Mysidia Adoptables Support Forum - Mysidia Adoptables v1.3.2[Security Release]

Mysidia Adoptables Support Forum (http://www.mysidiaadoptables.com/forum/index.php)

- Mysidia Adoptables Official Announcement (http://www.mysidiaadoptables.com/forum/forumdisplay.php?f=2)

- - Mysidia Adoptables v1.3.2[Security Release] (http://www.mysidiaadoptables.com/forum/showthread.php?t=3878)

Well your webhost is running PHP 5.2, right? Are you running a VPS server? If so, ask your server provider to upgrade PHP, thats the best way to resolve the problem.

But anyway, you probably do not need the UserCreator/MemberCreator/VisitorCreator classes if you only need the adoptshop feature.

But what is the problem?

You mean the 'cannot inherit' error? Well thats what happens with PHP 5.2, its incompatible with Mys v1.3.2. There's a simple fix though, you just have to edit the UserCreator and remove the 'implements Creator' part. But keep in mind that in a long run you have to use PHP 5.3 anyway, Mys v1.4.0 will not support PHP 5.2 at all.

Well for now, which part exactly do I remove?

Actually I posted a solution before:
http://www.mysidiaadoptables.com/for...38&postcount=5

This will get rid of the Creator method inherit error, but wont fix all incompatibility issue with PHP 5.2. I recommend you not to use all script files from Mys v1.3.2, just choose whatever you need to add the features. Like I told you, you shouldnt even need to touch these Creator type classes if you just want to add the adoptshop. You are overkilling by importing way too many classes from Mys v1.3.2 that does not really help you anything.

Well I had to keep adding in files. I'm only trying to add in what is needed but I'm not sure what IS needed.

Now I have this :/
Parse error: syntax error, unexpected T_PROTECTED in /home/taleofdr/public_html/classes/abstract/abstract_usercreator.php on line 33

Well post the UserCreator.php file and I will find out the problem for ya. Looks like you did not edit the file correctly, something is missing.

I fixed it.... getting this. *sigh*

Fatal error: Declaration of Member::login() must be compatible with that of User::login() in /home/taleofdr/public_html/classes/class_member.php on line 3

Well remove this line in classes/abstract/abstract_user.php:

PHP Code:


		
			
  abstract public function login($username);

Done and now:
Parse error: syntax error, unexpected T_PAAMAYIM_NEKUDOTAYIM in /home/taleofdr/public_html/classes/class_input.php on line 120

What on earth? lol

You have a malfunctioning double colon operator in that script file, remove it and see what happens.

???

Code:

<?php



abstract class User{

  // The abstract class User

  public $uid = 0;

  public $username;

  public $ip;

  public $usergroup;

  public $lastactivity;

  

  public function getid(){

     return $this->uid;

  }



  public function getusername(){

     return $this->username;

  }

  

  public function getcurrentip(){

     return $this->ip;

  }

  

  public function getgroupid(){

     if(is_numeric($this->usergroup)) return $this->usergroup;

     else return $this->usergroup->gid;

  }

  

  public function getgroup(){

     return $this->usergroup;

  }

  

  public function lastactivity(){

     return $this->lastactivity;

  }

  

  

  public function isbanned(){

     // will be added later

  }

  

}

?>

I mean, this file: classes/class_input.php

Oh. Ok what am I looking for exactly?

Well I said you need to look into classes/class_input and search for line 120 that seems to be malfunctioning. It seems to have two colons that cause the trouble, you need to remove them.

I removed one and got Parse error: syntax error, unexpected ':' in /home/taleofdr/public_html/classes/class_input.php on line 120

Then how about removing them both? What does that file look like on your server anyway?

I did. Still got an error.
Parse error: syntax error, unexpected T_VARIABLE in /home/taleofdr/public_html/classes/class_input.php on line 120

I'm starting to think I won't be able to add in the adopt shop :/

Code:

<?php



/**

 * The Input Class, it is one of Mysidia system core classes.

 * It acts as a secure wrapper for user input in $_GET and $_POST.

 * Input is a final class, no child class shall derive from it.

 * An instance of Input class is generated upon Mysidia system object's creation. 

 * This specific instance is available from Registry, just like any other Mysidia core objects. 

 * @category Resource

 * @package Core

 * @author Hall of Famer 

 * @copyright Mysidia Adoptables Script

 * @link http://www.mysidiaadoptables.com

 * @since 1.3.2

 * @todo incorporate input class in Mysidia adoptables system.

 */



final class Input{



    /**

         * The request property, which holds request method information: get, post or else.

         * @access public

         * @var String

    */

    public $request;

        

        /**

         * The post property, it stores all user input vars in $_POST.

         * @access private

         * @var ArrayObject

    */

    private $post; 

        

        /**

         * The get property, it stores all user input vars in $_GET.

         * @access private

         * @var ArrayObject

    */

    private $get;

        

        /**

         * The action property, which specifies users action.

         * @access private

         * @var String

    */

    private $action;



        

        /**

     * Constructor of Input Class, it generates basic properties for an input object.

     * @access public

     * @return Void

     */         

    public function __construct(){         

        $this->checkrequest();

            $this->initialize();

    }

  

    /**

     * The initialize method, which handles parsing of user input vars.

     * @access public

     * @return Void

     */

    public function initialize(){

            if(isset($_POST)){

                $post = array_map('secure',$_POST);

                    $this->post = new ArrayObject($post, ArrayObject::ARRAY_AS_PROPS);

                    if(isset($this->post->action)) $this->action = $this->post->action;

            unset($_POST);     

            }

            if(isset($_GET)){ 

                $get = array_map('secure',$_GET);

                $this->get = new ArrayObject($get, ArrayObject::ARRAY_AS_PROPS);

                    if(isset($this->get->action)) $this->action = $this->get->action;

            unset($_GET);

            }

        if(defined("SUBDIR")){

            $parser = new UrlParser($_SERVER['REQUEST_URI']);

                        $elements = $parser->parse();

                        $get = array_map('secure', $elements);

                        $this->get = new ArrayObject($get, ArrayObject::ARRAY_AS_PROPS);

            if(isset($this->get->action)) $this->action = $this->get->action;

        }                

    }

  

    /**

     * The post method, returns a user input var stored in Input::$post property.

         * @param String  $key

     * @access public

     * @return Object

     */

    public function post($key = ""){

        if(empty($key) and !empty($this->post)) return $this->post;

            elseif(isset($this->post->{$key})) return $this->post->{$key};

            else return FALSE;

    }

  

    /**

     * The get method, returns a user input var stored in Input::$get property.

         * @param String  $key

     * @access public

     * @return Object

     */

    public function get($key = ""){

        if(empty($key) and !empty($this->get)) return $this->get;

            elseif(isset($this->get->{$key})) return $this->get->{$key};

            else return FALSE;    

    }



    /**

     * The manipulate method, set values in a get variable from post variable.

     * This can be manipulated by controller objects.

     * It serves as a temporary solution to url rewrite problem with get forms.

         * @param String  $controller

     * @access public

     * @return Void

     */

    public function manipulate($controller){

        if(!($controller instanceof AppController)) throw new Exception("Controller not found.");

        elseif(is_array($controller::$param)){

            foreach($controller::$param as $key){

                if($this->post->{$key}) $this->get->{$key} = $this->post->{$key};

            }

        }

        else{

            $key = $controller::$param;

            if($this->post->{$key}) $this->get->{$key} = $this->post->{$key};

        }   

    }

  

    /**

     * The action method, verifies whether a specified action is taken by this user.

         * @param String  $act

     * @access private

     * @return Boolean

     */

    public function action(){

        if(empty($this->action)) return FALSE;

            else return $this->action;

    }

  

    /**

     * The checkrequest method, checks to see the request method of a particular user

     * @access private

     * @return Boolean

     */

    private function checkrequest(){

        // This method checks if there is user input, and returns the request_method if evaluated to be true

        if($_SERVER['REQUEST_METHOD'] == "POST"){

                  $this->request = "post";

                    return TRUE;

            }        

            elseif($_SERVER['REQUEST_METHOD'] == "GET"){

                $this->request = "get";

                    return TRUE;

            }        

            else $this->request = FALSE;

    }

  

    /**

     * The secure method, parse user input in a safe manner.

         * @param Array  $data

     * @access private

     * @return ArrayObject

     */

    private function secure($data){

        if(is_array($data) and SUBDIR != "AdminCP") die("Hacking Attempt!");

            $data = htmlentities($data);

        $data = addslashes($data);        

            $data = strip_tags($data, '');

            return $data;

    }  

}

?>

I see, you dont have a controller object, and thus the double colons are invalid. You shouldnt be using the input class at all, get rid of it and see what happens.

Ok where is it and what exact part? Sorry, I don't want to mess anything up and I'm not familiar with it at all.

Well I just dont understand what you are trying to do actually. Do you just wish to incorporate the adoptables shop into your site? If so, you just need the following script files: class_adoptshop.php, class_itemshop.php, shop.php and maybe some files from ACP. You do not even need to play with the class_input.php at all, unless you want a full upgrade.

oh hmmmm, well I have all those files and I'm still getting errors.

I removed require init.php and get this:

EDIT: Wrong warning...
Fatal error: Call to a member function getstatus() on a non-object in /home/taleofdr/public_html/shoptest.php on line 7

umm what does your shoptest.php file look like?

I edited my post with the correct warning, in case you didn't see that.

Code:

<?php





//***************//

//  START SCRIPT //

//***************//

$mysidia->user->getstatus();

if(!$mysidia->user->isloggedin){

   // The user is not logged in, show generic login error message

   $mysidia->displayerror("guest");

}

else

if($mysidia->user->status->canshop == "no"){

   // The user's permission to browse shops is banned, show error message

   $mysidia->page->settitle($lang->global_guest_title);

   $mysidia->page->addcontent($lang->denied);

}  

elseif(!$mysidia->input->get("shopname")){

   // The user has yet to enter a shop, so we may as well list the shop

   $mysidia->page->settitle($lang->access);

   $mysidia->page->addcontent($lang->type);

   $shoplist = new Shoplist($mysidia->input->post("shoptype"));

   $shoplist->display();

}

elseif(!$mysidia->input->get("itemname") and !$mysidia->input->get("adopttype")){

   // The user has entered a shop but not yet specified the item or adoptables to purchase

   $shoptype = $mysidia->db->select("shops", array("shoptype"), "shopname = '{$mysidia->input->get(shopname)}'")->fetchColumn();

   $shoplist = new Shoplist($shoptype);

   $shop = $shoplist->createshop($mysidia->input->get("shopname"));

   $mysidia->page->settitle($lang->welcome);

   $shop->display();

}

elseif($mysidia->input->get("itemname") and !$mysidia->input->get("adopttype")){

   // The user has specified an item to purchase, let's process this request

   $shop = new Itemshop($mysidia->input->get("shopname"));

   $item = $shop->getitem($mysidia->input->get("itemname"));

   $item->assign($mysidia->user->username);

   $oldquantity = $item->getoldquantity();

   $newquantity = $oldquantity + $mysidia->input->post("quantity");

   

   if(!is_numeric($mysidia->input->post("quantity"))){

      $mysidia->page->settitle($lang->global_action_title);

          $mysidia->page->addcontent($lang->invalid_quantity);

   }

   elseif($newquantity > $item->cap){

      $mysidia->page->settitle($lang->global_error);

          $mysidia->page->addcontent($lang->full_quantity);   

   }

   elseif($shop->purchase($item)){

      // The item is purchased successfully, now let's process the request

          $mysidia->page->addcontent("{$lang->purchase_item}{$item->getcost($shop->salestax)} {$mysidia->settings->cost}");

   }

   else{

      $mysidia->page->settitle($lang->global_error);

          $mysidia->page->addcontent($lang->money);  

   }   

}

elseif(!$mysidia->input->get("itemname") and $mysidia->input->get("adopttype")){

   // The user has specified an adoptable to purchase, let's process this request

   $shop = new Adoptshop($mysidia->input->get("shopname"));

   $adopt = $shop->getadopt($mysidia->input->get("adopttype"));

   $adopt->assign($mysidia->user->username);

   

   if($shop->purchase($adopt)){

      // The adoptable is purchased successfully, now let'ss process the request

          $mysidia->page->addcontent("{$lang->purchase_adopt}{$adopt->getcost($shop->salestax)} {$mysidia->settings->cost}");

   }

   else{

      $mysidia->page->settitle($lang->global_error);

          $mysidia->page->addcontent($lang->money);

   }

}

else{

   // Invalid action specified, show generic error message

   $mysidia->displayerror("action");

}



//***************//

//  OUTPUT PAGE  //

//***************//



$mysidia->output();



?>

Well now I am confused, are you using Mys v1.3.2's code now? If your site is still a Mys v1.3.1 site, you need to replace variables beginning with $mysidia by their equivalent Mys v1.3.1 variables. Some examples are given below:

PHP Code:


		
			
$mysidia->user->username => $GLOBALS['loggedinname'];
$mysidia->input->get($param) => $_POST[$param];
$mysidia->input->post($param) => $_POST[$param];
$mysidia->page->settitle("") => $article_title = "";
$mysidia->page->addcontent("") => $article_content .= "";
$mysidia->user->isloggedin() => $GLOBALS['isloggedin'];
$mysidia->output() => echo showpage($article_title, $article_content, $template);

There is no counterpart of $mysidia->user->getstatus() in Mys v1.3.1 though, so you have to get rid of all code associated with them.

I'm not sure I would know what to change everything to :( Sadly I guess I can't use this right now.

Well... Would you mind starting a new thread in the questions & Support subforum? Id like to see what I can do to help you there, this thread will be reserved for newbies and old members who can upgrade their sites.

Er... I've upgraded to the newest version, but I can't seem to access the admin control panel? I logged in, got an error at the top of the page, something about the header being sent twice? I ignored it because it wasn't affecting anything else, but when I went elsewhere in the ACP, it started giving me "you can not access the acp" messages.

umm are you running the site on a PHP 5.3 server? Its strange though, some people do get header being sent twice error, it is one of the problems even I get frequently. In most cases it is because the ACP theme aint loaded successfully.

I'm running Php 5.3.19 and MySQL 5.5.27. And the theme seems to be working just fine.

umm thats weird... Does your site url has http:// or www.?

firefox is weird and hides them, but normally its rattiesftw.com minus a www.

also, I'm getting the following error trying to access a certain shop;

Fatal error: Call to a member function select() on a non-object in /home/rattie/domains/rattiesftw.com/public_html/classes/class_item.php on line 20

Well without http:// or www it can get you into some problem, if the ACP aint working you better take a look at what the url is saying whenever you access ACP. If the url appears to be weird looking(such s having two http's), you know you get a problem.

umm did you just upgrade rather than installing a new copy? If so, are you sure the upgrade is performed successfully? Did you replace all old script files? If not, search for the class files and see if you have deprecated variable $adopts. Replace all instances of $adopts by $mysidia->db. This should do the tricky.

I do normally use without www. I've been trying to use www. more and that seems to have fixed the acp problem. I'm not sure how to redirect my domain so it shows up as www. everytime though. ;-;

I looked through the files and I do seem to have the mysidia->db variable.

Quote:

Originally Posted by Hall of Famer (Post 25302)

Your host appears to have not installed mysql driver for PDO, its weird. Please contact them to see if they can get mysql driver for you, if not I will figure out a solution for you to get by using a different driver.

*sigh* Perhaps its time for this script to go multi-database drivers, instead of having mysql-only.

Okay, thanks for the help! :happycbig:
I contacted my host to see if they could install a PDO Driver for MySQL; now to wait and see. :usedusedused:

Well check if your host has PHP 5.3 on its server, if not you better just move host rather than wait for them to make changes. Its a different story though if you use a paid-host, they usually are much more reliable and can perform server upgrade for ya.

Just installed ---

Hey!

Just installed this on a server running php 5.4.6 - got it all installed just fine, went through the whole installation, then when I got to the 'you need to log in before you can access the CP part' ---- this is what I got---------and the actual Admin section DID come up just fine, I just couldn't do anything there because of not being logged in ( it did make my account too) :

Fatal error: Uncaught exception 'Exception' with message 'Fatal Error: Class PDO either does not exist!' in /home/zpxarxwa/public_html/classes/class_loader.php:26 Stack trace: #0 [internal function]: Loader->load('PDO') #1 /home/zpxarxwa/public_html/classes/class_database.php(3): spl_autoload_call('PDO') #2 /home/zpxarxwa/public_html/classes/class_loader.php(20): include('/home/zpxarxwa/...') #3 [internal function]: Loader->load('Database') #4 [internal function]: spl_autoload_call('Database') #5 /home/zpxarxwa/public_html/classes/class_mysidia.php(65): class_exists('Database') #6 /home/zpxarxwa/public_html/classes/class_mysidia.php(30): Mysidia->loaddb() #7 /home/zpxarxwa/public_html/inc/init.php(26): Mysidia->__construct() #8 /home/zpxarxwa/public_html/vmessage.php(3): require('/home/zpxarxwa/...') #9 {main} thrown in /home/zpxarxwa/public_html/classes/class_loader.php on line 26

I can't imagine what's wrong since it did have the AdminCP part come up fine.

The site itself won't come up at all except for the AdminCP, as far as I can tell. I do have some files on the site from an older Mysidia I was toying with using-----should I re-install all the files for just the latest installation, or is that not causing this? Thanks! :)

PS the sites at: http://www.equus-sim.com

umm it seems to me that your server does not have PDO? Do you run your own server? If so, compile PDO with the instruction given on PHP manual site. If you are with a host, contact them and ask to have PDO installed/enabled.

Quote:

Originally Posted by Hall of Famer (Post 25431)

Yup, they're a paid host and are using 5.3. ^^ It must be the PDO driver is messed up somehow. :o

I've contacted them a few times through support tickets, and each time they've responded with nothing helpful. :P I asked them if they could check if the PDO driver was configured correctly, because I was getting errors when the script tried to write the config file and access the site, and I got back this:

Quote:

Hello,
Thank you for your inquiry. Unfortunately it is not possible to write a file into a directory which does not have writable permissions. I have created the config.php file in this directory and set it as writable, you should now be able to proceed with the installation as long as that is the only file which requires to be written.

If this is unsuccessful and other files need to be written in the directory, you may want to momentarily set writable permissions on that directory for installation purposes. Ensure you remove them upon completion of installation. These permissions can be set using the Brinkster File Manager located within the control panel. If you have further questions please let us know, we will be glad to provide further assistance. Have a great day.

So i'm assuming that the PDO errors might be happening because the script is trying to use PDO when it is not accessible? :o
I guess i'll just look for another host to use for my website if they can't allow the PDO driver to be used. :P