vb.org Archive - Automatic "Send Email" redirect

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)

- - Automatic "Send Email" redirect (https://vborg.vbsupport.ru/showthread.php?t=78550)

Is that all? You seem to have cut the error message in half.

Well you must understand that I can't diagnose a problem when you obviously cut out of the message exactly WHAT the error is, and WHERE it is.
It's 100 % impossible that that is a verbatim copy of the error, because vB doesn't output mySQL errors without the MySQL error code and message.

Code:

Database error in vBulletin 3.0.7:



Invalid SQL: 

                                INSERT INTO `mailtemp` 

                                        (`test`, `serializeduser`, `from`, `subject`, `message`)

                                VALUES

                                        ('0',

                                        'a:26:{s:8:"username";s:0:"";s:11:"usergroupid";a:8:{i:0;s:2:"87";i:1;s:2:"89";i:2;s:1:"6";i:3;s:2:"61";i:4;s:1:"5";i:5;s:2:"80";i:6;s:1:"2";i:7;s:2:"91";}s:10:"adminemail";s:1:"0";s:5:"email";s:0:"";s:11:"parentemail";s:0:"";s:9:"coppauser";s:2:"-1";s:8:"homepage";s:0:"";s:3:"icq";s:0:"";s:3:"aim";s:0:"";s:5:"yahoo";s:0:"";s:3:"msn";s:0:"";s:9:"signature";s:0:"";s:9:"usertitle";s:0:"";s:13:"joindateafter";s:0:"";s:14:"joindatebefore";s:0:"";s:17:"lastactivityafter";s:0:"";s:18:"lastactivitybefore";s:0:"";s:13:"lastpostafter";s:0:"";s:14:"lastpostbefore";s:0:"";s:13:"birthdayafter";s:0:"";s:14:"birthdaybefore";s:0:"";s:10:"postslower";s:0:"";s:10:"postsupper";s:0:"";s:15:"reputationlower";s:0:"";s:15:"reputationupper";s:0:"";s:9:"ipaddress";s:0:"";}',

                                        'raptor@digital-forums.com',

                                        '80 FREE 8X DVD-R @ WWW.NEODISCS.COM !',

                                        'As a Digital-Forums member you are entitled to 80 FREE 8X DVD-R when you spend ?50 or more at www.neodiscs.com



Go get 'em !')

                        

mysql error: You have an error in your SQL syntax.  Check the manual that corresponds to your MySQL server version for the right syntax to use near 'em !')' at line 8



mysql error number: 1064



Date: Sunday 27th of March 2005 03:35:06 AM

Script: http://www.digital-forums.com/admincp/email.php

Referer: http://www.digital-forums.com/adminc...l.php?do=start

Username: Raptor

IP Address: xx.xx.xx.xx

Yep see now I can determine the error... try replacing one of the edits with this:

PHP Code:


		
			
        if (!$_GET['isredirect'])

        {

            $DB_site->query("

                INSERT INTO `" . TABLE_PREFIX . "mailtemp` 

                    (`test`, `serializeduser`, `from`, `subject`, `message`)

                VALUES

                    ('" . intval($_POST['test']) . "',

                    '" . serialize($_POST['user']) . "',

                    '" . mysql_real_escape_string($_POST['from']) . "',

                    '" . mysql_real_escape_string($_POST['subject']) . "',

                    '" . mysql_real_escape_string($_POST['message']) . "')

            ");

        }

Might also want to take this bit and replacing into the first edit:

PHP Code:


		
			
        $message = stripslashes($mailtemp['message']);

        $subject = stripslashes($mailtemp['subject']);

WooooW very nice Hack i have other board use IPB and they have Something like this hack ..

Thankyou For Released this great hack going to Install it :)

In your email.php, find:

PHP Code:


		
			
                    '" . mysql_real_escape_string($_POST['from']) . "',
                    '" . mysql_real_escape_string($_POST['subject']) . "',
                    '" . mysql_real_escape_string($_POST['message']) . "')

And replace with:

PHP Code:


		
			
                    '" . addslashes(mysql_real_escape_string($_POST['from'])) . "',
                    '" . addslashes(mysql_real_escape_string($_POST['subject'])) . "',
                    '" . addslashes(mysql_real_escape_string($_POST['message'])) . "')

Not tested.

Btw, mysql_real_escape_string is a function more powerful than addslashes, but it does the same. Do not perform the above edit. Double escaping should be avoided, afaik :P

Actually you are right, must still have been sleeping. Double quoting should not be done.

Hmm strange that he stil got that error then.

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (4)bbcode_php_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01175 seconds Memory Usage 1,756KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (4)bbcode_php_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: