| Author |
Message |
dakat
New Member
Joined: Jun 01, 2015
Posts: 19
|
 Posted:
Sun Jun 07, 2015 2:59 pm |
|
I have a module testimonials It works On other nuke version not RN-2.5
can anyone take a look ? thanks
php Code:
/************************************************************************/
/* PHP-NUKE: Web Portal System */
/* =========================== */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* Andrei Orlov http://www.x-prices.com */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/* */
/************************************************************************/
/* Additional security & Abstraction layer conversion */
/* 2003 chatserv */
/* http://www.nukefixes.com -- http://www.nukeresources.com */
/************************************************************************/
if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {
die ("You can't access this file directly...");
}
$index = 1;
require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$pagetitle = "- "._TESTIMONIALS."";
function index($msg="") {
global $db, $admin, $user, $cookie, $module_name, $bgcolor4;
include("header.php");
OpenTable();
if ($msg > "")
echo "<center><font class=\"title\"><i>".$msg."</i></font></center><br><br>";
echo "<center><font class=\"title\"><b>"._TESTIMONIALS."</b></font></center><br>";
echo "<center><font class=\"option\">"._TESTIMONIALSWRITE."</font></center>";
echo "<form action=\"modules.php?name=$module_name\" method=\"post\">";
echo "<table border=\"0\" cellspacing=\"10\" cellpadding=\"0\" align=\"center\" width=\"80%\">";
echo "<tr><td width=\"30%\" align=\"right\"><font class=\"option\"><b>"._NAME." :</b></font></td>";
if(is_user($user)) {
cookiedecode($user);
$uid = $cookie[0];
$auth_name = $cookie[1];
echo "<td>$auth_name</td></tr>";
echo "<input type=\"hidden\" name=\"auth_name\" value=\"$auth_name\">";
} else {
$auth_name = "Guest";
$uid = 0;
echo "<td><input type=\"text\" name=\"auth_name\" size=\"20\" value=\"$auth_name\"></td></tr>";
}
echo "<tr><td width=\"30%\" align=\"right\"><font class=\"option\">"._COMMENT." :</font></td>";
echo "<td><textarea rows=\"5\" name=\"testimonial\" cols=\"50\"></textarea></td></tr></table>";
echo "<input type=\"hidden\" name=\"uid\" value=\"$uid\">";
echo "<input type=\"hidden\" name=\"s_op\" value=\"submitpost\">";
echo "<center><input type=\"Submit\" value=\""._SUBMIT."\"></center></form>";
if (!(is_admin($admin))) $approvetext=" where approved='1' ";
$sql = "SELECT lid, uid, uname, testimonials2, date, approved FROM testimonials ".$approvetext." order by date DESC";
$result = $db->sql_query($sql);
$result1 = $result;
$numrow = $db->sql_numrows($result1);
if($numrow > '0') {
echo "<table border=\"0\" cellspacing=\"10\" cellpadding=\"0\" align=\"center\" width=\"80%\">";
while($row = $db->sql_fetchrow($result)) {
$lid = intval($row['lid']);
$uid = intval($row['uid']);
$auth_name = $row['uname'];
$testimonials = $row['testimonials'];
$date = $row['date'];
$approved = intval($row['approved']);
if($auth_name == 'Guest') {
echo "<tr bgcolor=\"$bgcolor4\"><td><font class=\"option\">$auth_name</font> "._POSTED.": $date</td></tr>";
} else {
echo "<tr bgcolor=\"$bgcolor4\"><td><font class=\"option\"><a href=\"modules.php?name=Your_Account&op=userinfo&username=$auth_name\">$auth_name</a></font> "._POSTED.": $date</td></tr>";
}
echo "<tr><td><p>$testimonials</p>";
if(is_admin($admin)) {
echo "<p align=\"right\"><a href=\"modules.php?name=$module_name&s_op=deletepost&lid=$lid\">"._DELETE."</a>";
if ($approved == '0') echo " | <a href=\"modules.php?name=$module_name&s_op=approvepost&lid=$lid\">"._APPROVETESTIMONIAL."</a> ";
echo "</p>";
}
echo "</td></tr>";
}
echo "</table>";
} else echo "<center><font class=\"option\">"._NOCOMMENTS."</font></center>";
CloseTable();
include("footer.php");
}
function submitpost($uid, $auth_name, $testimonial2) {
global $db, $module_name, $admin;
$uid = intval($uid);
if(isset($auth_name)) {
$auth_name = stripslashes(FixQuotes($auth_name));
} else {
$auth_name = "Guest";
}
$testimonial = stripslashes(FixQuotes($testimonial));
$testimonial = nl2br($testimonial);
if (is_admin($admin)) $approve=1; else $approve=0;
$db->sql_query("insert into testimonials2 ( `lid` , `uid` , `uname` , `testimonials2` , `date` , `approved` ) values(NULL, '$uid', '$auth_name', '$testimonial', now(), '$approve')");
index(_TESTIMONIALRECEIVED);
}
function deletepost($lid) {
global $db, $module_name, $admin;
$lid = intval($lid);
if(is_admin($admin)) {
$db->sql_query("delete from testimonials2 where lid='$lid'");
index(_TESTIMONIALDELETED);
} else die ("You can't access this file directly...");
}
function approvepost($lid) {
global $db, $module_name, $admin;
$lid = intval($lid);
if(is_admin($admin)) {
$db->sql_query("update testimonials2 set approved='1' where lid='$lid'");
index(_TESTIMONIALAPPROVED);
} else die ("You can't access this file directly...");
}
switch($s_op) {
case "submitpost":
submitpost($uid, $auth_name, $testimonial);
break;
case "approvepost":
approvepost($lid);
break;
case "deletepost":
deletepost($lid);
break;
default:
index();
break;
}
?>
|
|
|
|
|
|
|
dakat
|
| Posted:
Sun Jun 07, 2015 3:01 pm |
|
heres the file |
| Description: |
|
Download |
| Filename: |
testimonials.zip |
| Filesize: |
6.97 KB |
| Downloaded: |
363 Time(s) |
|
|
|
|
|
nuken
RavenNuke(tm) Development Team
Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina
|
| Posted:
Sun Jun 07, 2015 4:23 pm |
|
That module is very old and would need a little work to be compatible Ravennuke. Most older modules will not work due to older coding standards that are no longer supported in modern versions of php. Try something like this if you want a testimonials module. [ Only registered users can see links on this board! Get registered or login! ] I would be cautious of older modules since they may have unpatched security issues or unsanitized user input. |
_________________
Tricked Out News
|
|
 
|
|
nuken
|
| Posted:
Mon Jun 08, 2015 5:24 am |
|
If you want to use the older one, here is the modules index.php with the edits needed to get it working.
php Code:
<?php
/************************************************************************/
/* PHP-NUKE: Web Portal System */
/* =========================== */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* Andrei Orlov http://www.x-prices.com */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/* */
/************************************************************************/
/* Additional security & Abstraction layer conversion */
/* 2003 chatserv */
/* http://www.nukefixes.com -- http://www.nukeresources.com */
/************************************************************************/
if ( !defined('MODULE_FILE') )
{
die('You can\'t access this file directly...');
}
//$index = 1;
define('INDEX_FILE', true);
//require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$pagetitle = "- "._TESTIMONIALS."";
function index($msg="") {
global $db, $admin, $user, $cookie, $module_name, $bgcolor4;
include("header.php");
OpenTable();
if ($msg > "")
echo "<center><font class=\"title\"><i>".$msg."</i></font></center><br><br>";
echo "<center><font class=\"title\"><b>"._TESTIMONIALS."</b></font></center><br>";
echo "<center><font class=\"option\">"._TESTIMONIALSWRITE."</font></center>";
echo "<form action=\"modules.php?name=$module_name\" method=\"post\">";
echo "<table border=\"0\" cellspacing=\"10\" cellpadding=\"0\" align=\"center\" width=\"80%\">";
echo "<tr><td width=\"30%\" align=\"right\"><font class=\"option\"><b>"._NAME." :</b></font></td>";
if(is_user($user)) {
cookiedecode($user);
$uid = $cookie[0];
$auth_name = $cookie[1];
echo "<td>$auth_name</td></tr>";
echo "<input type=\"hidden\" name=\"auth_name\" value=\"$auth_name\">";
} else {
$auth_name = "Guest";
$uid = 0;
echo "<td><input type=\"text\" name=\"auth_name\" size=\"20\" value=\"$auth_name\"></td></tr>";
}
echo "<tr><td width=\"30%\" align=\"right\"><font class=\"option\">"._COMMENT." :</font></td>";
echo "<td><textarea rows=\"5\" name=\"testimonial\" cols=\"50\"></textarea></td></tr></table>";
echo "<input type=\"hidden\" name=\"uid\" value=\"$uid\">";
echo "<input type=\"hidden\" name=\"s_op\" value=\"submitpost\">";
echo "<center><input type=\"Submit\" value=\""._SUBMIT."\"></center></form>";
if (!(is_admin($admin))) $approvetext=" where approved='1' ";
$sql = "SELECT lid, uid, uname, testimonials, date, approved FROM testimonials ".$approvetext." order by date DESC";
$result = $db->sql_query($sql);
$result1 = $result;
$numrow = $db->sql_numrows($result1);
if($numrow > '0') {
echo "<table border=\"0\" cellspacing=\"10\" cellpadding=\"0\" align=\"center\" width=\"80%\">";
while($row = $db->sql_fetchrow($result)) {
$lid = intval($row['lid']);
$uid = intval($row['uid']);
$auth_name = $row['uname'];
$testimonials = $row['testimonials'];
$date = $row['date'];
$approved = intval($row['approved']);
if($auth_name == 'Guest') {
echo "<tr bgcolor=\"$bgcolor4\"><td><font class=\"option\">$auth_name</font> "._POSTED.": $date</td></tr>";
} else {
echo "<tr bgcolor=\"$bgcolor4\"><td><font class=\"option\"><a href=\"modules.php?name=Your_Account&op=userinfo&username=$auth_name\">$auth_name</a></font> "._POSTED.": $date</td></tr>";
}
echo "<tr><td><p>$testimonials</p>";
if(is_admin($admin)) {
echo "<p align=\"right\"><a href=\"modules.php?name=$module_name&s_op=deletepost&lid=$lid\">"._DELETE."</a>";
if ($approved == '0') echo " | <a href=\"modules.php?name=$module_name&s_op=approvepost&lid=$lid\">"._APPROVETESTIMONIAL."</a> ";
echo "</p>";
}
echo "</td></tr>";
}
echo "</table>";
} else echo "<center><font class=\"option\">"._NOCOMMENTS."</font></center>";
CloseTable();
include("footer.php");
}
function submitpost($uid, $auth_name, $testimonial) {
global $db, $module_name, $admin;
$uid = intval($uid);
if(isset($auth_name)) {
$auth_name = stripslashes(FixQuotes($auth_name));
} else {
$auth_name = "Guest";
}
$testimonial = stripslashes(FixQuotes($testimonial));
$testimonial = nl2br($testimonial);
// Added to keep html out of the testimonials
$testimonial = check_html($testimonial, 'nohtml');
if (is_admin($admin)) $approve=1; else $approve=0;
$db->sql_query("insert into testimonials ( `lid` , `uid` , `uname` , `testimonials` , `date` , `approved` ) values(NULL, '$uid', '$auth_name', '$testimonial', now(), '$approve')");
index(_TESTIMONIALRECEIVED);
}
function deletepost($lid) {
global $db, $module_name, $admin;
$lid = intval($lid);
if(is_admin($admin)) {
$db->sql_query("delete from testimonials where lid='$lid'");
index(_TESTIMONIALDELETED);
} else die ("You can't access this file directly...");
}
function approvepost($lid) {
global $db, $module_name, $admin;
$lid = intval($lid);
if(is_admin($admin)) {
$db->sql_query("update testimonials set approved='1' where lid='$lid'");
index(_TESTIMONIALAPPROVED);
} else die ("You can't access this file directly...");
}
switch($s_op) {
case "submitpost":
submitpost($uid, $auth_name, $testimonial);
break;
case "approvepost":
approvepost($lid);
break;
case "deletepost":
deletepost($lid);
break;
default:
index();
break;
}
?>
|
To get the sql file to import, you just need to change TYPE=MyISAM; to ENGINE=MyISAM;
The old module does not filter out links or html, I added the check_html function to strip it out. |
|
|
|
|
|
|
dakat
|
| Posted:
Thu Jun 11, 2015 5:13 pm |
|
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Mon Jun 22, 2015 8:27 am |
|
Wow, that old code is scary stuff! |
|
|
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
