Recent Posts

Pages: [1] 2 3 ... 10
1
Site comments and suggestions / Re: How to add custom block after first and last post
« Last post by vbgamer45 on November 29, 2020, 11:53:19 pm »
In display.template.php

Add before
Code: [Select]
echo '

<script type="text/javascript">
displayImageFix();
</script>';
2
Site comments and suggestions / How to add custom block after first and last post
« Last post by Bencuri on November 29, 2020, 09:08:15 pm »
I want to add custom block to first and last posts in the mobile theme, but I cannot find the corresponding like to insert the code. It should be somewhere in displaytemplate.php I guess. In case of the Core theme it is there, and the block has to be inserted to the default code of: <a id="lastPost"></a>';

But in the Smf4Mobile theme I don't find "lastpost" definition anywhere. What did you replace the definition with?
3
Feedback / Re: AMP version
« Last post by spiros on November 27, 2020, 08:48:57 am »
I am not either. But it has 2 distinct advantages:

1) it forces developers to create fast sites
2) it is highly promoted in search results

And since Google sets the rules of the game, my guess is that it is here to stay.
4
Feedback / Re: AMP version
« Last post by vbgamer45 on November 27, 2020, 08:19:38 am »
Possibly, I am not a big supported of AMP because I think it is a google lockin
5
Feedback / AMP version
« Last post by spiros on November 27, 2020, 05:47:24 am »
Maybe creating an amp version of this theme would be worthwhile.
6
Pre-sale queries / Re: OpenRedirect?
« Last post by vbgamer45 on May 12, 2020, 02:42:38 pm »
$baseurl is not in the normal mod by default. I would like to see how that is defined.
Yes, a spider can still see the url. .But, I could add code in the template to hide the link from major spiders.
7
Pre-sale queries / Re: OpenRedirect?
« Last post by elomaran on May 11, 2020, 07:20:38 pm »
That's the version I installed, yes (just double checked the install file). The redirect could still be taken (by a spider, most likely) and altered to redirect to another website (Russian spam, in my case).

When I commented this part out:
Code: [Select]
        if (isset($_REQUEST['thememode']))
        {
                $_SESSION['id_theme'] = 0;

                if ($_REQUEST['thememode'] == 'full')
                        setcookie('smf4m_mode', 'full', time() + (86400
                * 60)); else
                        setcookie('smf4m_mode', 'mobile', time() +
                (86400 * 60));

                if (isset($_REQUEST['redirect']))
                        redirectexit(urldecode($_REQUEST['redirect']));
        }
the redirect stopped working, but then the page had to be manually refreshed after switching the theme.  So we changed the last line to
Code: [Select]
redirectexit($baseurl);

to have a working mod that didn't allow the forum to redirect to Russian spam websites. I only know very little php, so I had to rely on my friend, who called this fix "ugly, but it should work"
8
Pre-sale queries / Re: OpenRedirect?
« Last post by vbgamer45 on May 11, 2020, 07:04:35 pm »
That shouldn't have been the case I checked the mod and code uses the following now
Code: [Select]
if (isset($_REQUEST['redirect']))
{
global $boardurl;
if (substr_count(urldecode($_REQUEST['redirect']),$boardurl) == 0)
fatal_error("Unable to redirect",false);
else
redirectexit(urldecode($_REQUEST['redirect']));
}
9
Pre-sale queries / Re: OpenRedirect?
« Last post by elomaran on May 11, 2020, 06:49:02 pm »
Yes, the fix for redirect was fixed after I took over the development of the mod back in 2017 I believe.
After installing the 2.5 version of the theme and 2.04 of the mod, I found out that the redirect link could still be exploited by spammers. The OpenRedirect turned out to be still open. My IT friend looked through the code and found the culprit in one of the changes the mod makes to the load.php.


Changing
Code: [Select]
                 if (isset($_REQUEST['redirect']))
                         redirectexit(urldecode($_REQUEST['redirect']));

to
Code: [Select]
                if (isset($_REQUEST['redirect']))
                        redirectexit($baseurl);

fixed the vulnerability, and the link used by the spammers (and the testlink my friend set up to redirect to his webspace) finally doesn't work any longer.
10
Pre-sale queries / Re: Is functions available
« Last post by vbgamer45 on May 06, 2020, 01:19:46 pm »
You can check out most of the features by clicking the mobile mode button on the bottom of the website

You can enable recent posts and change the color of one variable the main color via the theme settings page.

Attached the ad theme settings for this theme here
Pages: [1] 2 3 ... 10