Tim Wheatley
01-23-2002, 07:43 PM
Unfortunately I don't know which hack has caused this, because I forgot to check (doh!) before adding a few more hacks.. (doh!)
When someone tries to post a poll they get in return:
n(); } // check max images if ($maximages!=0) { $counter=0; while ($counter++<$polloptions){ // 0..Pollnum-1 we want, as arrays start with 0 $maximgtest.=$options[$counter]; } $parsedmessage=bbcodeparse($maximgtest.$question,$ forumid,$allowsmilie); if (countchar($parsedmessage,"$maximages) { eval("standarderror(\"".gettemplate("error_toomanyimages")."\");"); exit; } } $question=censortext($question); $counter=0; while ($counter++<$polloptions){ // 0..Pollnum-1 we want, as arrays start with 0 $options[$counter]=censortext($options[$counter]); } $optionsstring = ""; //lets create the option/votenumber string $votesstring=""; $counter=0; while ($counter++<$polloptions) { if (trim($options[$counter])<>""){ $options[$counter]=str_replace("|||"," || | ",$options[$counter]); $optionsstring .= "|||".$options[$counter]; //||| is delimter, 0 means no votes (as new poll) $votesstring .= "|||0"; } } if (substr($optionsstring,0,3)=="|||") { $optionsstring=substr($optionsstring,3); } if (substr($votesstring,0,3)=="|||") { $votesstring=substr($votesstring,3); } $DB_site->query("INSERT INTO poll (pollid,question,dateline,options,votes,active,num beroptions,timeout,multiple) VALUES (NULL,'".addslashes($question)."','".time()."','".addslashes($optionsstring)."', '".addslashes($votesstring)."',1,$optioncount,'".addslashes($timeout)."','$multi ple')"); $pollid=$DB_site->insert_id(); //end create new poll // update thread $DB_site->query("UPDATE user SET lastpost=".time()." WHERE userid=$bbuserinfo[userid]"); $DB_site->query("UPDATE thread SET
When someone tries to post a poll they get in return:
n(); } // check max images if ($maximages!=0) { $counter=0; while ($counter++<$polloptions){ // 0..Pollnum-1 we want, as arrays start with 0 $maximgtest.=$options[$counter]; } $parsedmessage=bbcodeparse($maximgtest.$question,$ forumid,$allowsmilie); if (countchar($parsedmessage,"$maximages) { eval("standarderror(\"".gettemplate("error_toomanyimages")."\");"); exit; } } $question=censortext($question); $counter=0; while ($counter++<$polloptions){ // 0..Pollnum-1 we want, as arrays start with 0 $options[$counter]=censortext($options[$counter]); } $optionsstring = ""; //lets create the option/votenumber string $votesstring=""; $counter=0; while ($counter++<$polloptions) { if (trim($options[$counter])<>""){ $options[$counter]=str_replace("|||"," || | ",$options[$counter]); $optionsstring .= "|||".$options[$counter]; //||| is delimter, 0 means no votes (as new poll) $votesstring .= "|||0"; } } if (substr($optionsstring,0,3)=="|||") { $optionsstring=substr($optionsstring,3); } if (substr($votesstring,0,3)=="|||") { $votesstring=substr($votesstring,3); } $DB_site->query("INSERT INTO poll (pollid,question,dateline,options,votes,active,num beroptions,timeout,multiple) VALUES (NULL,'".addslashes($question)."','".time()."','".addslashes($optionsstring)."', '".addslashes($votesstring)."',1,$optioncount,'".addslashes($timeout)."','$multi ple')"); $pollid=$DB_site->insert_id(); //end create new poll // update thread $DB_site->query("UPDATE user SET lastpost=".time()." WHERE userid=$bbuserinfo[userid]"); $DB_site->query("UPDATE thread SET