Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Customer Testimonials v1.0


Rezolles_Net

Recommended Posts

Double checked the DB and the only thing I see different than in the SQL file is that the primary type isnt set to MyISAM. The only options I have for it are Primary, Index, Unique and fulltext. Could thi sbe an issue?

Link to comment
Share on other sites

  • Replies 215
  • Created
  • Last Reply

Top Posters In This Topic

  • 3 weeks later...

hi all

 

i posted a while ago about removing the 'email author' option and a couple of others were wondering the same thing....is there a solution for this or can someone point me in the right direction to remove that part of the coding

 

 

thanks

 

tracy

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...

Hello Everyone,

 

 

I am hacking the customer testimonials contribution to suit my specific purpose. So, I need to change the following:

 

1) Need to be able to upload multiple images to the database.

 

2) Need everyone who visits the site to be able to add a testimonial and images (not just those logged in)

 

3) Need to be increase the maximum number of words in the testimonial to unlimited

 

4) I need a link to write a testimonial to appear in the right column all the time.

 

 

For reference, I have PWA, Super Download Shop and STS installed.

 

 

If anyone has any suggestions, I would appreciate it.

 

 

 

Chris

Link to comment
Share on other sites

Hi everyone,

 

 

Updated on my alternative contribution:

 

 

I have resolved the issues named in 2,3 & 4, however..........I am at a loss to be able to add multiple images to the customer_testimonial_write.php file. I did EVERYTHING I could think of (added the browse box and button and changed the SQL database to incorporate testimonial_image_2 through 6) but I am just not able to link it all together.

 

 

Any suggestions would be greatly appreciated. Maybe 42 hrs of OSC is too much in one sitting ?? I hope I am just overlooking something.

 

 

Chris

Link to comment
Share on other sites

  • 1 month later...

is therecoding for page breaks. Loading hundreds of testimonials on one page takes a long time

 

I was thinking the same thing...So have made some changes documented below. Initial testing looks OK.

 

I made some changes and would appreciate ones thoughts especially in regards to the past SQL injection issue. I dont think the code changes below has reintroduced it though would appreciate some confirmation from fellow forum members.

 

I changed the /customer_testimonials.php file:

 

           <?php
// <!-- START - Split page code display//-->
//			
//            if ($testimonial_id != '') {
//               $testimonial_id = ct_sanitise($testimonial_id);
//               $full_testimonial = tep_db_query("select * FROM " . TABLE_CUSTOMER_TESTIMONIALS . " WHERE //testimonials_id = " . (int)$testimonial_id);
//            }
//            else {

			$full_testimonial_raw = "select * from " . TABLE_CUSTOMER_TESTIMONIALS . " where status = '1' order by date_added desc";
			$test_split = new splitPageResults($full_testimonial_raw, CUSTOMER_TESTIMONIALS_DISPLAYED);	
			$full_testimonial = tep_db_query($test_split->sql_query);
//			}
//<!-- END - Split page code display //-->
           while ($testimonials = tep_db_fetch_array($full_testimonial)) {
               $testimonial_array[] = array('id' => $testimonials['testimonials_id'],
                                            'author' => $testimonials['testimonials_name'],
										 'location' => $testimonials['testimonials_location'],
										 'title' => $testimonials['testimonials_title'],
                                            'testimonial' => $testimonials['testimonials_html_text'],
                                            'word_count' => tep_word_count($testimonials['testimonials_html_text'], ' '),
                                            'image' => $testimonials['testimonial_image'],
										 'date_added' => $testimonials['date_added'],
                                            'email' => $testimonials['testimonials_email']);
               }
           require(DIR_WS_MODULES  . 'customer_testimonials.php');
           ?>
           </td>
         </tr>
       </table></td>
     </tr>
<!-- START - Split page code display//-->
   <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
 if (($test_split->number_of_rows > 0) && ((PREV_NEXT_BAR_LOCATION == '2') || (PREV_NEXT_BAR_LOCATION == '3'))) {
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
         <tr>
           <td class="smallText"><?php echo $test_split->display_count(TEXT_DISPLAY_NUMBER_OF_CUSTTEST); ?></td>
           <td align="right" class="smallText"><?php echo TEXT_RESULT_PAGE . ' ' . $test_split->display_links(MAX_DISPLAY_PAGE_LINKS, tep_get_all_get_params(array('page', 'info', 'x', 'y'))); ?></td>
         </tr>
       </table></td>
     </tr>
<?php
 }
?>
<!-- END - Split page code display//-->

 

 

For the variable CUSTOMER_TESTIMONIALS_DISPLAYED in the admin cpanel I added the following SQL database entry:

NOTE: (change you value 231 to whatever is available in your database)

INSERT INTO `configuration` VALUES ('231', 'Customer Testimonials Displayed', 'CUSTOMER_TESTIMONIALS_DISPLAYED', '4', 'Maximum number of products on customer testimonials to display', 3, NULL, now(), '0000-00-00 00:00:00', NULL, NULL);

 

For TEXT_DISPLAY_NUMBER_OF_CUSTTEST i added in include/languages/english.php

 

define('TEXT_DISPLAY_NUMBER_OF_CUSTTEST', 'Displaying <b>%d</b> to <b>%d</b> (of <b>%d</b> customer testimonials)');

 

I also changed the includes/boxes/customer_testimonials.php around line 25 not to link to the testimonal that is showing at the time in the infobox. From what I gathered in the forum this was causing all the problems in the first place with the SQL injection vulnerability in the past. This was also allowing it to be clicked after viewing products which would add the customer_testimonials string at the end of the products page string which made it a bit messy (for me anyway). It was cleaner in my opinion just to remove this functionality. Google following the links caching long winded url with customer id was not something i liked either.

 

 

//<!-- START - Split page code display//--> removed the a href so that the displayed testimonials are not linked.
   $info_box_contents = array();
   $info_box_contents[] = array('align' => 'center',
                                'text' => '<b>' . $testimonial_titulo . '</b>' . strip_tags($testimonial) . '...' . '<br><br><table border="0" cellspacing="0" cellpadding="0" align="center"><tr align="center"><td align="center" class="infoBoxContents">' .  '<b>'.$random_testimonial['testimonials_name'].'</b></td></tr></table>'
                                );
   new infoBox($info_box_contents);
?>
<!-- END - Split page code display//-->

 

i guess theres no need for the following code anymore?:

 

<!--<?php require(DIR_WS_INCLUDES . 'application_bottom.php');
function ct_sanitise($vartosanitise) {
$vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise);
return $vartosanitise;
}//-->

 

Would be great if someone can comment on the above code snipets - especially in regards to the past issue with the :

$testimonial_id exploit.

And now it being removed shouldnt be any different from the fix/patch that was done. Right?

 

George

Link to comment
Share on other sites

 

Correction on the last snippet:

 

<?php require(DIR_WS_INCLUDES . 'application_bottom.php');
//function ct_sanitise($vartosanitise) {
//$vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise);
//return $vartosanitise;
//}
?>

 

George

Link to comment
Share on other sites

hi all

 

i posted a while ago about removing the 'email author' option and a couple of others were wondering the same thing....is there a solution for this or can someone point me in the right direction to remove that part of the coding

 

 

thanks

 

tracy

 

To remove the email author line, edit /includes/modules/customer_testimonials.php

 

Chnage From:

<b>' . TEXT_TESTIMONY_BY . '</b>' . $testimonial_array[$i]['author'] . '<b>' . '<br><br>' . TEXT_TESTIMONY_DATE_ADDED . '</b>' . tep_date_short($testimonial_array[$i]['date_added']) . '<br><br>' . '<b>' . TEXT_TESTIMONY_TITLE . '</b>' . $testimonial_array[$i]['title'] . '<br><br>' . $testimonial_array[$i]['testimonial'] . '<br><br>' . '<a target="_blank" href="'. $email_prefix . $testimonial_array[$i]['email'] . '">' . TEXT_EMAIL_AUTHOR . '</a>'. $testimonials_list . '

 

To:

<b>' . TEXT_TESTIMONY_BY . '</b>' . $testimonial_array[$i]['author'] . '<b>' . '<br><br>' . TEXT_TESTIMONY_DATE_ADDED . '</b>' . tep_date_short($testimonial_array[$i]['date_added']) . '<br><br>' . '<b>' . TEXT_TESTIMONY_TITLE . '</b>' . $testimonial_array[$i]['title'] . '<br><br>' . $testimonial_array[$i]['testimonial'] . '<br><br>' . $testimonials_list . '

 

and

 

<b>' . TEXT_TESTIMONY_BY . '</b>' . $testimonial_array[$i]['author']. TEXT_TESTIMONY_OF . $testimonial_array[$i]['location'] . '<br><br>' . '<b>' . TEXT_TESTIMONY_DATE_ADDED . '</b>' . tep_date_short($testimonial_array[$i]['date_added']) . '<br><br>' . '<b>' . TEXT_TESTIMONY_TITLE . '</b>' . $testimonial_array[$i]['title'] . '<br><br>' . $testimonial_array[$i]['testimonial'] . '<br><br>' . '<a target="_blank" href="'. $email_prefix . $testimonial_array[$i]['email'] . '">' . TEXT_EMAIL_AUTHOR . '</a>'. $testimonials_list . '

 

To:

 

<b>' . TEXT_TESTIMONY_BY . '</b>' . $testimonial_array[$i]['author']. TEXT_TESTIMONY_OF . $testimonial_array[$i]['location'] . '<br><br>' . '<b>' . TEXT_TESTIMONY_DATE_ADDED . '</b>' . tep_date_short($testimonial_array[$i]['date_added']) . '<br><br>' . '<b>' . TEXT_TESTIMONY_TITLE . '</b>' . $testimonial_array[$i]['title'] . '<br><br>' . $testimonial_array[$i]['testimonial'] . '<br><br>' . $testimonials_list . '

 

Regards

George

Link to comment
Share on other sites

  • 4 weeks later...

hi,

 

can someone please, elaborate me how to fix the problem ?

 

testimonial view (add 1st testimoni using admin page)

f3vwae.jpg

 

write new testimonial

11uvtci.jpg

 

here is the page source (customer testimonial write):

 

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html dir="LTR" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Asongan.Biz</title>
<base href="http://localhost/catalog/">

<!-- start get_javascript(applicationtop2header) //-->

<!-- end get_javascript(applicationtop2header) //-->

<link rel="stylesheet" type="text/css" href="freeoscommerce_023_stylesheet.css">
</head>
<body>
<div id="wrapper1">
 <div id="background_top"></div>

 <div id="wrapper2">
   <div id="wrapper3">
     <div id="top">
       <div id="website_name">Asongan.Biz</div>
     </div>    
     <div id="content_wrapper">
       <div id="side_menu">

<!-- start categorybox //-->

<div class="infobox_heading">Categories</div>
<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>
   <td class="boxText"><a href="http://localhost/catalog/index.php?cPath=21&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">8220 Kickstart-></a> (6)<br><a href="http://localhost/catalog/index.php?cPath=36&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">8520 Gemini-></a><br><a href="http://localhost/catalog/index.php?cPath=22&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">8900  Javelin-></a> (12)<br><a href="http://localhost/catalog/index.php?cPath=23&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">9000  Bold</a><br><a href="http://localhost/catalog/index.php?cPath=24&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">9500  Storm</a><br><a href="http://localhost/catalog/index.php?cPath=25&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">9520 / 9550  Storm 2  Odin</a><br><a href="http://localhost/catalog/index.php?cPath=26&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">9630  Tour</a><br><a href="http://localhost/catalog/index.php?cPath=27&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">9700  Bold 2  Onyx</a><br></td>

 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>
</div>            
<!-- end categorybox //-->


<!-- start manufacturerbox //-->


<div class="infobox_heading">Manufacturers</div>

<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>
   <td class="boxText"><form name="manufacturers" action="http://localhost/catalog/index.php" method="get"><select name="manufacturers_id" onChange="this.form.submit();" size="1" style="width: 100%"><option value="" SELECTED>Please Select</option><option value="10">Blackberry</option></select><input type="hidden" name="osCsid" value="3o7a1e0mhqa8hj9ml9mg9vpkf0"></form></td>
 </tr>
 <tr>

   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>
</div>            
<!-- end manufacturerbox //-->


<!-- start whatsnewbox //-->


<div class="infobox_heading">What's New?</div>
<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>

   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>
   <td align="center" class="boxText"><a href="http://localhost/catalog/product_info.php?products_id=37&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0"><img src="images/8220pouchvio.jpg" border="0" alt="8220 Violet Pocket" title=" 8220 Violet Pocket " width="150" height="150"></a><br><a href="http://localhost/catalog/product_info.php?products_id=37&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">8220 Violet Pocket</a><br>Rp.225.000,00</td>
 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>

</table>
</div>            
<!-- end whatsnewbox //-->


<!-- start cartbox //-->


<div class="infobox_heading"><a href="shopping_cart.php">Shopping Cart</a></div>
<div class="infobox_content">
<table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>

 <tr>
   <td class="boxText">0 items</td>
 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>

</div>
<div style="padding-bottom: 12px; text-align: center;">

<a href="http://localhost/catalog/shopping_cart.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0"><img src="includes/sts_templates/freeoscommerce_023/images/english/buttons/button_view.gif" border="0" alt="" width="52" height="32"></a><a href="http://localhost/catalog/checkout_shipping.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0"><img src="includes/sts_templates/freeoscommerce_023/images/english/buttons/button_checkout.gif" border="0" alt="" width="96" height="32"></a></div>            
<!-- end cartbox //-->


<!-- start informationbox //-->


<div class="infobox_heading">Information</div>
<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>

   <td class="boxText"><a href="http://localhost/catalog/shipping.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Shipping & Returns</a><br><a href="http://localhost/catalog/privacy.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Privacy Notice</a><br><a href="http://localhost/catalog/conditions.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Conditions of Use</a><br><a href="http://localhost/catalog/contact_us.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Contact Us</a></td>
 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>
</div>            

<!-- end informationbox //-->


<!-- start customer_testimonials //-->


<div class="infobox_heading">Testimonials</div>
<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>

   <td align="left" class="boxText"><b><center>test</center></b><br>t
e
s
t<br /><br /><a href="http://localhost/catalog/customer_testimonials.php?testimonial_id=1&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0"><span><center>(read more)</center></span></a><br><span><center><b> By test</b></center></span><br><img src="images/h_gray_middle.gif" border="0" alt="" width="100%" height="3"><center><a href="http://localhost/catalog/customer_testimonials_write.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Write a Testimonial</a></center></td>
 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>

</div> 	
<!-- end customer_testimonials //-->


<!-- start messenger //-->


<div class="infobox_heading">Yahoo Messenger!</div>
<div class="infobox_content"><table border="0" width="100%" cellspacing="0" cellpadding="3" class="infoBoxContents">
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
 <tr>

   <td class="boxText"><a href="ymsgr:sendIM?asongan_biz">
<img border="0" src="http://presence.msg.yahoo.com/online?u=asongan_biz&m=g&t=14&l=us">
</a></td>
 </tr>
 <tr>
   <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="1"></td>
 </tr>
</table>
</div>            
<!-- end messenger //-->

                 </div>

       <div id="content_wrapper2">
         <div id="content">
           <div id="navigation">
             You are here: <a href="http://localhost" class="headerNavigation">Top</a> » <a href="http://localhost/catalog/index.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0" class="headerNavigation">Catalog</a> » <a href="http://localhost/catalog/customer_testimonials_write.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0" class="headerNavigation">Write Testimonial</a> <br>

             <hr class="accessibility">
           </div>
           <div>

<!-- start Default Content //-->
<form name="customer_testimonial" method="post" action="http://localhost/catalog/customer_testimonials_write.php?action=insert&osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0" enctype="multipart/form-data">
  <table border="0" width="100%" cellspacing="0" cellpadding="0">
     <tr>
       <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>

           <td class="pageHeading" colspan="2">Write a Testimonial</td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
     </tr>
     <tr>

       <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
     </tr>
     <tr>
       <td>
	<table width="100%" border="0" cellspacing="0" cellpadding="2">
	  <tr>
		<td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
         </tr>
         <tr>

           <td class="main">We’re interested in your opinion. Let us and others know about your experience with our products by filling in the testimonial submission form below. We reserve the right to accept or reject testimonials; therefore, your testimonial may not appear immediately.</p>
<ul>
<li>Please <strong>do:</strong>
<ul>
<li>Write 50-300 words for the testimonial</li>
<li>Comment on the site’s value and effectiveness</li>
<li>Explain <strong>why</strong> you like or dislike us</li>

<li>Upload an <strong>image</strong> of you using our products</li>
</ul>
</li>
<li>Please <strong>do not:</strong>
<ul>
<li>Use profane, obscene, or spiteful language</li>
<li>Enter phone numbers, mailing addresses, or internet addresses</li>
<li>Upload an image that you do not have the right to share</li>

</ul>
</li>
</ul></td>
         </tr>
	  <tr>
		<td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
         </tr>
	  <tr>
		<td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
         </tr>

         <tr>
	    <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0">
		  <tr>
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="main"><b>Submit Your Testimonial</b></td>
                   <td class="inputRequirement" align="right">* Required information</td>
                 </tr>

               </table></td>
             </tr>
		  <tr>
               <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents">
	          <tr>
                   <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
		      <tr>
                   <td class="main">Title:<br>

                                    <input type="1" name="testimonials_title"> <span class="inputRequirement">*</span></td>
                 </tr>
	          <tr>
                   <td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
                 </tr>
	          <tr>
                   <td class="main">Your Name:<br>

                                    <input type="1" name="testimonials_name" value="Niko Setagiri"> <span class="inputRequirement">*</span></td>
                 <tr>
                   <td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
                 </tr>
	          <tr>
		        <td class="main">E-Mail Address:<br>
		                         <input type="text" name="testimonials_email"> <span class="inputRequirement">*</span></td>

	          </tr>
	          <tr>
                   <td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
                 </tr>
	          <tr>
                   <td class="main">Location:<br>
                                    <input type="text" name="testimonials_location"></td>
      	          </tr>

       <!-- start modification for reCaptcha -->
			  <tr>
				<td class="main">Security Code:</td>
			  </tr>
			  <tr>
									<script>
				var RecaptchaOptions = {
				theme : 'clean',
				tabindex : 3,
				lang : 'en',
				};
				</script>
				<td><script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdoCQsAAAAAAMluTMrD5EjnRolM_HiCpB1aA92P"></script>

<noscript>
 		<iframe src="http://api.recaptcha.net/noscript?k=6LdoCQsAAAAAAMluTMrD5EjnRolM_HiCpB1aA92P" height="300" width="500" frameborder="0"></iframe><br/>
 		<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
 		<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
</noscript></td>
			  </tr>
<!-- end modification for reCaptcha -->
	          <tr>
                   <td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
                 </tr>
                 <tr>
                   <td valign="top" class="main">Describe Your Experience(s): <span class="inputRequirement">*</span><br>

										      <textarea name="html_text" wrap="soft" cols="130" rows="10"></textarea></td>
                 </tr>
	          <tr>
                   <td><img src="images/pixel_trans.gif" border="0" alt="" width="1" height="10"></td>
                 </tr>


		    </table></td>
	      </tr>

		</table></td>
	  </tr></table>


         <tr>
           <td><img src="images/pixel_trans.gif" border="0" alt="" width="100%" height="10"></td>
         </tr>
	  </tr>
         <tr>
           <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">

             <tr class="infoBoxContents">
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
				<td class="main" align="left" valign="middle"><a href="http://localhost/catalog/customer_testimonials.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0"><img src="includes/sts_templates/freeoscommerce_023/images/english/buttons/button_back.gif" border="0" alt="" width="54" height="32"></a></td>
                   <td class="main" align="right" valign="middle"><input type="image" src="includes/languages/english/images/buttons/button_submit.gif" border="0" alt="Submit to Asongan.Biz" title=" Submit to Asongan.Biz "></td>
				<td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
                 </tr>
               </table></td>

             </tr>
           </table></td>
         </tr>
       </table></form>
<!-- end Default Content //-->

           </div>
           <div style="clear: both;"></div>
         </div>
         <div id="content_box_top"></div>

       </div>
       <div id="content_bottom"></div>
     </div>
     <div id="main_image">
       <div id="top_menu_links">
         <span><a href="http://localhost/catalog/index.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Home</a></span>
         <span><a href="http://localhost/catalog/account.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">My Account</a></span>
         <span><a href="http://localhost/catalog/shopping_cart.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Shopping Cart</a></span>

         <span><a href="http://localhost/catalog/checkout_shipping.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Checkout</a></span>
       </div>
     </div>
   </div>
   <div id="left_shadow"></div>
   <div id="right_shadow"></div>
 </div>
</div>
<div id="bottom_stripe">

 <div id="content_box_bottom_wrapper">
   <div id="content_box_bottom"></div>
 </div>
</div>
<div id="footer">
 <div style="text-align:center; width:150px; margin-left:auto; margin-right:auto;">
<img id="bcatikimandiri" src="images/bcamandiritiki.jpg" usemap="#banner" border="0" width="150" height="60" alt="" />
<map id="_bcatikimandiri" name="banner">
<area shape="rect" coords="0,2,78,32" href="http://www.klikbca.com" target="_blank" alt="bca" title="klikbca"   />
<area shape="rect" coords="0,33,78,55" href="http://www.bankmandiri.co.id/" target="_blank" alt="mandiri" title="mandiri"    />
<area shape="rect" coords="80,5,145,55" href="http://www.tiki-online.com/" target="_blank" alt="tiki" title="tiki-online"    />
</map>
</div>

 <p>Copyright © 2010 <a href="http://localhost/catalog/index.php?osCsid=3o7a1e0mhqa8hj9ml9mg9vpkf0">Asongan.Biz</a><br>Powered by <a href="http://www.oscommerce.com" target="_blank">osCommerce</a> </p>    
</div>
</body>
</html>

 

 

and here the customer_testimonial_write.php :

 

<?php
/*
 $Id: customer_testimonials.php 10/20/2008 Exp $
 Released under the GNU General Public License
 Modified by Bill Kellum 'bkellum' for Image Upload
 Modified by Richard Cranium for ReCaptcha and additional admin functions
*/

 require('includes/application_top.php');

/*** Begin Customer Testimonials v6 ***/
// Redirect user to login page if any of the following are true:
// 1) Admin has disabled Customer Testimonials mod; or
// 2) only registered users permitted to write testimonials and user is not logged in
 if ((TESTIMONIAL_ACTIVE != 'Yes') || (TESTIMONIAL_REGISTERED_WRITE == "Disabled") || ((TESTIMONIAL_REGISTERED_WRITE == "Registered Users Only") && (!tep_session_is_registered('customer_id'))))
 {
 	    $navigation->set_snapshot();
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 }
/*** End Customer Testimonials v6 ***/

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS);

/*** Begin Customer Testimonials v6 ***/
 if (TESTIMONIAL_CAPTCHA == 'Yes') {
// start modification for reCaptcha
 require_once('includes/classes/recaptchalib.php');
// end modification for reCaptcha
}
/*** End Customer Testimonials v6 ***/

   $testimonials_error = false;
   if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) {
       $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']);
       $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']);
       $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']);
       $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']);
       $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']);
       $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']);

// make sure testimonials directory exists
	if(!is_dir(DIR_WS_IMAGES . 'testimonials'))mkdir(DIR_WS_IMAGES . 'testimonials', '777');

	$testimonial_image = new upload('testimonial_image');
       $testimonial_image->set_destination(DIR_WS_IMAGES . 'testimonials/');
       $imagefiletypes = array('jpg','jpeg','gif','png','bmp');
       $testimonial_image->set_extensions($imagefiletypes);

       if ($testimonial_image->parse() && $testimonial_image->save()) {
         $testimonial_image_name = $testimonial_image->filename;
       }

       if (empty($testimonials_title)) {
         $testimonials_error = true;
         $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED);
       }
       if (empty($testimonials_name)) {
         $testimonials_error = true;
         $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED);
       }
	 if (empty($testimonials_email)) {
         $testimonials_error = true;
         $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED);
       }
    if (!tep_validate_email($testimonials_email)) {
         $testimonials_error = true;
         $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
    }
       if (empty($html_text)) {
         $testimonials_error = true;
         $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED);
       }

/*** Begin Customer Testimonials v6 ***/
 if (TESTIMONIAL_CAPTCHA == 'Yes') {
// start modification for reCaptcha
       // the response from reCAPTCHA
       $resp = null;

       // was there a reCAPTCHA response?
       $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY,
       $_SERVER["REMOTE_ADDR"],
       $_POST["recaptcha_challenge_field"],
       $_POST["recaptcha_response_field"]);

	if (!$resp->is_valid) {
	  $testimonials_error = true;
         $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")");
}
// end modification for reCaptcha
 }
/*** End Customer Testimonials v6 ***/

       if (!$testimonials_error) {
         $sql_data_array = array('testimonials_title' => $testimonials_title,
							  'testimonials_location' => $testimonials_location,
                                 'testimonials_name' => $testimonials_name,
							  'testimonials_email' => $testimonials_email,
                                 'testimonials_html_text' => $html_text,
							  'testimonial_image' => $testimonial_image_name);

	  if ($HTTP_GET_VARS['action'] == 'insert') {
           $insert_sql_data = array('date_added' => 'now()',
                                    'status' => '0');
           $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
           tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array);
           $testimonials_id = tep_db_insert_id();
           // email notification added by maestro
           $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" .
                         TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" .
                         TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" .
                         TESTIMONIAL_NOTIFICATION_APPROVE;
           tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email);
         }
         $testimonials_id = '';
         $testimonials_title = '';
	  $testimonials_location = '';
         $testimonials_name = '';
	  $testimonials_email = '';
         $html_text = '';
         tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success'));
       } else {
         $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']);
         $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']);
	  $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']);
         $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']);
	  $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']);
         $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']);
       }
   }

 $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="3" cellpadding="3">
 <tr>
   <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
   </table></td>
<!-- body_text //-->
   <td width="100%" valign="top">
  <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'NONSSL'); ?>" enctype="multipart/form-data">
  <table border="0" width="100%" cellspacing="0" cellpadding="0">
     <tr>
       <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 if ($messageStack->size('testimonials') > 0) {
?>
     <tr>
       <td><?php echo $messageStack->output('testimonials'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
  <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 }
 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {
?>
     <tr>
       <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
<?php
 } else {
 if (tep_session_is_registered('customer_id')) {
   $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (intP9		<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
         </tr>
	  <tr>
		<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
         </tr>
         <tr>
	    <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0">
		  <tr>
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?><P9		<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
         </tr>
	  <tr>
		<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
         </tr>
         <tr>
	    <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0">
		  <tr>
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td>
                   <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td>
                 </tr>
               </table></td>
             </tr>
		  <tr>
               <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents">
	          <tr>
                   <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
		      <tr>
                   <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br>
                                    <?php echo tep_draw_input_field('testimonials_title',  $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td>
                 </tr>
	          <tr>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
                 </tr>
	          <tr>
                   <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br>
                                    <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td>
                 <tr>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
                 </tr>
	          <tr>
		        <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br>
		                         <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td>
	          </tr>
	          <tr>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
                 </tr>
	          <tr>
                   <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br>
                                    <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td>
      	          </tr>
       <!-- start modification for reCaptcha -->
			  <tr>
				<td class="main"><?php echo ENTRY_SECURITY_CHECK; ?></td>
			  </tr>
			  <tr>
				<?php
				$languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'");
				$language_id = tep_db_fetch_array($languages_query);
				?>
				<script>
				var RecaptchaOptions = {
				theme : 'clean',
				tabindex : 3,
				lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>',
				};
				</script>
				<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>
			  </tr>
<!-- end modification for reCaptcha -->
	          <tr>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
                 </tr>
                 <tr>
                   <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br>
										      <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td>
                 </tr>
	          <tr>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
                 </tr>

<?php
/*** Begin Customer Testimonials v6 ***/
 if (TESTIMONIAL_IMAGE_ALLOW == 'Yes') {
?>
                 <tr>
                   <td valign="top" class="main"><?php echo 'Upload an image'; ?><br>
										      <?php echo tep_draw_file_field('testimonial_image'); ?></td>
                 </tr>
<?php
}
/*** End Customer Testimonials v6 ***/
?>

		    </table></td>
	      </tr>
		</table></td>
	  </tr></table>

<?php
/*** Begin Customer Testimonials v6 ***/
 if (TESTIMONIAL_CAPTCHA == 'Yes') {
?>
<?php
 }
/*** End Customer Testimonials v6 ***/
?>

         <tr>
           <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
         </tr>
	  </tr>
         <tr>
           <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
             <tr class="infoBoxContents">
               <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
				<td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
                   <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td>
				<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                 </tr>
               </table></td>
             </tr>
           </table></td>
         </tr>
       </table></form></td>
     </tr>
<?php
}
?>
</td></table>
<!-- body_text_eof //-->
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
   </table></td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> 

Edited by nyubi
Link to comment
Share on other sites

  • 2 weeks later...

To remove the email author line, edit /includes/modules/customer_testimonials.php

 

An alternative is to check out the Scrolling Customer Testimonials mod. This allows you to turn on/off emailing testimonial authors, adding reCaptcha support if you do allow people to email them, and many other new features. These settings are available in the admin configuration, so you don't need to adjust the code.

 

Scrolling Customer Testimonials

Edited by Richard Cranium
Link to comment
Share on other sites

  • 5 months later...

Hi I have just added the customer testimonials V6 to my local testing site - running xammp 1.7.1 and PHP 5.2.9.

I am using OSC V2.2 RC2 with STS plus other contribs.

 

I have change the settings, so any body can add a testimonial, and added one. I then went to the tools/testimonial manager setting and got the following message:

 

Fatal error: Cannot redeclare do_magic_quotes_gpc() (previously declared in C:\xampp\htdocs\scootFRI\toomuch\includes\functions\compatibility.php:18) in C:\xampp\htdocs\scootFRI\toomuch\includes\functions\compatibility.php on line 30

 

I have looked at compatibility.php but my little brain does not comprehend. The error only appears on the testimonial manager option, any help would be great as I really would like to put this on to the live site, but I have to make sure it is fully working first.

 

I would assume, I have done something wrong somewhere, but for the life of me I have no idea, any help would be tremendous.

 

Cheers

Jimmy

Link to comment
Share on other sites

Hi I have just added the customer testimonials V6 to my local testing site - running xammp 1.7.1 and PHP 5.2.9.

I am using OSC V2.2 RC2 with STS plus other contribs.

 

I have change the settings, so any body can add a testimonial, and added one. I then went to the tools/testimonial manager setting and got the following message:

 

Fatal error: Cannot redeclare do_magic_quotes_gpc() (previously declared in C:\xampp\htdocs\scootFRI\toomuch\includes\functions\compatibility.php:18) in C:\xampp\htdocs\scootFRI\toomuch\includes\functions\compatibility.php on line 30

 

I have looked at compatibility.php but my little brain does not comprehend. The error only appears on the testimonial manager option, any help would be great as I really would like to put this on to the live site, but I have to make sure it is fully working first.

 

I would assume, I have done something wrong somewhere, but for the life of me I have no idea, any help would be tremendous.

 

Cheers

Jimmy

Sorted this out - after searching various topics, I kept coming across the message that reguire app top shouldnot be in any languages files. After a search I discovered it in english/testimonials_manager.php.

At this point I realised I had copied the wrong testimonial manager file to the wrong location. Silly me.

Link to comment
Share on other sites

found:

 

in catalog/customer_testimonials.php

 

find

'testimonial' => $testimonials['testimonials_html_text'],

replace with

'testimonial' => nl2br($testimonials['testimonials_html_text']),

 

and if you want order the testimonials by date

change order by rand() into order by date_added desc

 

I've got v6

 

when a testimonal has enterd, the text hasn't got any line breaks, anyone else that has the same?

 

how can I solved that? perhaps something like nl2br?

Link to comment
Share on other sites

Got the latest version of customer testimonials installed, can any one confirmed that all the injection problems have been sorted, I have a feeling that I have had a couple of attempts. On the last url section of "who's online" has names, address and email information. I have not seen it myself - so I am not sure if these are names harvested from the DB or an injection. I can not see any additions made to the DB.

 

Cheers

 

Jimmy

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...