Forums

Unfortunately no one can be told what FluxBB is - you have to see it for yourself.

You are not logged in.

#1 2010-10-31 18:19:37

kromonos
Member
From: Trier
Registered: 2010-06-12
Posts: 41
Website

Simple mark as solved

#
#---------[ 1. OPEN ]-------------------------------------------------------
#

viewtopic.php

#
#---------[ 2. FIND (line 75) ]----------------------------------------------------------
#
// If action=last, we redirect to the last post
else if ($action == 'last')
{
    $result = $db->query('SELECT MAX(id) FROM '.$db->prefix.'posts WHERE topic_id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
    $last_post_id = $db->result($result);

    if ($last_post_id)
    {
        header('Location: viewtopic.php?pid='.$last_post_id.'#p'.$last_post_id);
        exit;
    }
}

#
#---------[ 3. AFTER, ADD ]-------------------------------------------------------
#
else if ($action == 'solved') {
    //$db->query('UPDATE '.$db->prefix.'topics SET closed = 1, subject = \''.$lang_common['Solved'].' '.$db->escape($_GET['subject']).'\' WHERE id = '.$db->escape($_GET['id'])); // Use this, to close topic with solving
    $db->query('UPDATE '.$db->prefix.'topics SET subject = \''.$lang_common['Solved'].' '.$db->escape($_GET['subject']).'\' WHERE id = '.$db->escape($_GET['id'])); // Just mark solved
    header('Location: viewtopic.php?id='.$_GET['id']);
}


#
#---------[ 2. FIND (line 133) ]----------------------------------------------------------
#
// Fetch some info about the topic
if (!$pun_user['is_guest'])
    $result = $db->query('SELECT t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, s.user_id AS is_subscribed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'subscriptions AS s ON (t.id=s.topic_id AND s.user_id='.$pun_user['id'].') LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
else
    $result = $db->query('SELECT t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());

#
#---------[ 3. REPLACE WITH ]----------------------------------------------------------
#
// Fetch some info about the topic
if (!$pun_user['is_guest'])
    $result = $db->query('SELECT t.id AS topic_id, t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, s.user_id AS is_subscribed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'subscriptions AS s ON (t.id=s.topic_id AND s.user_id='.$pun_user['id'].') LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
else
    $result = $db->query('SELECT t.id AS topic_id, t.subject, t.closed, t.num_replies, t.sticky, t.first_post_id, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());


#
#---------[ 4. FIND (line 310) ]----------------------------------------------------------
#
                if ($pun_user['g_edit_posts'] == '1')
                    $post_actions[] = '<li class="postedit"><span><a href="edit.php?id='.$cur_post['id'].'">'.$lang_topic['Edit'].'</a></span></li>';

#
#---------[ 5. AFTER, ADD ]-------------------------------------------------------
#
                if (strpos($cur_topic['subject'], $lang_common['Solved']) === FALSE AND $post_count === 1)
                    $post_actions[] = '<li class="mark_solved"><span><a href="'.$_SERVER['PHP_SELF'].'?id='.$cur_topic['topic_id'].'&action=solved&subject='.$cur_topic['subject'].'">'.$lang_common['Solved link'].'</a></span></li>';

#
#---------[ 6. FIND (line 326) ]----------------------------------------------------------
#
        $post_actions[] = '<li class="postquote"><span><a href="post.php?tid='.$id.'&amp;qid='.$cur_post['id'].'">'.$lang_topic['Quote'].'</a></span></li>';

#
#---------[ 7. AFTER, ADD ]-------------------------------------------------------
#
        if (strpos($cur_topic['subject'], $lang_common['Solved']) === FALSE AND $post_count === 1)
            $post_actions[] = '<li class="mark_solved"><span><a href="'.$_SERVER['PHP_SELF'].'?id='.$cur_topic['topic_id'].'&action=solved&subject='.$cur_topic['subject'].'">'.$lang_common['Solved link'].'</a></span></li>';

#
#---------[ 8. OPEN ]-------------------------------------------------------
#

lang/English/common.php

#
#---------[ 9. FIND (line 75) ]----------------------------------------------------------
#
);

#
#---------[ 10. BEFORE, ADD ]-------------------------------------------------------
#
,'Solved'           => '[SOLVED]'
,'Solved link'      => 'Mark as solved'

#
#---------[ 11. SAVE/UPLOAD ]-------------------------------------------------
#

Just user, who had posted topic and admin/mods could mark a topic as solved.
It's also just visible on first post of topic.

Have fun ^^

Last edited by kromonos (2010-10-31 19:31:18)


uhuC - German IT Board ... FluxBB Powered smile

Offline

#2 2010-10-31 18:38:41

Franz
Lead developer
From: Germany
Registered: 2008-05-13
Posts: 5,857
Website

Re: Simple mark as solved

Is it just me or is this code very prone to SQL injection? You need to escape user-contributed values (like those from $_GET) before using them in a query.


fluxbb.de | develoPHP

"As code is more often read than written it's really important to write clean code."

Offline

#3 2010-10-31 18:41:00

kromonos
Member
From: Trier
Registered: 2010-06-12
Posts: 41
Website

Re: Simple mark as solved

You mean:

$db->query('UPDATE '.$db->prefix.'topics SET subject = \''.$db->escape($lang_common['Solved']).' '.$_GET['subject'].'\' WHERE id = '.$_GET['id']);

instead of:

$db->query('UPDATE '.$db->prefix.'topics SET subject = \''.$lang_common['Solved'].' '.$_GET['subject'].'\' WHERE id = '.$_GET['id']);

??

Last edited by kromonos (2010-10-31 18:43:36)


uhuC - German IT Board ... FluxBB Powered smile

Offline

#4 2010-10-31 18:45:42

FSX
Former Developer
From: NL
Registered: 2008-05-09
Posts: 818
Website

Re: Simple mark as solved

No, you need to escape the $_GET variables.

Offline

#5 2010-10-31 18:48:35

kromonos
Member
From: Trier
Registered: 2010-06-12
Posts: 41
Website

Re: Simple mark as solved

*arghs* .. ok .. seems so, I've coded to much last days big_smile without a lot of sleep and coffee -.-

Last edited by kromonos (2010-10-31 19:12:31)


uhuC - German IT Board ... FluxBB Powered smile

Offline

#6 2011-05-28 21:18:21

M1
Member
Registered: 2011-04-30
Posts: 13

Re: Simple mark as solved

So, is this code still prone to sql injection or not?

Offline

#7 2011-05-29 00:15:16

Officier Hasselhoff
Member
From: Liège, Belgique
Registered: 2011-04-28
Posts: 5

Re: Simple mark as solved

M1 wrote:

So, is this code still prone to sql injection or not?

Go to the second replies :

Franz wrote:

Is it just me or is this code very prone to SQL injection?

(Sorry for my bad English wink)

Offline

#8 2011-05-29 03:54:01

Smartys
Former Developer
Registered: 2008-04-27
Posts: 3,139
Website

Re: Simple mark as solved

Officier Hasselhoff wrote:
M1 wrote:

So, is this code still prone to sql injection or not?

Go to the second replies :

Franz wrote:

Is it just me or is this code very prone to SQL injection?

(Sorry for my bad English wink)

That doesn't answer the question.

Yes, the code is still seriously vulnerable to SQL injection.

Offline

#9 2011-05-29 18:53:45

adaur
Developer
From: France
Registered: 2010-01-07
Posts: 713
Website

Re: Simple mark as solved

See https://fluxbb.org/forums/viewtopic.php … 339#p41339

Last edited by adaur (2011-05-31 16:26:12)


Please excuse my bad english, I'm french tongue.

Offline

#10 2011-05-30 20:14:23

M1
Member
Registered: 2011-04-30
Posts: 13

Re: Simple mark as solved

I saw the post with the code has been edited, so I wondered if it was corrected or not. It seems it was still unsecured. Thank you for that adaur. Merci beaucoup smile

Offline

#11 2011-05-31 09:35:14

adaur
Developer
From: France
Registered: 2010-01-07
Posts: 713
Website

Re: Simple mark as solved

It seems everybody can set the topic solved, I'll fix this asap.

Sois patient tongue.


Please excuse my bad english, I'm french tongue.

Offline

#12 2011-05-31 10:17:35

cyberman
Member
From: Germany
Registered: 2010-01-11
Posts: 236
Website

Re: Simple mark as solved

Can't wait for it - have searched such a solution since some times.

Offline

#13 2011-05-31 16:25:32

adaur
Developer
From: France
Registered: 2010-01-07
Posts: 713
Website

Re: Simple mark as solved

This should be much better. Maybe I should release it....

#
#---------[ 1. OPEN ]-------------------------------------------------------
#

viewtopic.php

#
#---------[ 2. FIND (line 75) ]----------------------------------------------------------
#
// If action=last, we redirect to the last post
else if ($action == 'last')
{
    $result = $db->query('SELECT MAX(id) FROM '.$db->prefix.'posts WHERE topic_id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
    $last_post_id = $db->result($result);

    if ($last_post_id)
    {
        header('Location: viewtopic.php?pid='.$last_post_id.'#p'.$last_post_id);
        exit;
    }
}

#
#---------[ 3. AFTER, ADD ]-------------------------------------------------------
#

// If action=solved, we mark the topic as solved
else if ($action == 'solved')
{
    $result = $db->query('SELECT poster_id FROM '.$db->prefix.'posts WHERE topic_id='.$id, true) or error('Unable to get poster', __FILE__, __LINE__, $db->error());
    $poster_id = $db->result($result);
    
    if (!$pun_user['is_admmod'] && $poster_id != $pun_user['id'])
        message($lang_common['No permission']);
    
    $result2 = $db->query('SELECT subject FROM '.$db->prefix.'topics WHERE id='.$id) or error('Unable to get subject', __FILE__, __LINE__, $db->error());
    $subject = $db->result($result2);
    /*
     Comment this out and delete the next query to close topic with solving
     $db->query('UPDATE '.$db->prefix.'topics SET closed=1, subject=\''.$db->escape($lang_topic['Solved']).' '.$db->escape($subject).'\' WHERE id='.$id);
    */
    $db->query('UPDATE '.$db->prefix.'topics SET subject=\''.$db->escape($lang_topic['Solved']).' '.$db->escape($subject).'\' WHERE id='.$id);
    redirect('viewtopic.php?id='.$id, $lang_topic['Solved redirect']);
}


#
#---------[ 4. FIND (line 310) ]----------------------------------------------------------
#
                if ($pun_user['g_edit_posts'] == '1')
                    $post_actions[] = '<li class="postedit"><span><a href="edit.php?id='.$cur_post['id'].'">'.$lang_topic['Edit'].'</a></span></li>';

#
#---------[ 5. AFTER, ADD ]-------------------------------------------------------
#
                if (strpos($cur_topic['subject'], $lang_topic['Solved']) === FALSE && ($start_from + $post_count) == 1)
                    $post_actions[] = '<li class="postsolved"><span><a href="viewtopic.php?id='.$id.'&amp;action=solved">'.$lang_topic['Solved link'].'</a></span></li>';

#
#---------[ 6. FIND (line 326) ]----------------------------------------------------------
#
        $post_actions[] = '<li class="postedit"><span><a href="edit.php?id='.$cur_post['id'].'">'.$lang_topic['Edit'].'</a></span></li>';
        $post_actions[] = '<li class="postquote"><span><a href="post.php?tid='.$id.'&amp;qid='.$cur_post['id'].'">'.$lang_topic['Quote'].'</a></span></li>';

#
#---------[ 7. REPLACE WITH ]-------------------------------------------------------
#

        $post_actions[] = '<li class="postedit"><span><a href="edit.php?id='.$cur_post['id'].'">'.$lang_topic['Edit'].'</a></span></li>';
        if (strpos($cur_topic['subject'], $lang_topic['Solved']) === FALSE && ($start_from + $post_count) == 1)
            $post_actions[] = '<li class="postsolved"><span><a href="viewtopic.php?id='.$id.'&amp;action=solved">'.$lang_topic['Solved link'].'</a></span></li>';
        $post_actions[] = '<li class="postquote"><span><a href="post.php?tid='.$id.'&amp;qid='.$cur_post['id'].'">'.$lang_topic['Quote'].'</a></span></li>';

#
#---------[ 8. OPEN ]-------------------------------------------------------
#

lang/English/topic.php

#
#---------[ 9. FIND (line 75) ]----------------------------------------------------------
#

'Preview'            =>    'Preview'

#
#---------[ 10. REPLACE WITH ]-------------------------------------------------------
#

'Preview'            =>    'Preview',

// Mark as solved stuff
'Solved'           => '[SOLVED]',
'Solved link'      => 'Solved',
'Solved redirect'  => 'Topic marked as solved. Redirecting …',

#
#---------[ 11. SAVE/UPLOAD ]-------------------------------------------------
#

Last edited by adaur (2011-05-31 16:27:57)


Please excuse my bad english, I'm french tongue.

Offline

#14 2011-06-01 09:48:04

cyberman
Member
From: Germany
Registered: 2010-01-11
Posts: 236
Website

Re: Simple mark as solved

Works great - thx!

Offline

#15 2012-10-08 21:39:50

hydn
Member
Registered: 2012-10-06
Posts: 22

Re: Simple mark as solved

So post # 13 is safe? If the first code is high risk maybe remove it from forums to avoid users from using it.

Offline

#16 2012-10-09 16:41:57

adaur
Developer
From: France
Registered: 2010-01-07
Posts: 713
Website

Re: Simple mark as solved

@hydn: yep, don't use first code. I agree with you.

Last edited by adaur (2012-10-09 16:47:26)


Please excuse my bad english, I'm french tongue.

Offline

Board footer

Powered by FluxBB 1.5.7