the code from $sizeof = count($answer); to </center>"; with this one:
$sizeof = count($answer);
$random = (rand()%$sizeof);
//make the question a variable
$cambiar = $_POST['question'];
// Change al the < and >
$cambiar = str_replace("<","‹",$cambiar);
$cambiar = str_replace(">","›",$cambiar);
// print all in the page
return "<center><img src='http://xxxx.lomasinteresante.net/Sources/shop/xx/8ball.jpg' width=300 height=320><br />Tu pregunta fue $cambiar<br /><br />La bola responde:<br /><br />$answer[$random]</center>";
Note: Don´t forget to change the path for your image and translate al to your language.
-
Sorry, one big silly question... where do I install this script?
This sounds really fun and I would love to try it. Thank you!
-
Oh I figure it. Thanks! Cool stuff!
-
Hm, I hope it still works with whatever version of the SMF-Shop there is now...lol.
SMFShop hasn't really been updated since January 2007, so it'll be fine ;)
Here is the solution:
HTML injection doesn't allow them to obtain the admin password nor hack the forum. They're only injecting the HTML into a page that only they can see anyways, so it's pointless.
The correct fix:
Find:
function onUse() {
Add after:
$_POST['question'] = htmlspecialchars($_POST['question']);
-
You are the master.
-
Hm, I hope it still works with whatever version of the SMF-Shop there is now...lol.
SMFShop hasn't really been updated since January 2007, so it'll be fine ;)
Here is the solution:
HTML injection doesn't allow them to obtain the admin password nor hack the forum. They're only injecting the HTML into a page that only they can see anyways, so it's pointless.
The correct fix:
Find:
function onUse() {
Add after:
$_POST['question'] = htmlspecialchars($_POST['question']);
Now all you have to do is move this to the completed additions section :).
-
I just put this in MY Shop 10 minutes ago & everybody is addicted already! Oh, and I added a few extra answers too!
Thanks eugeniu & Daniel15! :)
-
Does anyone have an updated link?
-
A download link please?
-
Anyone got a link for this? please ? :P
-
update link please
-
Anyone got a link or is willing to email me the addon it would be very welcomed!!