FAQ :: Mitgliederliste :: MGi Team

Willkommen auf dem Portal für Mediengestalter

Zur Registrierung

Thema: Limbo CMS - Mein GB ist zugespammt vom 07.03.2007

	MGi Foren-Übersicht -> Allgemeines - Nonprint -> Limbo CMS - Mein GB ist zugespammt
	Seite: Zurück 1, 2

Autor

Nachricht

rob

Dabei seit: 11.12.2003
Ort: ~/
Alter: 46
Geschlecht: Männlich

Verfasst Mo 12.03.2007 23:45
Titel

Nein. Das ist ganz sicher nicht der Fehler.

Natürlich geht das. PHP ist eine serverseitige Sprache...
Genauso wie du mit PHP eine HTML-Seite oder eine Textdatei erzeugen kannst, kannst du mit PHP auch Bilder oder PDFs erzeugen.
Das Script muß dann nur die richtigen Header senden... Also halt nicht text/html, sondern z.B.:

Code:

<?php header( "Content-Type: image/png" ); ?>

damit der Browser dann weiß, was er mit den Daten anfangen soll.

Aber wie gesagt, mit PHP kannst du eine ganze Menge machen außer HTML-Seiten zu erzeugen: PDFs erzeugen, Flash-Filme erzeugen, Bilder erzeugen, u.v.m..

Zuletzt bearbeitet von rob am Mo 12.03.2007 23:46, insgesamt 1-mal bearbeitet

Smooth-Graphics

Dabei seit: 22.05.2006
Ort: -
Alter: -
Geschlecht: Männlich

Verfasst Mo 12.03.2007 23:56 Titel

ja ok. hatte das mit dem header content type nicht beachtet... sorry bin scho bissl ,üd heute..

Gina-X
Threadersteller

Dabei seit: 27.06.2003
Ort: Halle (Saale)
Alter: -
Geschlecht: Weiblich

Verfasst Di 13.03.2007 09:38
Titel

So, die Zip-Datei die ich runtergeladen habe nennt sich guestbookhack.
Darin befindet sich die dtaei guestbookhack.php:

1.guestbook.englisch.xml

und hier der code dazu:

Code:

<?php
defined( '_VALID_ANT' ) or die( 'Direct Access to this location is not allowed.' );

/*
Changelog:
==========
Added constant _GUESTBOOK_VALID_CODE - 01 June 2006

*/

global $classes_dir;

function bbcode($text)
{
GLOBAL $lm_website;
$text=str_replace(":D",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_biggrin.gif">',$text);
$text=str_replace(":)",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_smile.gif">',$text);
$text=str_replace(":(",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_sad.gif">',$text);
$text=str_replace(":oops:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_redface.gif">',$text);
$text=str_replace(":o",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_surprised.gif">',$text);
$text=str_replace(":shock:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_eek.gif">',$text);
$text=str_replace("8)",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_cool.gif">',$text);
$text=str_replace(":lol:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_lol.gif">',$text);
$text=str_replace(":x",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_mad.gif">',$text);
$text=str_replace(":P",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_razz.gif">',$text);
$text=str_replace(":cry:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_cry.gif">',$text);
$text=str_replace(":evil:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_evil.gif">',$text);
$text=str_replace(":twisted:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_twisted.gif">',$text);
$text=str_replace(":roll:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_rolleyes.gif">',$text);
$text=str_replace(":wink:",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_wink.gif">',$text);
$text=str_replace(":?",'<img src ="_SITE_REPcomponents/com_guestbook/images/icon_confused.gif">',$text);

//WORDS SANITATION
//add your words here
$text=eregi_replace("shit","[#$%@^]",$text);
$text=eregi_replace("piss","[#$%@^]",$text);
$text=eregi_replace("fuck","[#$%@^]",$text);
$text=eregi_replace("sucker","[#$%@^]",$text);
$text=eregi_replace("cunt","[#$%@^]",$text);
$text=eregi_replace("tits","[#$%@^]",$text);
$text=eregi_replace("sex","[#$%@^]",$text);
$text=eregi_replace("bull","[#$%@^]",$text);

return $text;
}

function viewbook()

{

global $conn,$Itemid,$lm_website,$params,$page;

$show = @$params->get('show_count',10) ;

$rs=$conn->Execute("SELECT id FROM #__guestbook");

$row_total=$rs->RecordCount();

if(!isset($page))$page=1;

?>

<table width="100%" border="0" cellpadding="0" cellspacing="0" class="contentpane">

<tr>

<td colspan="2" class="contentheading"><?=_GUESTBOOK_VIEW;?></td>

</tr>

<tr> <td height="30"><a href="index.php?option=guestbook&task=sign&Itemid=<?php echo $Itemid; ?>"><?=_GUESTBOOK_SIGN;?></a></td>

<td><div align="right"><?php echo page_nav("index.php?option=guestbook&Itemid=$Itemid",$row_total,$show,"",true); ?></div></td>

</tr>

<tr class="updown">

<td width="100%" height="20" colspan="2" class="small"><?php echo _GUESTBOOK_TOTAL_ENTRIES.$row_total; ?>     <?php echo _GUESTBOOK_VIEW.$show; ?></td>

</tr>

</table>

<table width="100%" border="0">

<tr>

<td class="sectiontableheader"><?=_CMN_NAME;?></td>

<td class="sectiontableheader"><?=_GUESTBOOK_COMMENTS;?></td>

</tr>

<?php

$limit=($page-1)*$show;

$num = $row_total-$limit ;

if($rs && $rs->RecordCount()>0)

{

$rsa1=$conn->SelectLimit("SELECT * FROM #__guestbook ORDER BY date DESC",$show,$limit);

$color=1;

foreach($rsa1 as $row)

{

$row['email']=str_replace(array(".","@"),array(" DOT "," AT "),$row['email']);

$color++;

?>

<tr class="sectiontableentry<?=($color%2)?'2':'1';?>">

<td width="26%" valign="top">

<table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="small"><?php echo $num; ?> : <?php echo $row['name']; ?></td>

</tr>

<tr>

<td><?php echo $row['country']; ?></td>

</tr>

<tr>

<td>  </td>

</tr>

</table>

</td>

<td width="74%" valign="top">

<table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="small"><?php echo _GUESTBOOK_POSTED_ON.date("j M Y",$row["date"])._GUESTBOOK_POSTED_AT.date("g:i:s A",$row["date"]); ?> <hr /></td>

</tr>

<tr>

<td> <b><?php echo $row['title']; ?></b> : <?php echo str_replace("_SITE_REP",$lm_website,$row['message']); ?></td>

</tr>

<?php if(strlen($row['reply'])!=0)

{ ?>

<tr><td>

<?='<b>'._GUESTBOOK_REPLY.'</b>:'.$row['reply'];?>

</td></tr>

<?php } ?>

<tr><td>

<?php

echo "<a href='mailto:".$row['email']."'>[ Email ]</a> ";

if(dbdecode($row["url"])!="http://")

{

echo "<a href='".$row['url']."' target='_blank'>[ Website ]</a>";

}

?>

<br />

</td>

</tr>

</table>

</td>

</tr>

<?php $num--;

} }?>

</table>

<?php

}

function post_entry()

{

global $Itemid,$lm_website;

?>

<table width="100%" border="0" cellspacing="0" cellpadding="0" class="contentpane">

<tr>

<td colspan="2"><table width="100%" border="0" cellpadding="0" cellspacing="0">

<tr>

<td width="100%" class="contentheading"><?=_GUESTBOOK_SIGN;?></td>

</tr>

<tr>

<td> </td>

</tr>

<tr>

<td>

<script language="JavaScript" type="text/JavaScript">

function check_comment()

{

var f= document.forms.comment_form;

if( ( f.gb_name.value=='') || ( f.gb_comment.value=='') )

{

alert ('<?=_GUESTBOOK_WARNING;?>');

}

else

{

f.submit();

}

}

function smile(type) {

var f=document.forms.message;

f.gb_message.value = f.gb_message.value + " " + type + " ";

f.gb_message.focus();

}

function check_gb_form(){

var f=document.forms.message;

{

if((f.gb_name.value=='')||(f.gb_email.value=='')||(f.gb_title.value=='')||(f.gb_message.value==''))

{

alert('<?=_GUESTBOOK_WARNING;?>');

return;

}

}

f.submit();

}

</script>

<?php

if (empty($_POST['code'])){

?>

<form name="message" method="post" action="index.php?option=guestbook&Itemid=<?php echo $Itemid; ?>" onSubmit="check_gb_form(); return false;">

<table width="98%" border="0" align="center" cellpadding="4" cellspacing="0">

<tr>

<td> <?=_CMN_NAME;?>*:</td>

<td> <input name="gb_name" type="text" id="gb_name" size="30" maxlength="20" class="inputbox" >

</td>

</tr>

<tr>

<td><?=_CMN_EMAIL;?>*:</td>

<td><input name="gb_email" type="text" id="gb_email" size="30" maxlength="50" class="inputbox"></td>

</tr>

<tr>

<td><?=_URL;?></td>

<td><input name="gb_url" type="text" class="inputbox" id="gb_url" value="http://"size="30" maxlength="100"></td>

</tr>

<tr>

<td><?=_GUESTBOOK_COUNTRY;?>:</td>

<td><input name="gb_country" type="text" id="gb_country" size="30" maxlength="20" class="inputbox"></td>

</tr>

<tr>

<td><?=_GUESTBOOK_TITLE;?>*:</td>

<td><input name="gb_title" type="text" id="gb_title" size="30" maxlength="50" class="inputbox"></td>

</tr>

<tr>

<td valign="top"><?=_GUESTBOOK_MESSAGE;?>*:  </td>

<td><textarea name="gb_message" cols="25" rows="5" id="gb_message" class="inputbox"></textarea></td>

</tr>

<tr>

<td valign="top"><input name="task" type="hidden" id="task" value="insert"></td>

<td><TABLE width=100 border=0 cellPadding=0 cellSpacing=5>

<TBODY>

<TR align=middle vAlign=center>

<TD><A href="javascript:smile(':D')"><IMG

alt="Very Happy" border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_biggrin.gif"

title="Very Happy"></A></TD>

<TD><A href="javascript:smile(':)')"><IMG alt=Smile

border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_smile.gif"

title=Smile></A></TD>

<TD><A href="javascript:smile(':(')"><IMG alt=Sad

border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_sad.gif"

title=Sad></A></TD>

<TD><A href="javascript:smile(':o')"><IMG

alt=Surprised border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_surprised.gif"

title=Surprised></A></TD>

<TD><a href="javascript:smile(':x')"><img alt=Mad

border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_mad.gif"

title=Mad></a></TD>

<TD><a href="javascript:smile(':P')"><img alt=Razz

border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_razz.gif"

title=Razz></a></TD>

<TD><a href="javascript:smile(':oops:')"><img

alt=Embarassed border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_redface.gif"

title=Embarassed></a></TD>

<TD><a href="javascript:smile(':cry:')"><img

alt="Crying or Very sad" border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_cry.gif"

title="Crying or Very sad"></a></TD>

</TR>

<TR align=middle vAlign=center>

<TD><A href="javascript:smile(':shock:')"><IMG

alt=Shocked border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_eek.gif"

title=Shocked></A></TD>

<TD><A href="javascript:smile(':?')"><IMG

alt=Confused border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_confused.gif"

title=Confused></A></TD>

<TD><A href="javascript:smile('8)')"><IMG alt=Cool

border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_cool.gif"

title=Cool></A></TD>

<TD><A href="javascript:smile(':lol:')"><IMG

alt=Laughing border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_lol.gif"

title=Laughing></A></TD>

<TD><a href="javascript:smile(':evil:')"><img

alt="Evil or Very Mad" border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_evil.gif"

title="Evil or Very Mad"></a></TD>

<TD><a href="javascript:smile(':twisted:')"><img

alt="Twisted Evil" border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_twisted.gif"

title="Twisted Evil"></a></TD>

<TD><a href="javascript:smile(':roll:')"><img

alt="Rolling Eyes" border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_rolleyes.gif"

title="Rolling Eyes"></a></TD>

<TD><a href="javascript:smile(':wink:')"><img

alt=Wink border=0

src="<?php echo $lm_website."components/com_guestbook/images/"; ?>icon_wink.gif"

title=Wink></a></TD>

</TR>

</TBODY>

</TABLE></td>

</tr>

<tr><td><?php echo _GUESTBOOK_VALID_CODE; ?></td><td><img src="<?php echo $lm_absolute_path; ?>classes/simplecaptcha/captcha.php" border="1" class="inputbox" /></td></tr>

<tr><td> </td><td><input name="code" type="text" size="30" maxlength="50" class="inputbox"></td></tr>

<tr>

<td> </td>

<td><input type="submit" name="Submit" value="<?=_GUESTBOOK_SIGN;?>" class="button" >

 

<input type="button" value="<?=_GUESTBOOK_CANCEL;?>" class="button" onClick="document.location='index.php?option=guestbook&Itemid=<?php echo $Itemid; ?>'" ></td>

</tr>

<tr>

<td> </td>

<td>*<?=_GUESTBOOK_REQUIRED;?></td>

</tr>

</table>

</form>

<?php

}

?>

</td>

</tr>

</table></td></tr></table>

<?php } ?>

So... da sind noch mehr dateien drin aber das hier ist die einzigste in der was über das captcha steht...!

rob

Dabei seit: 11.12.2003
Ort: ~/
Alter: 46
Geschlecht: Männlich

Verfasst Di 13.03.2007 13:45 Titel

keine anleitung mit in der zip-datei? also in jedem fall scheint die captcha.php zu fehlen. darauf verweist dein imagetag. die datei ist aber nicht da und deswegen kann auch kein bild angezeigt werden.

	Seite: Zurück 1, 2
	MGi Foren-Übersicht -> Allgemeines - Nonprint

Du kannst keine Beiträge in dieses Forum schreiben.
Du kannst auf Beiträge in diesem Forum nicht antworten.
Du kannst an Umfragen in diesem Forum nicht mitmachen.