Question Regarding posting

New Member Joined: Dec 21, 2006 Posts: 5

How can I write a php script that will allow someone to make a post from within a module of mine (using an HTML form, textboxes and such, and then take all of the data, format it into one long string and get it posted) to a specific forum, while still sending the posting data through mainfile and having the same (generally) amount of security you have when posting normally?

Thanks!

Posted: Tue Apr 17, 2007 11:44 am

If you POST the form data back to your module file it will go through Sentinel (if you have it). You could then format the data and insert it into the database as a forum post.

Posted: Tue Apr 17, 2007 12:35 pm

Well, that works for one of my sites - but my PHPNuke 8 site which doesn't have Sentinel installed - what can I do there?

Posted: Tue Apr 17, 2007 12:37 pm

Let me express some reservations about the solutions proposed. LOL: Please?

You need to take a look at what the Forums programs do when they post a post, so to speak. If I am not mistaken, there are a number of tables and fields within those tables updated and you'll need to replicate that to maintain the integrity of the Forums tables.

Posted: Tue Apr 17, 2007 12:53 pm

rampantandroid wrote:

Well, that works for one of my sites - but my PHPNuke 8 site which doesn't have Sentinel installed - what can I do there?

Install Sentinel?

Edit: even if you don't have Sentinel installed, if you POST the form data back to your module using the usual conventions it will still "flow through mainfile", etc. Sentinel just does thorough checking of this data, whereas PHP-Nuke 8 does minimal checking.

Posted: Tue Apr 17, 2007 12:55 pm

fkelly wrote:

Let me express some reservations about the solutions proposed. LOL: Please?

You need to take a look at what the Forums programs do when they post a post, so to speak. If I am not mistaken, there are a number of tables and fields within those tables updated and you'll need to replicate that to maintain the integrity of the Forums tables.

Agreed...you'd have to replicate the same logic that Forums does. Which makes me wonder what you are trying to do?

Posted: Tue Apr 17, 2007 2:24 pm

fkelly wrote:

Let me express some reservations about the solutions proposed. LOL: Please?

You need to take a look at what the Forums programs do when they post a post, so to speak. If I am not mistaken, there are a number of tables and fields within those tables updated and you'll need to replicate that to maintain the integrity of the Forums tables.

Well, this is what I was hoping to get info on...I don't feel like taking the time (nor do I know enough about) to write a script to do security checking...

If nothing else, the solution of just POSTING the data can work temporarily. I know how the system works for making posts, I was just afraid of inserting the data directly into my nuke tables.

Posted: Tue Apr 17, 2007 9:18 pm

You can write a script to POST data to other web scripts. That's generally how a lot of spam works. phpBB though has turned to using some session based checks which does stop some of these scripts. Though ultimately I think some spammers are turning to automated control of browsers to actually do that, bypassing these kinds of checks once again.

Look up how to use cURL in PHP. That is where you can do some powerful webpage retrieval stuff. But be surprised if it becomes complicated to replicate into POSTing data to phpBB, they've made it tough, but not impossible, to do.