This Disappears When Logged In

Chat Notification

Discussion in 'General Suggestions' started by schlegelbagel, Mar 18, 2008.

Thread Status:
Not open for further replies.
  1. Rich

    Rich Administrator Staff Member Premium Member

    The problem you are experiencing Becca has to do with the ampersand in your username. (The & symbol.)

    The & symbol is an identifier in code. In PHP, it tells the code that a variable must exist to keep going. Also in PHP, depending on where it is being used, it needs to be escaped before it is processed. When passing the variable to the url (which we do a lot on this site), it needs to be written differently so it is interpreted correctly.

    The chat script isn't handling the escape the way it should, so it is flagging you as trying to inject something via the login. (A safe guard to prevent malicious code from being executed on the site.)

    I will make an attempt to locate where the login is being executed, but there are no guarantees with it. If I can find it, I can rewrite it to work properly. (I bought this script and just integrated it with our site.) If its being processed by one of the encrypted files, which there are 3, I won't be able to correct it.
     
  2. schlegelbagel

    schlegelbagel Frog Lover Premium Member

    Worse comes to worse, your username could be changed to not include the &.
     
  3. Rich

    Rich Administrator Staff Member Premium Member

    We already did that. lol I am actually going to be preventing the use of identifiers in usernames so this won't be an issue in the future. Up to now, I have been able to access the source code for everything and simply use an ereg replace function for characters. So it hasn't been an issue. Live and learn. ;)
     
  4. vegasandbecca

    vegasandbecca Elite Member

    Thanks Rich! I was able to sign into chat successfully.
     
  5. Rich

    Rich Administrator Staff Member Premium Member

    You are very welcome. I told you it would be painless. lol It took all of 15 seconds to fix. :)

    I have already disabled the use of special characters in usernames upon registering. I have also added a note to the registration form for users to know that ONLY numbers and letters will be accepted. If a user tries to use a special character, the registration page will redirect them back and show them an error reminding them for the second time that ONLY letters and numbers are allowed. ;) (In bold print in the error box. lol)
     
  6. Rich

    Rich Administrator Staff Member Premium Member

    The chat indicator has been removed temporarily. There is a conflict in the code that needs to be worked out.
     
  7. MoogleBass

    MoogleBass Kittes are so nice! Premium Member

    Liz broke it didnt she....
     
  8. Merlin

    Merlin Administrator Staff Member Premium Member

    Yep!
    Got cupcake crumbs in it!
     
  9. MoogleBass

    MoogleBass Kittes are so nice! Premium Member

    Yep! She didnt share either :(
     
  10. Rich

    Rich Administrator Staff Member Premium Member

    The problem we were experiencing was the chat stats were housed outside the forums directory. The way the stats were called were being trapped in an iframe. The iframe, depending on some other variables, was displaying incorrectly at times and then fine other times.

    I went in yesterday and wrote my own code to call the statistics for who is chatting, so the indicator is back. The word "chat" is also a link directly into the chat.

    Liz is happy again. lol
     
  11. schlegelbagel

    schlegelbagel Frog Lover Premium Member

    yes I am! Rich is the bestest. Which reminds me, as soon as I get my next paycheck and have more than $5 in my bank account, I need to re-subscribe to this place LOL
     
  12. Reddevil95128

    Reddevil95128 Member

    Small water snails can help too I normaly throw a few in my frog tanks every now and then tho they get eaten over time....
     
  13. Merlin

    Merlin Administrator Staff Member Premium Member

    I think you are replying to a different thread than you intended!
     
Thread Status:
Not open for further replies.

Share This Page