Question: Code of Shoubox
Asked Modified Viewed 1,791 times
Basti
Basti 10
[PHP-Fusion Crew Member & Admin from June 2008 - December 2010]
http://basti2web.de - Support Site for my infusions
http://basti2web.de - Support Site for my infusions
- Veteran Member, joined since
- Contributed 1,099 posts on the community forums.
- Started 32 threads in the forums
- Started this discussions
Hi,
I am rewriting my mod against spam in the shoutbox, and I found something, where I have a question:
Take a look at
http://www.php-fusion.co.uk/infusions...ile_id=114
Line 32:
should it better be
I am rewriting my mod against spam in the shoutbox, and I found something, where I have a question:
Take a look at
http://www.php-fusion.co.uk/infusions...ile_id=114
Line 32:
Code Download source
if (!iSUPERADMIN || dbrows($result) > 0) {should it better be
Code Download source
if (!iSUPERADMIN && dbrows($result) > 0) { Basti
Basti 10
[PHP-Fusion Crew Member & Admin from June 2008 - December 2010]
http://basti2web.de - Support Site for my infusions
http://basti2web.de - Support Site for my infusions
- Veteran Member, joined since
- Contributed 1,099 posts on the community forums.
- Started 32 threads in the forums
- Started this discussions
Ok, let's wait until Master Digi spoke ;)
But if it is right, its funny, because nobody saws this.
This code exists sice 31.01.2006 :D
But if it is right, its funny, because nobody saws this.
This code exists sice 31.01.2006 :D
HACKERSOFT
HACKERSOFT 10
School Site: http://www..aims.ac.th
- Member, joined since
- Contributed 63 posts on the community forums.
- Started 12 threads in the forums
There's no problem with that...
The logic is to check shoutbox flooding for members or if the user_ip exists as the last shout. If last shout = user_ip and the user does not have superadmin privilege, then it will count and compare the number shouts incurred successively against the flood interval settings. If it's less than the flood settings, the shout is accepted, if more than the flood interval, the shout is rejected. Super Admins therefore, based on the logic, can flood the shoutbox regardless of the IP.
If you will make it to && instead of ||, the code:
will be useless, or should I say it will always allow any user to shout with no flooding control, since it should be set as true inside the condition if it meets the criteria.
I should say, there's really nothing wrong with the condition and the boolean is acceptable and logical.
That's just my point. Others may share their own... ;)
The logic is to check shoutbox flooding for members or if the user_ip exists as the last shout. If last shout = user_ip and the user does not have superadmin privilege, then it will count and compare the number shouts incurred successively against the flood interval settings. If it's less than the flood settings, the shout is accepted, if more than the flood interval, the shout is rejected. Super Admins therefore, based on the logic, can flood the shoutbox regardless of the IP.
If you will make it to && instead of ||, the code:
Code Download source
if (!$flood) $result = dbquery("INSERT INTO ".$db_prefix."shoutbox (shout_name, shout_message, shout_datestamp, shout_ip) VALUES ('$shout_name', '$shout_message', '".time()."', '".USER_IP."')");will be useless, or should I say it will always allow any user to shout with no flooding control, since it should be set as true inside the condition if it meets the criteria.
I should say, there's really nothing wrong with the condition and the boolean is acceptable and logical.
That's just my point. Others may share their own... ;)
Edited by HACKERSOFT on 16-10-2007 19:42,
answered
forget about this post ;)
Edited by Matonor on 17-10-2007 00:50,
answered
damn, your're right, I switched slaughter's suggestion and the original line ;)
Edited by Matonor on 17-10-2007 00:53,
Basti
Basti 10
[PHP-Fusion Crew Member & Admin from June 2008 - December 2010]
http://basti2web.de - Support Site for my infusions
http://basti2web.de - Support Site for my infusions
- Veteran Member, joined since
- Contributed 1,099 posts on the community forums.
- Started 32 threads in the forums
- Started this discussions
When you tell Digi about my suggestion, please report this, too:
http://www.php-fusion.co.uk/forum/vie...ost_103453
http://www.php-fusion.co.uk/forum/vie...ost_103453
Edited by Basti on 17-10-2007 18:57,
answered
Note: In v7, the flood handling code was moved to an include that can be used wherever you want and the issue you posted above is not present in this system anymore.
Basti
Basti 10
[PHP-Fusion Crew Member & Admin from June 2008 - December 2010]
http://basti2web.de - Support Site for my infusions
http://basti2web.de - Support Site for my infusions
- Veteran Member, joined since
- Contributed 1,099 posts on the community forums.
- Started 32 threads in the forums
- Started this discussions
Ah this sounds well :)
I didn't know this...
But take a look at the other thread, which I have posted, because I found this bug on this website (which works on v7 :P)
I didn't know this...
But take a look at the other thread, which I have posted, because I found this bug on this website (which works on v7 :P)
Category Forum
Official Core Support - 6Labels
None yet
Statistics
- Views 0 views
- Posts 7 posts
- Votes 0 votes
- Topic users 3 members
0 participants
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions