Thanks Curtis...
Thanks...QuickRon
It was great coming here today to see this bug...
I wouldn't have noticed this one
Thanks Curtis...
Thanks...QuickRon
It was great coming here today to see this bug...
I wouldn't have noticed this one
[QUOTE=Curtis;17788]Hi all,
1. The problem related with security in webhost. Web-server blocked ajax requests in GET format with special chats in content.
2. Solution is simple: replace GET to POST
find method contactOwnerSubmit() in file: \templates\general_modern\js\lib.js
and changed it:
also you need changes in php file /includes/classes/rlMessage.class.php in method contactOwner()
find code:
and replace it to:PHP Code:
Only registered members can view the code.
/QUOTE]PHP Code:
Only registered members can view the code.
So does this fix the issue Curtis,
I'm thinking of updating the software to 4.5.2 this weekend?
Anyone confirm? I read Pete comment on the first page and it seems not working for him but Ron said it worked for him
Yes that resolved the error :-)
Hello Wei Hong,
Pete has a mistake in code and after fixing syntax problem it works properly.
Thank you, Curtis.
@Flynax Company
I have discovered a further problem with this patch, if a user is logged an and they send a message to another user they end up with unwanted charactures in the resulting email, see example below. there is a series of \n\ placed into the email message where there are line breaks / where you press enter to leave a space.
this does not happen if it is a visitor leaving a message but if your logged in and send one to another user this is the resulting email.
how to fix ?
Dear Fred,
ozepicker at mysite.com sent you a message.
Subject: Early Iron - A Biker #192 Supplement
my test message when logged in to another user.\n\none break here.\n\n\nand two more here.\n\nregards Pete
You can reply to the message at the link below:
https://www.mysite.com/my-messages.html?id=3
Hello Pete,
go to ftp > request.ajax.php > case 'contactOwner':
find:
and change to:PHP Code:
Only registered members can view the code.
PHP Code:
Only registered members can view the code.
[QUOTE=Rudi;21919]Hello Pete,
go to ftp > request.ajax.php > case 'contactOwner':
find:
and change to:PHP Code:
Only registered members can view the code.
/QUOTE]PHP Code:
Only registered members can view the code.
Hello Rudi, Does not open the way for abuse or sql injection?