Paul
Sun 23rd Nov '03, 12:20am
Hello,
HTML characters are not converted before the e-mail is generated for a reported post. Find:
$thread[title]=unhtmlspecialchars($thread[title]);
Below it, add:
$post[title]=unhtmlspecialchars($post[title]);
There is also a design issue in the report.php file. It seems that Jelsoft has purposefully required that a user must be logged in to report a post. The comment preceding the code in both vB2 and vB3 suggests that the reasoning behind it is to "check usergroup of user to see if they can use PMs." It makes no sense on a forum where guest posting is enabled to not allow guests to report posts, or at least give the administrator an option to set whether or not a usergroup can report posts.
If you remove the check from the code, it will work just fine, prompting for a username and password using $logincode which are not required, as is the case with guest posting.
I'd call it a bug, but since it's in vB3 as well, I'm calling it non-forward-thinking-development.
(Obviously, today is the first day I decided to peer into report.php and hack a bit...)
Best wishes,
Paul
HTML characters are not converted before the e-mail is generated for a reported post. Find:
$thread[title]=unhtmlspecialchars($thread[title]);
Below it, add:
$post[title]=unhtmlspecialchars($post[title]);
There is also a design issue in the report.php file. It seems that Jelsoft has purposefully required that a user must be logged in to report a post. The comment preceding the code in both vB2 and vB3 suggests that the reasoning behind it is to "check usergroup of user to see if they can use PMs." It makes no sense on a forum where guest posting is enabled to not allow guests to report posts, or at least give the administrator an option to set whether or not a usergroup can report posts.
If you remove the check from the code, it will work just fine, prompting for a username and password using $logincode which are not required, as is the case with guest posting.
I'd call it a bug, but since it's in vB3 as well, I'm calling it non-forward-thinking-development.
(Obviously, today is the first day I decided to peer into report.php and hack a bit...)
Best wishes,
Paul