News - Features - Downloads - Forum - Team - Support - Switch View: Screen
Login - Registrierung - Passwort vergessen

Antworten: 68
Seite < 1 2 [3] 4 >
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 41 - 14.01.2014 um 20:37 Uhr
http://csphere.eu/index/users/view/id/9611

his email is publicly visible, contacted him there?


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 42 - 14.01.2014 um 20:40 Uhr
The only reason you should get "no data" is that the ID parameter is missing from the form.

Could you also show the "<form method="post" id="cupsseed" action="...">" part in the code?

Btw: your image shows cup id #4, and the code is cup id #5...


Zuletzt editiert von Mindcrime am 14.01.2014 um 20:42 Uhr (1x Editiert)
Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 43 - 14.01.2014 um 20:47 Uhr
 
1.
2.
1. / 2. / ... 
 <form method="post" id="cupsseed" action="/index.php?mod=cups&action=seed">
<
div style="display:none;"><input type="hidden" name="cs_xsrf_key" value="e23fced7a1391274f2329399308c4ce5" /></div>


So how do I fix this #4 and #5 thingy?


Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 44 - 14.01.2014 um 21:01 Uhr
which cup number are you trying to seed?


Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 45 - 14.01.2014 um 21:03 Uhr
I am trying to seed cup 5


Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 46 - 14.01.2014 um 21:26 Uhr
It might be that xsrf protection from ClanSphere itself that is causing the problem...

Could you try the following:
Edit the file system/core/functions.php
on line 210 change
$cs_main['xsrf_protection'] = true;

to
$cs_main['xsrf_protection'] = false;


Could you then test if you can seed now?



Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 47 - 14.01.2014 um 21:30 Uhr
Still the same error message :( I wonder what the problem can be, this is annoying lol


Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 48 - 14.01.2014 um 21:31 Uhr
If you look in the source, is that the only <form> in the code?


Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 49 - 14.01.2014 um 21:39 Uhr
I put it here (Pastebin)

http://pastebin.com/N2t9MHmr


Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 50 - 14.01.2014 um 21:50 Uhr
Thanks for that, but I meant, are there also other <form>..</form> form in the complete source of the page?

could you also add in mods/cups/seed.php BEFORE
$cups_id = isset($_GET['id']) ? (int) $_GET['id'] : (isset($_POST['id']) ? (int) $_POST['id'] : 0);

the following code
echo "GET=[".$_GET['id']."] POST=[".$_POST['id']."]";


Then try to seed. What does it should just before "no data"?


Zuletzt editiert von Mindcrime am 14.01.2014 um 21:55 Uhr (2x Editiert)
Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 51 - 14.01.2014 um 21:55 Uhr
wouldn't it be easier if you communicate directly?


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 52 - 14.01.2014 um 21:57 Uhr
Skype, IRC, Steam chat?


Inaktiv
|
Jam2 ClanSphere Team


Highlander





Beiträge: 3291
# Antwort: 53 - 14.01.2014 um 22:06 Uhr
hi,
quick fix

 
1.
1. / 2. / ... 
 $cups_id = isset($_GET['id']) ? (int) $_GET['id'] : (isset($_POST['id']) ? (int) $_POST['id'] : 0);


to
 
1.
1. / 2. / ... 
 $cups_id = !empty($_GET['id']) ? (int) $_GET['id'] : (!empty($_POST['id']) ? (int) $_POST['id'] : 0);



@mindcrime...
var_dump(isset($_GET['id'])) :
bool(true)
but the url is: http://localhost/csp_cup/index.php?mod=users&action=login
and var_dump($_GET['id']):
int(0)




------------------
Gruß/ Best regards
Jam2

Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes)
Template Switch for index.php
Board Navlist last posts

Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota.....
Edi: hö ?
Jam2: nichts ist unmöglich!


Zuletzt editiert von Jam2 ClanSphere Team am 14.01.2014 um 22:14 Uhr (4x Editiert)
Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 54 - 14.01.2014 um 22:11 Uhr
@Jam2
Why should $_GET['id'] be set? I don't have any problems here...

If it is, then ClanSphere is messing up, because $_GET['id'] should not be set at all!



Zuletzt editiert von Mindcrime am 14.01.2014 um 22:13 Uhr (2x Editiert)
Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 55 - 14.01.2014 um 22:12 Uhr
Ok I did that you said Mindcrime and it says this:

GET=[0] POST=[5]
Cups - Seed
Back
No data found.

Now let me try your way Jam2


Zuletzt editiert von bpnza101 am 14.01.2014 um 22:13 Uhr (1x Editiert)
Inaktiv
|
Jam2 ClanSphere Team


Highlander





Beiträge: 3291
# Antwort: 56 - 14.01.2014 um 22:13 Uhr
@mindcrime:
system/core/servervars.php
line 63
 
1.
1. / 2. / ... 
 settype($_GET['id'],'integer');




-
And seeding is first called via GET, then by POST method, so your code won't work...

yeah - saw it already and edited my comment


edit:

Now let me try your way Jam2

please take care that you try my newest edit. got a few mistakes before... it's late


------------------
Gruß/ Best regards
Jam2

Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes)
Template Switch for index.php
Board Navlist last posts

Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota.....
Edi: hö ?
Jam2: nichts ist unmöglich!


Zuletzt editiert von Jam2 ClanSphere Team am 14.01.2014 um 22:14 Uhr (1x Editiert)
Inaktiv
|
Mindcrime


Geekboy





Beiträge: 1155
# Antwort: 57 - 14.01.2014 um 22:15 Uhr
Ok, ClanSphere fucked it up. I changed that completely wrong code in system/core/servervars.php YEARS (somewhere before 2010-12-16) ago...

IT SHOULD READ:

if (isset($_GET['id'])) settype($_GET['id'],'integer');



Zuletzt editiert von Mindcrime am 14.01.2014 um 22:18 Uhr (1x Editiert)
Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 58 - 14.01.2014 um 22:19 Uhr
well there is no pull request on github and i don't remember a trac ticket for it, but you are right that such commands should not be contained. it was a workaround against SQL injection for very old modules that are still running on some clansphere websites.


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
bpnza101
Thread-Ersteller


Wannabe poster




Beiträge: 27
# Antwort: 59 - 14.01.2014 um 22:26 Uhr
Aaaand we're back online ! working 100%

Thanks for all the help guys. You may close this thread if you don't want to get any more grey hairs

Much <3
God bless


Inaktiv
|
hajo ClanSphere Team


VIP - Poster




Herkunft: Barsbüttel
Beiträge: 9411
# Antwort: 60 - 14.01.2014 um 22:30 Uhr
yep, thanks to mindcrime for that support of a module he's not even developing or using anymore


------------------
ClanSphere - professional clan care starts here

Inaktiv
|
Antworten: 68
Seite < 1 2 [3] 4 >


Sie müssen sich registrieren, um zu antworten.


ClanSphere Project - Mailus - Imprint - Disclaimer - Scriptinfo