PDA

View Full Version : Phone field format hack :D



Aleksandar Apostolovski
March 12, 2019, 11:38 PM
Hi,
I'm wondering how could this happen when a user added his phone in the phone field (see attached pics)?
The first picture is my phone field options, and the second one is the phone field from a user's listing.
I haven't noticed other users with a wrong phone format like this in their phone field. They all have correct phone format like (123) 456-789.
I don't know how this user managed to do that :blink:

Rudi
March 13, 2019, 08:19 AM
Hello,

It can be hacked by changing html attribute maxlength:

3137

so I've changed on your side the code in includes > classes > rlListings.class.php > public function create > case 'phone':

from:


$area = $rlValid->xSql($data[$fk]['area']);


to:


$area = $rlValid->xSql(substr($data[$fk]['area'], 0, $value['Default']));


the same for public function edit