If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Security Assessment  XML
Forum Index » Advanced Guestbook Forum
Author Message
realrobley
Beginner

Joined: 13/04/2005 13:56:12
Messages: 13
Offline

Greetings,

After purchasing my poll here I was very happy, I came back for the guestbook I have been reading and see all kinds of tips and patches so forth.

Can someone please Clarify what steps I should take to make them as secure as possible. I read the stickys but it looks asthough it refers to earlier versions of the php guestbook. I am running v2.3.2.

Is it safe to AGCodes , I am aware of the issues with html, but are there the same probems with AGCodes?

Also I would like to embed the guestbook in my php template to keep the same theme, I seen another ask and was refered to the sticky, but I seen little how I can do this. ill look again maybe I over looked it.


Best Regards;
Robert
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

The only issue with using AGcodes is spammers using it to post hyperlinks.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
realrobley
Beginner

Joined: 13/04/2005 13:56:12
Messages: 13
Offline

I was hoping you would reply, so I can be certin about that.

Any idea how I can get a breakdown on embedding the gbook within a existing page or seperate template?

unless I keep overlooking it in the sticky what im looking for isnt there. I tried a few variations of include but since the gbook code is not in a relative directory its not working or is crippled.

Could you give me a breakdown how i might implement this?

example:

I have a page template called gbook.php in /public_html but the guesbook is installed to /members/scr/gbook/

So of I pull up gbook.php (which is nothing but a template to match my site theme) then I can sign/maintain the guesbook without ever having to navagate to the /gbook directory

Anyways thanks Carbonize, ill check out your site too, but if u can put somethng together or point me to a topic that would be great..

Thanks
Robert
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

The best way of integrating the guestbook into your site is to edit the template files header.php and footer.php. I have discussed this elsewhere in the forum and I'm pretty sure there is a link to the relevant thread somewhere in the sticky. Basically you copy all the HTML that wil appear before the guestbook into header.php, remembering to keep the CSS and Javascript. Then all the HTML that will appear after the guestbook goes in the footer.php file.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
realrobley
Beginner

Joined: 13/04/2005 13:56:12
Messages: 13
Offline

well I used the include method and renamed the files so that my my index calls the real index thats been renamed.

It works perfect! except for the admin panel. Since the admin.php has includes that refer to the lib folder its giving me header errors.


Any ideas? how to fix it??

heres what I did:

(admin.php)



When I click the admin panel it comes up fine, I can log in, and it shows all the admin stuff, I can even make admin changes, so it must be a easy fix? Im drawing a blank for ideas


this should work, its because the admin2.php is calling class resources from the /lib directory and for some reason this happens when you include and that file jumps from the relative directory

someone save me plz, I guess I can just keep the admin file alone, as it dont really need a template since im the only one using it, but it works, just I think theres a work-around for this , anyone know it?

Thanks in advance;

Robert
amber222
Graduate

Joined: 07/05/2004 21:13:07
Messages: 586
Offline

"Warning: Cannot modify header information - headers already sent by...":
http://proxy2.de/forum/viewtopic.php?t=3200&highlight=cannot+modify+headers
http://proxy2.de/forum/viewtopic.php?t=3093&highlight=cannot+modify+header

As mentioned in the above posts, some text editors place blank lines at the end of a file after you edited it. You need to make sure there are no blank lines after the <? at the end of the file. Check the admin.php file for whitespace at the end, and remove it.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

You needn't use an include with the admin.php file because when all is said and done it's not something the public is meant to be looking at so having it fit into the site is not that important

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
realrobley
Beginner

Joined: 13/04/2005 13:56:12
Messages: 13
Offline

hello amber goodo to hear from you again

yes I am aware of the whitespace rule. I checked it 3 times because thats exactly as its acting. I kinda knew I dont need the admin.php in the public page, just I figured i would go all the way since I was in deep.

Also Carbobize can I upgrade to Lazarus Guestbook or should I just do a clean install? Its no big deal installing is no problem for me, and from what amber222 (name withheld) said its a better version, no offence to proxy, just you work with it everyday.

Anyways thanks both of you for your help, and to think I have level 2 php3 course 80% done and im asking about handlling errors

Well thanks again
Best regards;
Robert
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

You are welcome to test Lazarus for me, just email me and I will reply with a copy. Remember it is still beta so may contain a few bugs.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum