Thread: Statistics Modifications - [AJAX]ChangUonDyU - Advanced Statistics
View Single Post
  #19  
Old 09-23-2008, 03:45 AM
z3rol0ve z3rol0ve is offline
 
Join Date: Dec 2007
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I got a problem that if the nickname has ' sign or \ sign post the new post, the statistic won't work. I used firebug, a addon of firefox and found out the code went wrong at
PHP Code:
Invalid SQL:

SELECT userid,usergroupid,displaygroupid FROM user WHERE username 'p3'hi3u'' LIMIT 1;

MySQL Error   You have an error in your SQL syntaxcheck the manual that corresponds to your MySQL

 server version for the right syntax to use near 'hi3u'' LIMIT 1' at line 1 
so I try to fix it.

Go to plugin Chang - Advanced Top - Get Data
find
PHP Code:
$qinfo $db->query_first("SELECT userid,usergroupid,displaygroupid FROM "TABLE_PREFIX ."user WHERE username = '$clastposter' LIMIT 1"); 
replace by
PHP Code:
$qinfo $db->query_first("SELECT userid,usergroupid,displaygroupid FROM "TABLE_PREFIX ."user WHERE username = '".addslashes($clastposter)."' LIMIT 1"); 
find
PHP Code:
$clastposter htmlspecialchars($clastposter); 
replace by
PHP Code:
// $clastposter = htmlspecialchars($clastposter); 
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01229 seconds
  • Memory Usage 1,778KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_php
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete