/*************************************
Title:
Version:
Author:
Demo:
Download:
Website:
Short description:
*************************************/
Hi Klemen, Thank you so much for the LinkMan. I have a suggestion you may like to consider.
I keep getting inappropriate links on my site which is strictly a family oriented site. Would you consider adding a feature that would prevent new links from being published before I can approve them. Perhaps I can be notified by email when a new link is waiting to be published?
Thank you for your consideration.
Don
Prevent inappropriate links on my site.
Hello,
I can't promise anything but have added admin approval of links to the "to do" list.
I can't promise anything but have added admin approval of links to the "to do" list.
Klemen, creator of HESK and PHPJunkyardWas this helpful? You can buy me a drink here 
You should follow me on Twitter here
Help desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
You should follow me on Twitter hereHelp desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
This feature has now been added, see:
viewtopic.php?t=2460
viewtopic.php?t=2460
Klemen, creator of HESK and PHPJunkyardWas this helpful? You can buy me a drink here
You should follow me on Twitter here
Help desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
You should follow me on Twitter hereHelp desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
Approval Mode Code Change Idea
Hey Klem awsome version of link man.
Im sure you remember me I usually tweek your code out a bit :-)
I was testing 1.6 out and I noted that I could submit the link in approval mode again and again which inturn sends multiple emails to the admin not to mention gens a bunch of dif md5 hashes in our tmp dir that can build up if you get multi posts from somone on purpose or by accident. So I came up with this code idea, let me know what you think?
I did change the way your code works a bit as yours gens the hash at random mine gens it from there input. I feel this should work quite well and will not gen a zillion hashes on multi post one thing to note is im using my own custom error func to halt the form but I think you will see how my mod idea works. I would also like to know what if any problem you see in doing it this way verses your orig way.
You will see that they get a message link allready submitted for approval.
So in a nut shell I feel this should work quite well. thoghts?
//DC Mod use our submitted site for md5 hash ...
$url1 = strtolower(str_replace("http://","",$url));
$url1 = substr(strrchr($url1, "/"), +1);
$url1 = str_replace($url1,"",$url);
preg_match("/^(?:http:\/\/)(?:www.)?([^\/]+)/i",$url1,$matches);
$url1 = $matches[1];
$tmp = md5($url1);
//This allows us to check if its been submitted allready ...
if (file_exists('apptmp/'.$tmp.'.txt')){
$errors[] = "Link allready submitted for approval!";
}else{
$fp = fopen('apptmp/'.$tmp.'.txt','w') or problem('Couldn\'t open temporary file for writing! Please CHMOD the apptmp folder to 777 (rwxrwxrwx)!');
flock($fp, LOCK_EX);
fputs($fp,$replacement);
flock($fp, LOCK_UN);
fclose($fp);
}
DC
Im sure you remember me I usually tweek your code out a bit :-)
I was testing 1.6 out and I noted that I could submit the link in approval mode again and again which inturn sends multiple emails to the admin not to mention gens a bunch of dif md5 hashes in our tmp dir that can build up if you get multi posts from somone on purpose or by accident. So I came up with this code idea, let me know what you think?
I did change the way your code works a bit as yours gens the hash at random mine gens it from there input. I feel this should work quite well and will not gen a zillion hashes on multi post one thing to note is im using my own custom error func to halt the form but I think you will see how my mod idea works. I would also like to know what if any problem you see in doing it this way verses your orig way.
You will see that they get a message link allready submitted for approval.
So in a nut shell I feel this should work quite well. thoghts?
//DC Mod use our submitted site for md5 hash ...
$url1 = strtolower(str_replace("http://","",$url));
$url1 = substr(strrchr($url1, "/"), +1);
$url1 = str_replace($url1,"",$url);
preg_match("/^(?:http:\/\/)(?:www.)?([^\/]+)/i",$url1,$matches);
$url1 = $matches[1];
$tmp = md5($url1);
//This allows us to check if its been submitted allready ...
if (file_exists('apptmp/'.$tmp.'.txt')){
$errors[] = "Link allready submitted for approval!";
}else{
$fp = fopen('apptmp/'.$tmp.'.txt','w') or problem('Couldn\'t open temporary file for writing! Please CHMOD the apptmp folder to 777 (rwxrwxrwx)!');
flock($fp, LOCK_EX);
fputs($fp,$replacement);
flock($fp, LOCK_UN);
fclose($fp);
}
DC
To Code Or Not To Code That Is The Question?
Was my post of any help to you? if so please do [url=http://www.clickcraft.net/slice_donations.php][b]Buy Me A Slice[/b][/url] ...
Was my post of any help to you? if so please do [url=http://www.clickcraft.net/slice_donations.php][b]Buy Me A Slice[/b][/url] ...
That's an interesting idea, I like it! But it needs just a little more tweaking. The problem is that anyone who knows how LinkMan works could abuse this - if you know how to create an md5 hash you know how to construct the approve.php URL and approve the link yourself (you would know how the admin approval link would look like and just open it/approve link yourself).
The solution would be to put approvals under a password. Or an even more elegant solution would be to add a secret string to the URL before passing it to the md5(). If no one but you knows what the extra string is no one can generate a correct md5().
Hope you understand what I mean. All it would take is to change to
where sF#$z36Ht!-tw is a unique string you add to the url. It can always be the same on your website, but it should be unique for each LinkMan user.
The solution would be to put approvals under a password. Or an even more elegant solution would be to add a secret string to the URL before passing it to the md5(). If no one but you knows what the extra string is no one can generate a correct md5().
Hope you understand what I mean. All it would take is to change
Code: Select all
$tmp = md5($url1); Code: Select all
$tmp = md5($url1.'sF#$z36Ht!-tw');Klemen, creator of HESK and PHPJunkyardWas this helpful? You can buy me a drink here
You should follow me on Twitter here
Help desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
You should follow me on Twitter hereHelp desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
Got ya and your correct I wrote this real late or should I say early in the morn, so your point is well taken, in fact with my lic gen I do somthing like that only a step farther so no way it can be guessed ok how about this we use the code thats allready in your script settings as our secret string as this is user changeable correct? and can be anything so wouldn't that serve as our security tweak?
So we can do somthing like this.
Using our $settings['filter_sum'];
That in my opin should do the trick ...
Thus allowing for how my idea allows checking of the submission for a one time submit and security that we are after all in one quick tweak.
//DC Mod use our submitted site for md5 hash ...
$url1 = strtolower(str_replace("http://","",$url));
$url1 = substr(strrchr($url1, "/"), +1);
$url1 = str_replace($url1,"",$url);
preg_match("/^(?:http:\/\/)(?:www.)?([^\/]+)/i",$url1,$matches);
$url1 = $matches[1];
$tmp = md5($url1.$settings['filter_sum']);
//This allows us to check if its been submitted allready ...
if (file_exists('apptmp/'.$tmp.'.txt')){
$errors[] = "Link allready submitted for approval!";
}else{
$fp = fopen('apptmp/'.$tmp.'.txt','w') or problem('Couldn\'t open temporary file for writing! Please CHMOD the apptmp folder to 777 (rwxrwxrwx)!');
flock($fp, LOCK_EX);
fputs($fp,$replacement);
flock($fp, LOCK_UN);
fclose($fp);
}
DC
So we can do somthing like this.
Using our $settings['filter_sum'];
That in my opin should do the trick ...
Thus allowing for how my idea allows checking of the submission for a one time submit and security that we are after all in one quick tweak.
//DC Mod use our submitted site for md5 hash ...
$url1 = strtolower(str_replace("http://","",$url));
$url1 = substr(strrchr($url1, "/"), +1);
$url1 = str_replace($url1,"",$url);
preg_match("/^(?:http:\/\/)(?:www.)?([^\/]+)/i",$url1,$matches);
$url1 = $matches[1];
$tmp = md5($url1.$settings['filter_sum']);
//This allows us to check if its been submitted allready ...
if (file_exists('apptmp/'.$tmp.'.txt')){
$errors[] = "Link allready submitted for approval!";
}else{
$fp = fopen('apptmp/'.$tmp.'.txt','w') or problem('Couldn\'t open temporary file for writing! Please CHMOD the apptmp folder to 777 (rwxrwxrwx)!');
flock($fp, LOCK_EX);
fputs($fp,$replacement);
flock($fp, LOCK_UN);
fclose($fp);
}
DC
To Code Or Not To Code That Is The Question?
Was my post of any help to you? if so please do [url=http://www.clickcraft.net/slice_donations.php][b]Buy Me A Slice[/b][/url] ...
Was my post of any help to you? if so please do [url=http://www.clickcraft.net/slice_donations.php][b]Buy Me A Slice[/b][/url] ...