Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

Help with coding that is not working...cgi script

david1979david1979 Member Posts: 2
Hello,

I purchased a scipt from a guy that I purchased a chat software from and its currently not working. All I seem to get back on it is that it works for him and it should for me. I have tested this script on two other servers and the same resort.

Anyway to the point what I'm needing is a script to allow members to edit their chat names and passwords. With the chat name part I need it to be able to remove HTML. Thats the problem currently with the script I have now. Other wise it works fine. But when it comes to removing the html it keeps the whole html and everything when it posts it to the file. If anything I'm looking for some pointers or someone who maybe able to help fix the current script I have now.

Comments

  • bgibbybgibby Member Posts: 251
    Hey there,

    I suggest posting some code or at least a link to the script if you'd like further assistance q:)

    Cya
    Bradley q:)

    : Hello,
    :
    : I purchased a scipt from a guy that I purchased a chat software from and its currently not working. All I seem to get back on it is that it works for him and it should for me. I have tested this script on two other servers and the same resort.
    :
    : Anyway to the point what I'm needing is a script to allow members to edit their chat names and passwords. With the chat name part I need it to be able to remove HTML. Thats the problem currently with the script I have now. Other wise it works fine. But when it comes to removing the html it keeps the whole html and everything when it posts it to the file. If anything I'm looking for some pointers or someone who maybe able to help fix the current script I have now.
    :

  • JonathanJonathan Member Posts: 2,914
    : I purchased a scipt from a guy that I purchased a chat software from and
    : its currently not working. All I seem to get back on it is that it works
    : for him and it should for me. I have tested this script on two other
    : servers and the same resort.
    :
    As someone else mentioned, if you could post the kinda errors you are getting that'd help to identify the problem.

    : Anyway to the point what I'm needing is a script to allow members to
    : edit their chat names and passwords. With the chat name part I need it
    : to be able to remove HTML. Thats the problem currently with the script
    : I have now. Other wise it works fine. But when it comes to removing
    : the html it keeps the whole html and everything when it posts it to
    : the file. If anything I'm looking for some pointers or someone who
    : maybe able to help fix the current script I have now.
    :
    Escpaing <, > and & will help...try something like:

    [code]for ($name, $password) {
    s/&/&/g;
    s/</</g;
    s/>/>/g;
    }[/code]

    Another point on this: beware anything that users enter that gets inserted into any herf="..." places too; it's all too easy to write a "javascript:alert('mwahahaha')" instead of a URL. You can validate something really is a URL with a regex...
    http://www.programmersheaven.com/2/RegexLibraryNet

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • david1979david1979 Member Posts: 2
    Sorry I had not gotten back to everyone sooner on this. .....

    Anyway part of the script part that seems to not be working is this




    # check that the reserved_name is valid
    # first strip out the HTML (not perfect, but should work ok)
    $FORM{"reserve_name"} =~ s/<(?:[^>'"]*|(['"]).*?1)*>//gs;
    $FORM{"reserve_name"} =~ s/^s+//s;
    $FORM{"reserve_name"} =~ s/s+$//s;
    if (length($FORM{"reserve_name"}) + length($FORM{"login"}) +
    length($FORM{"pass"}) > 240) {
    $reserve_error .= qq(Your reserved name is too long
    );
    $bad = 1;
    }
    if (check_reserved($FORM{"reserved_name"},$FORM{"login"})) {
    $reserve_error .= qq(Your reserved name is already in use
    );
    $bad = 1;
    }

    if (($FORM{"new_pass"}) &&
    ($FORM{"new_pass"} ne $FORM{"new_pass2"})) {
    $pass_error .= qq(Your passwords didn't match.
    );
    $bad = 1;
    }

    if ($login_error) {
    print_start_page();
    } elsif ($bad) {
    print_change_page();
    } else {
    # do change
    if ($FORM{"new_pass"}) {
    change_password($FORM{"login"},$FORM{"new_pass"});
    }
    change_reserved($FORM{"login"},$FORM{"reserved_name"});
    print_success_page();
    }

    } else {
    # Display basic join form
    print_start_page ();
    }

    exit;





    But for some reason when its actually used it keeps the full html and everything when it posts it into the text config file that it needs to go into which in results messes it up at times




    : : I purchased a scipt from a guy that I purchased a chat software from and
    : : its currently not working. All I seem to get back on it is that it works
    : : for him and it should for me. I have tested this script on two other
    : : servers and the same resort.
    : :
    : As someone else mentioned, if you could post the kinda errors you are getting that'd help to identify the problem.
    :
    : : Anyway to the point what I'm needing is a script to allow members to
    : : edit their chat names and passwords. With the chat name part I need it
    : : to be able to remove HTML. Thats the problem currently with the script
    : : I have now. Other wise it works fine. But when it comes to removing
    : : the html it keeps the whole html and everything when it posts it to
    : : the file. If anything I'm looking for some pointers or someone who
    : : maybe able to help fix the current script I have now.
    : :
    : Escpaing <, > and & will help...try something like:
    :
    : [code]for ($name, $password) {
    : s/&/&/g;
    : s/</</g;
    : s/>/>/g;
    : }[/code]
    :
    : Another point on this: beware anything that users enter that gets inserted into any herf="..." places too; it's all too easy to write a "javascript:alert('mwahahaha')" instead of a URL. You can validate something really is a URL with a regex...
    : http://www.programmersheaven.com/2/RegexLibraryNet
    :
    : Jonathan
    :
    : ###
    : for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    : (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    : /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");
    :
    :

Sign In or Register to comment.