GET to /index.php not supported

Status
Not open for further replies.

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
As @Dead-i said, unfortunately, mod_security used here cannot have its values changed by users. As this is the case (seemed to work before), we can't do anything about mod_security as users.
As your website wasn't custom made (fully coded by you), it could be a struggle to prevent this.

Posting the code you are attempting to post would really be useful.
Mod_security usually throws 403's if it detects code (for example JavaScript) or a URL in a POST or GET. This case however seems odd.
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
Thank you. I Have only coded the css to be honest. The php I want to use was taken from the simple portal custom block section.

I am getting a broken security check box when I post the code.

Here is a link to the page. Code is in the first post.
http://simpleportal.net/index.php?topic=9138.0
 
Last edited:

caftpx10

Well-Known Member
Messages
1,534
Reaction score
114
Points
63
Is it possible for you to show this via screenshot?

I don't see anything that could be causing trouble, apart from the fact that posting code is prevented by mod_security, as stated a few posts ago.
 
Last edited:

dopetek

Member
Messages
53
Reaction score
1
Points
8
i tried to send it to you in a message too but that failed. It is 197 lines long and if I paste it straight here the smileys get involved. Can you not use the link I posted?
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
<?php

/*
Block: Recent posts with post preview
Author: Blue @ Simple Portal.net
Version: 1.6
*/

/* [SETUP WHAT YOU WANT HERE] */

$topics_posts = 1;        // TOPICS - 1 | MESSAGES - 2
$limit = 5;                // How many recent posts do you want to output?
$number = 70;            // How many characters do you want to output?
$exclude_boards = null;        // IF null guests can see all boards | IF you want to hide some boards use: array( ID1, ID2, ID3) where ID is the board's ID
$htmlspecialcharacters = false; // Do you need to show html special characters like Greek characters?

// Scroll Enable? Height and Speed?
$scrolling = 0;       // ENABLE - 1 | DISABLE - 2
$speed = 3;           // SLOW - 1 | MEDIUM - 10 | FAST - 20
$height = "150px";
$scrollbar = 0;       // ENABLE - 1 | DISABLE - 2

// Do you want to translate it to your own language? :P
$text['sportal_false'] = 'Simple Portal not found';
$text['board'] = 'in';
$text['who'] = 'by';

/* [STOP!] - THIS IS THE END OF SETUP */
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
//Only code from now on ;)
global $smcFunc, $scripturl, $sourcedir, $modSettings, $user_info, $settings, $context;

// Lets see if you are using Simple Portal. If not...well...go get them :D
if (!file_exists($sourcedir . '/PortalBlocks.php'))
{
    echo $text['sportal_false'];
    return;
}

// Let's grab some database results
if ($topics_posts == 1) {

    if (is_array($exclude_boards) || (int) $exclude_boards === $exclude_boards)
    {
        $exclude_boards = is_array($exclude_boards) ? $exclude_boards : array($exclude_boards);
    }
    elseif ($exclude_boards != null)
    {
        $output_method = $exclude_boards;
        $exclude_boards = array();
    }

$posts_result = $smcFunc['db_query']('', '
   SELECT m.poster_name, m.poster_time, m.id_msg, t.id_member_updated, m.subject, m.body, m.id_topic, b.name, t.id_last_msg, u.avatar, g.online_color,' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
            IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= m.id_msg_modified AS is_read,
            IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . '
   FROM {db_prefix}topics AS t
   LEFT JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
   LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_last_msg)
   LEFT JOIN {db_prefix}members AS u ON (t.id_member_updated = u.id_member)
   LEFT JOIN {db_prefix}membergroups AS g ON (g.id_group = CASE WHEN u.id_group = 0 THEN u.id_post_group ELSE u.id_group END)
   ' . (!$user_info['is_guest'] ? '
        LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = m.id_topic AND lt.id_member = ' . $user_info['id'] . ')
        LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = b.id_board AND lmr.id_member = ' . $user_info['id'] . ')' : '') . '    
   WHERE m.approved=1'   . (empty($exclude_boards) ? '' : '
            AND b.id_board NOT IN ({array_int:exclude_boards})') . ' AND {query_see_board}
   ORDER BY t.id_last_msg DESC
   LIMIT ' . $limit,
        array(
            'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
        )  
   );
$posts = array();
while ($row_posts = $smcFunc['db_fetch_assoc']($posts_result))
{

      global $memberContext;
      loadMemberData($row_posts['id_member_updated']);
      loadMemberContext($row_posts['id_member_updated']);
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
   $posts[] = array(
      'id' => $row_posts['id_member_updated'],
      'username' => '<a style="color: ' . $row_posts['online_color'] . ';" href="' . $scripturl . '?action=profile;u=' . $row_posts['id_member_updated'] . '">' . $row_posts['poster_name'] . '</a>',
      'subject' => '<a style="font-weight: bold;" title="' . $text['board'] . '&nbsp;' . $row_posts['name'] .'" href="' . $scripturl . '?topic=' . $row_posts['id_topic'] . '.msg' . $row_posts['id_last_msg'] . ';topicseen#new">' . $row_posts['subject'] . '</a>',
      'body' => $row_posts['body'],
      'avatar' => $row_posts['avatar'] == '' ? $memberContext[$row_posts['id_member_updated']]['avatar']['href'] : (stristr($row_posts['avatar'], 'http://') ? $row_posts['avatar'] : $modSettings['avatar_url'] . '/' . $row_posts['avatar']),
      'board' => $row_posts['name'],
      'time' => timeformat($row_posts['poster_time']),
      'new' => !empty($row_posts['is_read'])
   );
}
$smcFunc['db_free_result']($posts_result);

} else {

    if (is_array($exclude_boards) || (int) $exclude_boards === $exclude_boards)
    {
        $exclude_boards = is_array($exclude_boards) ? $exclude_boards : array($exclude_boards);
    }
    elseif ($exclude_boards != null)
    {
        $output_method = $exclude_boards;
        $exclude_boards = array();
    }
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
$posts_result = $smcFunc['db_query']('', '
   SELECT m.poster_name, m.poster_time, m.id_msg, m.id_member, m.subject, m.body, m.id_topic, b.name, b.id_board, u.avatar, g.online_color,' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
            IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= m.id_msg_modified AS is_read,
            IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . '
   FROM {db_prefix}messages AS m
   LEFT JOIN {db_prefix}boards AS b ON (m.id_board = b.id_board)
   LEFT JOIN {db_prefix}members AS u ON (m.id_member = u.id_member)
   LEFT JOIN {db_prefix}membergroups AS g ON (g.id_group = CASE WHEN u.id_group = 0 THEN u.id_post_group ELSE u.id_group END)
   ' . (!$user_info['is_guest'] ? '
        LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = m.id_topic AND lt.id_member = ' . $user_info['id'] . ')
        LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = b.id_board AND lmr.id_member = ' . $user_info['id'] . ')' : '') . '  
   WHERE m.approved=1'   . (empty($exclude_boards) ? '' : '
            AND b.id_board NOT IN ({array_int:exclude_boards})') . ' AND {query_see_board}
   ORDER BY m.id_msg DESC
   LIMIT ' . $limit,
        array(
            'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
        )  
   );
$posts = array();
while ($row_posts = $smcFunc['db_fetch_assoc']($posts_result))
{

      global $memberContext;
      loadMemberData($row_posts['id_member']);
      loadMemberContext($row_posts['id_member']);
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
   $posts[] = array(
      'id' => $row_posts['id_member'],
      'username' => '<a style="color: ' . $row_posts['online_color'] . ';" href="' . $scripturl . '?action=profile;u=' . $row_posts['id_member'] . '">' . $row_posts['poster_name'] . '</a>',
      'subject' => '<a style="font-weight: bold;" title="' . $text['board'] . '&nbsp;' . $row_posts['name'] .'" href="' . $scripturl . '?topic=' . $row_posts['id_topic'] . '.msg' . $row_posts['id_msg'] . ';topicseen#new">' . $row_posts['subject'] . '</a>',
      'body' => $row_posts['body'],
      'avatar' => $row_posts['avatar'] == '' ? $memberContext[$row_posts['id_member']]['avatar']['href'] : (stristr($row_posts['avatar'], 'http://') ? $row_posts['avatar'] : $modSettings['avatar_url'] . '/' . $row_posts['avatar']),
      'board' => $row_posts['name'], 
      'time' => timeformat($row_posts['poster_time']),
      'new' => !empty($row_posts['is_read'])
   );
}
$smcFunc['db_free_result']($posts_result);
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
Code:
}

//Finally the Output

//Scrolling xD
if ($scrolling == 1)
echo '<div style="overflow: hidden;"><marquee height=' . $height . ' behavior="scroll" direction="up" scrollamount="' . $speed . '" onmouseover="this.stop()" onmouseout="this.start()">';

if ($scrollbar == 1)
echo '<div style="height:' . $height . '; overflow-y: scroll; overflow-x: hidden;">';

foreach ($posts as $post) {

// Lets fix the BBCode bug and Strip the Text   
$content1 = str_replace("[", "<", $post['body']);
$content2 = str_replace("]", ">", $content1);
$content3 = strip_tags($content2);
$preview = substr ($content3,0,$number);
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
PHP:
echo'<table>
        <tr>
            <td style="width: 40px;">
                <img src="' . $post['avatar'] .'" alt="" width="40px" height="40px" />
            </td>
            <td>
                ' . $post['subject'];

                if (!$post['new'] && $context['user']['is_logged'])
                    echo '&nbsp;<img src="', $settings['images_url'], '/', $context['user']['language'], '/new.gif" alt="new" border="0" />';

                echo '<br />
                <small>' . $text['who'] . '&nbsp;' . $post['username'] . '&nbsp;|&nbsp;' . $post['time'] .'</small>
            </td>
        </tr>
    </table>';
   
    if ($htmlspecialcharacters) {
    echo htmlspecialchars($preview, ENT_NOQUOTES, "UTF-8") . '...';
    } else {
    echo $preview . '...';
    }

echo '<hr />';
    }
       
//Scrolling xD
if ($scrollbar == 1)
echo '</div>';

if ($scrolling == 1)
echo '</marquee></div>';   
    ?>
 

dopetek

Member
Messages
53
Reaction score
1
Points
8
Seems there is a limit to how much code one can post at a time. That is all one php file.
 
Status
Not open for further replies.
Top