Hello everyone. I have become an affiliate and have been playing with the affiliate website code and database. It has been fun. I have now got the database imported in UTF-8 and I have made various changes and fixes to the code. Non security related changes. I just had to clean some things to allow the code to run on a server with E_STRICT which it now does very nicely.

I had tried to contact through the support contact form in the affiliate section but that was over a week ago and no one has replied yet so I figure I will just let everyone know here what I am doing.

I have added functionality that offers RSS feeds for the site. I have also added checks to replace non existing album covers with a default cover. This only makes a difference when using the covers locally. I have converted the example layout to be 100% XHTML 1.0 Strict and is non tabular now.

I have also added code to allow caching of the xml that is pulled off the mp3fiesta server for (x) amount of hours at a time. This was due to the fact that the p_search table used in the local search is not included in the database dump as well as the p_comments. Local search does not work without this p_search table and so I added the cache so one query per search term per day.

I found various variables defined that were then just never referenced in code so I commented them out so we do not have unneeded memory usage for things that are doing nothing at all.

I have added on file in the config directory to keep access to my changes separate from the original code. I have also found that clicking links to each Top Charts do nothing at all. They just show the very same content on each page. This should when clicking topchart/usa/ bring me to only USA top charts but it just displays them all. That may be my next fix.

Pretty much I have made to many alterations and such that I will not list them all here but any of the changes to the code I will gladly submit back to you guys upon your request. I have also converted much of the install documentation to English and added comments in some of the code in English as well.

To the forum moderator
You may remove this post if you wish, I just do not know how to contact you guys any other way and wanted to inform you of my changes.
Also if you could add an English language pack to this forum that would be great. I have been going back and forth between here and bablefish to translate everything.

I just got a few popup messages from javascript after login and I could not translate. I notice the affiliate site has a new version bump. The version I have made changes to is the previous version but I am looking at the new version to see what has been changed and possibly move to it right away.
I do gather from just clicking ok that it appears someone is interested in the changes I have made but I really can not tell if that is what the message boxes were about and I am not able to translate other pages I need to with bablefish :/ If I could at least type the characters I see in the message into bablefish that would be great but I can not do this either. I apologize for only speaking English and hope that it does not make things to difficult. Here is a screen shot of the message I received if anyone knows what this says in English it would be great :hi: http://shop.blogs.ath.cx/popup.png

$_SERVER['DOCUMENT_ROOT'] sometimes does not report the real document_root when hosted in a virtual host environment.
If possible the line 94 of the file 1strun.php maybe should be changed from

fwrite( $fp, "\$cacheDir = \$_SERVER['DOCUMENT_ROOT'].'/'.\$rootdir.'/cache'; // ïàïêà êåøèðîâàíèÿ êîâåðîâ\n");

to

fwrite( $fp, "\$cacheDir = _root_.'cache'; // ïàïêà êåøèðîâàíèÿ êîâåðîâ\n");

_root_ will always be defined as the directory the site is located in

-------------------------------------
not finished yet but the new version has captcha added. Nice to have the feature but it does not seem to work.
I changed the root directories captcha.php because as $sec_target is never defined in code it errors and no image displays. Removing $sec_target allows the image to be shown by directly accessing the file but I have yet to find out why it does not work in the site itself.

//$_SESSION[$sec_key][$sec_target] = $im->keystring;
$_SESSION[$sec_key][] = $im->keystring;

-------------------------------------
not finished yet but the new version has captcha added. Nice to have the feature but it does not seem to work.
I changed the root directories captcha.php because as $sec_target is never defined in code it errors and no image displays. Removing $sec_target allows the image to be shown by directly accessing the file but I have yet to find out why it does not work in the site itself.

//$_SESSION[$sec_key][$sec_target] = $im->keystring;
$_SESSION[$sec_key][] = $im->keystring;

I am noticing now that it is due to the ccimg never being set for the template that is used for captcha. I just hardcoded the path to the captcha in albums.tpl like so

change from
img src="{ROOTDIR}/{ccimg}/?0.{rnd_mod}&par=comment"

to

img src="{ROOTDIR}/captcha.php?0.{rnd_mod}&par=comment"

this in fact shows an image.

After multiple tries the captcha throws the javascript message box saying the code is invalid even though it is correct.

I then shut of javascript and tried to submit the form which does not allow submit at all. Once I turned javascript back on and refreshed I was then able to make comments regardless of the captcha code being correct or not.

I highly suggest not relying on javascript for security checks since the user can have javascript disabled while browsing but that is another story. I just wanted to comment back with what I found so far.

I will keep posting in this thread with what I encounter. Hopefully it is helpfull to someone.

I am noticing now that it is due to the ccimg never being set for the template that is used for captcha. I just hardcoded the path to the captcha in albums.tpl like so

change from
img src="{ROOTDIR}/{ccimg}/?0.{rnd_mod}&par=comment"

to

img src="{ROOTDIR}/captcha.php?0.{rnd_mod}&par=comment"

this in fact shows an image.

After multiple tries the captcha throws the javascript message box saying the code is invalid even though it is correct.

I then shut of javascript and tried to submit the form which does not allow submit at all. Once I turned javascript back on and refreshed I was then able to make comments regardless of the captcha code being correct or not.

I highly suggest not relying on javascript for security checks since the user can have javascript disabled while browsing but that is another story. I just wanted to comment back with what I found so far.

I will keep posting in this thread with what I encounter. Hopefully it is helpfull to someone.

I have found the culprit to the image not showing. Since I upgraded rather than a fresh install I never got the one line in rewrite.php

$pages['captcha'] = 'img-captcha';

once adding this the image shows fine but the same issue applies where I enter a valid code and it says it is invalid. I then just hit submit again with no value in the captcha field or with one does not matter the post goes through.

I figured out what the issue has been with the captcha not working. As I had mentioned I upgraded from an older modified version so it was literally replacing things line by line to make sure all was well. Turns out the issue was caused by the line I had missed
$pages['captcha'] = 'img-captcha';

after adding this line and changing the line in /captcha.php back to
$_SESSION[$sec_key][$sec_target] = $im->keystring;

and then in the template albums.tpl changed the line back to
img src="{ROOTDIR}/{ccimg}/?0.{rnd_mod}&par=comment"

all works splendid so I would say it would have been much smoother if I had done a fresh install but oh well. The issue of the possibility of javascript being disabled and the comment form then being rendered useless bothers me a little but I am going to see if maybe I can figure a way around that.

On another note kudos for the comment form addition. That is very nice and so I added the comments to the rss feed mod that I wrote. It gathers the album name, artist, genre, time of comment, commenter and also gives a link to /find/?criteria=0&q=the+album+name

For now that is how it links back into the site but in the future I will make this so the typical pages for the albums are what gets linked to rather than the search page as well as adding the album art as I have in the feeds for the top10, popular and so on. The images of course only display in firefox since ie does not like to show them.

So far this has been fun and I have been very impressed with the code. Great stuff.

I love the addition of headers.php. A most excellent choice. I have made an addition so that you may supply stylesheets specific to the page you are on. This would also be good for including javascript that is specific to a page.

In /inc/func.php

function assignHeaders(&$tpl, $page) {

global $titles, $description, $keywords, $styles, $sname, $headers;
$headers['SELFNAME'] = $sname;

if (count($headers)>0)
foreach ($headers as $k => $v) {
$titles[$page] = str_replace('{'.$k.'}', $v, ($titles[$page]<>'')?$titles[$page]:$headers[$page]);
$description[$page] = str_replace('{'.$k.'}', $v, ($description[$page]<>'')?$description[$page]:$headers[$page]);
$keywords[$page] = str_replace('{'.$k.'}', $v, ($keywords[$page]<>'')?$keywords[$page]:$headers[$page]);
$styles[$page] = str_replace('{'.$k.'}', $v, ($styles[$page]<>'')?$styles[$page]:$headers[$page]);
}
$titles[$page] = preg_replace('/\{.+?\}/', '', $titles[$page]);
$description[$page] = preg_replace('/\{.+?\}/', '', $description[$page]);
$keywords[$page] = preg_replace('/\{.+?\}/', '', $keywords[$page]);
$styles[$page] = preg_replace('/\{.+?\}/', '', $styles[$page]);
$tpl->assign('SELFNAME', $sname);
$tpl->assign('TITLE', $titles[$page]);
$tpl->assign('DESCRIPTION', $description[$page]);
$tpl->assign('KEYWORDS', $keywords[$page]);
$tpl->assign('STYLESHEETS', $styles[$page]);

}


in /config/headers.php for each page

$styles['content']='<link href="{ROOTDIR}/share/example/styles.css" rel="stylesheet" type="text/css" />';


And for the index.tpl

replace
<link href="{ROOTDIR}/share/example/styles.css" rel="stylesheet" type="text/css" />


with

{STYLESHEETS}

команда фиесты засела за словари :)

if(!$page = getRewritePage() ) {
/* if and only if the REQUEST_URI is empty or equal to a slash should we be returning a status 200 ok. */
if (empty($_SERVER['REQUEST_URI'])||$_SERVER['REQUEST_URI']=='/') {$page = "content";}
else {
/*
Return proper 404 not found status so search engines do not ban or demerit
for duplicate content but we still allow the same content page to be shown
so as to keep the user who stumbled upon a broken link.
*/
header("Status: 404 Not Found",true,404);
header("HTTP/1.0 404 Not Found");
$page='content';
}
}
/* We should also be checking if a file exists before trying to include it */
if (file_exists(_root_.$page.'.php')==true)
include(_root_. $page. ".php");

There's some strange bug in this exact copy of forum engine, so we just can't add language. May be upgrade will help.
Anyway, thanks for your job!

ahh no worries, I can not use the mp3fiesta anymore anyways :/ see my other post.