Warning: include(<!--coloro:red--><span style="color:red"><!--/coloro-->www.allencarswell.com[/color]/cutenews/show_news.php ) [function.include]: failed to open stream: No such file or directory in [...]/index.php on line 4

Please don't use things like
include('www.example.org/folder/file.php');

but local paths. In your case:
include('./cutenews/show_news.php');

I'm afraid the CuteNews license forbids you to tamper with the powered-by line. You can remove it by buying a license.

Yes, that's very possible! Go to Options and then click on "Edit Templates". You can remove parts you don't like or change their text. Be sure to read the text above the fields, it will explain what the tags mean.

Are you sure? I'm fairly sure that code would not work. Line 208:

$comments        = preg_replace(array("'"'", "'''", "''"), array(""", "'", ""), $comments);

Line 214 below will cause errors as well

echo"<div style=<!--coloro:red--><span style="color:red"><!--/coloro-->"[/color]text-align: center;<!--coloro:red--><span style="color:red"><!--/coloro-->"[/color]>[...]

Frankly, I'm stumped so far. Are you sure you had to edit show_news.php and not shows.inc.php? Watch out, those are two different files; what you've posted is show_news.php.

The file shows.inc.php (in the /inc/ folder) handles the commenting system — could you post that file as well? If you've changed how the captcha works you've surely done some changes to that file.

What about adding

unset($id);


just above the line that says

include(...)

?

Not sure if that's what FUNimations proposed but he then edited the quote?

In the code which Filou83 posted:

while($str[$i] != ';'){

Try replacing it with

while($str[$i] != ';' && $i < strlen($str)){


That's the only thing I can think of that would cause trouble. Though line 213 is the ending } in the code he quoted, so I don't know.
I can supply you the modified file if you encounter difficulties changing it yourself. https://cutephp.com/forum/style_emoticons/default/smile.gif

If it's not all too personal, could you share the contents of news.txt ? This may give us better insight into the problem.

UTF-8 CuteNews shouldn't have any trouble with any Unicode characters. What you're describing sounds like you've edited the comment template and changed the input fields to other names, which will make CuteNews think no comment has been submitted.
A link to your website would be useful.

First off, your English is great!

Adding PHP to the templates isn't possible and shouldn't be done as it poses a big security risk you don't want to take. Just adding the function rating_form() to the .tpl file isn't ideal. The rating form will display as soon as CuteNews loads the .tpl file, so that will be above the actual news article. Moreover, the rating form won't be displayed for further articles in active news, and I'm sure you'd want to have all news article having the rating form.

What I propose is that you add the code to /inc/shows.inc.php, provided that CuteNews always knows where to find rating_form(), since that's not a standard function. I'm not familiar with the hack, so I don't know which file you had to edit for the additional code.

Basically, you want the rating form to display after every news article? This can be done in /inc/shows.inc.php:

Find twice:

$output = str_replace("{full-story}", $news_arr[4], $output);


Replace both times with

$output = str_replace("{full-story}", $news_arr[4].rating_form($news_arr[0]), $output);

The line is in /inc/shows.inc.php at lines 366 and 695 in an unmodified CuteNews 1.4.6. They're the only two lines that have {full-story} in them - easy to find!

$news_arr[0] is the news ID. I don't think that replacing {news-id} with $news_arr[0] in the .tpl file will work.
Please also note that adding PHP manually to the .tpl files may cause errors in the Templates module of the administration area, and it will be lost if someone resaves the template.

85

(61 replies, posted in News)

Thanks for addressing the issues that were posted. This seems a lot better.

I'd be curious to hear a few words about you, the new owners, too. It'd be only fair for us to introduce ourselves in return as well, so if you want I will do so.

ZTG, a link to your website would be very useful. It could be that something is wrong and that PHP is suppressing the errors for one, or that the captcha image is not being displayed because it's doing some weird stuff.

dymofff, no, the absolute path meaning something like the correct path to the file. If, when you write require_once('./captcha/php-captcha.inc.php');, it has an error message that says "failed to open stream: No such file or directory" it means exactly that - you're telling PHP to look for a file that doesn't exist.

[...]

EDIT: Actually, based on your error message you had posted at the beginning, we can tell you that the following code will work in any file:

<?php
require_once('/home/bunin31/public_html/news/captcha/php-captcha.inc.php');
?>

However - this is important! - don't add this code to show_news.php if you're displaying CuteNews in another file with something like

<?php
include('./news/show_news.php');
?>


The code above needs to be added at the very beginning of that file. Otherwise you will get the error you had in post #5 again. This appears to be a file called blog.php on your website. The code needs to go in there.

Oh, right, thanks Damoor - I guess the topic starter is using CuteNews, as said in post #4. This doesn't work with any of the CuteNews series, because I've already added the necessary code for the image captcha in the files of UTF-8 CuteNews.

The error in post #4 means the file can't be found. Try something like ./cutenews/captcha/... or wherever the file is located.

The error in post #5 sounds like you've managed to get the php-captcha.inc.php file to work, but you didn't add the code at the very top. That's absolutely crucial. If you're using CuteNews 1.4.6 it will not produce any errors, but you'll find that you can add anything you want in the captcha and it'll work.

The error Class 'PhpCaptcha' not found is because you didn't add the require_once code you posted. That code belongs at the very top (this is important) of the page in which you have CuteNews. If you're using show_news.php directly, add it there. Otherwise to your news.php or what the name of your file may be. https://cutephp.com/forum/style_emoticons/default/smile.gif Just the file where you wrote something like <?php
include('./cutenews/show_news.php');
?>

89

(61 replies, posted in News)

It's truly awesome to see that CuteNews is being maintained again officially. Nonetheless, I'm afraid to say I don't trust what's going on; this new update makes me feel screwed over.

This has started ever since CuteNews was sold. Even support members have no idea who the new owners are, and as far as I know no one has ever heard anything from them. My attempts to contact the new owners a handful of times because of UTF-8 CuteNews have always been unanswered, though to be fair I may always have been writing to the wrong place.

Spam has decreased, that's good. The Twitter thing is finally gone, that's even better. Sorry, that thing was bliss.

Meanwhile, pretty much everything about this update is bugging me.

a)

In this version, we have fixed a number of bugs and tried to take your suggestions into account.

Could you supply a concrete example of such a suggestion?

b) A quick search for 'ereg' in /inc/addnews.mdu reveals there are still ereg functions in them, e.g. at line 387.

c)

* admin interface webpages design has been modified;

... Where? All I can find are a few tables whose width have been changed.

d)

* access rights for news editing actions have been added.

Again: Where? The only changes in editnews.mdu and options.mdu are ereg functions to an equivalent function that is compatible with PHP version >= 5.3.

e) Some changes are obviously taken from UTF-8 CuteNews, e.g. /inc/editnews.mdu line 251 in CN 1.4.7, or line 233 in UTF-8 CuteNews 9:

if(strpos($single_line, '<'.'?') === false){

Writing "<?" as '<'.'?' is an awfully suspicious coincidence; I initially added all instance of <? and ?> as such because I thought it could be buggy to just do '<?' a few years ago. It's weird that it's identical in CuteNews when there's no rational explanation to do this, while at other places where it's '<?' in UTF-8 CN, it's '<?' in CuteNews 1.4.7 as well.

I don't mind my changes being taken, I really don't, but since the new owners are obviously aware of UTF-8 CuteNews and obviously have given the code a good luck, one would think he or they (I don't even know what pronoun to use!) would have time to get back to me as well.

With that said, I'm really sorry for the attack. This is just becoming frustrating, and I have a lot of doubts since there seems to be a lot of lying already in the first update(!). I'm having trust issues.

If the solution doesn't work, use

if(!strpos($HTTP_REFERER, $self) !== false && $HTTP_REFERER != ''){

[I'm not saying Damoor's code is wrong; I have no idea.]

Changing $config_check_referer to FALSE won't be necessary once the code works. The code with eregi() checks for the referrer, and since the current fix doesn't work, it does odd stuff and thinks the referrer isn't correct.

Standard BBCode works, it's just not explained anywhere. Standard tags such as [b] [i] [u] work, [color=...], [size=...] and [font...] do as well, as well as [align=...] [link]

[list] . Best is to try around https://cutephp.com/forum/style_emoticons/default/smile.gif

Try, instead:

if(!(@copy($image, $config_path_image_upload.'/'.$image_name))){
 $img_result = "<font color=red>Not able to upload image.</font>
Make sure that file upload is enabled or contact your server administrator.";
}

Name: Disclosure of user database in search.php
Reported by: Stephan (via e-mail)
Author of fix: (lKj)
CuteNews Compatibility: 1.3.6 - * (no incompatibility reported yet) and UTF-8 CuteNews 1 - 8b (downloaded prior to Mar 13th 2010)
Description: If search.php is included on a page where show_news.php or show_archives.php has already been included, the whole contents of the user database will be shown in the Author field.
This issue has been fixed in UTF-8 CuteNews 8b as of March 13th 2010. Users who already have UTF-8 CuteNews 8b installed only have to overwrite show_news.php, show_archives.php and search.php from the new .zip at the UTF-8 <acronym title='CuteNews'>CN</acronym> project page.

Instructions:
In show_news.php, find:

unset($static, $template, $requested_cats, $category, $catid, $cat,$reverse, $in_use, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);

Replace with:

unset($static, $template, $requested_cats, $category, $catid, $cat,$reverse, $in_use, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives, $user);

In show_archive.php, find:

unset($template, $requested_cats, $reverse, $in_use, $archive, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives);

Replace with:

unset($template, $requested_cats, $reverse, $in_use, $archive, $archives_arr, $number, $no_prev, $no_next, $i, $showed, $prev, $used_archives, $user);

If you are using CuteNews 1.4.6, find in search.php:

// Define Users
$all_users = file("$cutepath/data/users.db.php");


If you are using UTF-8 CuteNews, find:

$story = utf8_htmlentities($story);
$title = utf8_htmlentities($title);

Add below:

if(!isset($user) && isset($_GET['user'])){
 $user = htmlentities($_GET['user']);
}

Upload those three files, check that the fix is successful and you're set https://cutephp.com/forum/style_emoticons/default/smile.gif.

Posts found: 76 to 93 of 93

Pages Previous 1 2 3 4

CutePHP Forums → Posts by (lKj)



The pun_antispam official extension is installed. Copyright © 2003–2009 PunBB.