Recent Topics

1 Apr 18, 2005 13:29    

Has anyone hacked b2evo to return to the "Last comments" page after a comment has been edited or deleted after following a 'Edit' or 'Delete' link?

I am putting a comment moderation together and wonder if someone has done this [easy i assume] hack.

Forgetting about comment moderation for a moment - if you wanted to delete spam comments now, you would go to the 'Last comments' page (because that's the best place to see a list of last comments along with 'Delete' buttons), but after pressing 'Delete' you have to navigate to the 'Last comments' again.

2 Apr 18, 2005 20:46

All you need to do is add the code that calls the right page once the button has been clicked, right? It reloads the page when a comment is deleted, so you just need to change that to the right page (index.php?disp=comments).

3 Apr 18, 2005 22:08

And I probably need to pass that in the parameters (as the code for deleting comments is in /b2evocore and may be called from a number of locations - a) admin interface, b) last comments page, c) the post page).

Something like this (in _class_comment.php):

$url = $admin_url.'/edit_actions.php?action=deletecomment&comment_ID='.$this->ID;

amended with '&goto=index.php?disp=comments'

Or just modify edit_actions.php, which is called from _class_comment, to go to the referring page after completing the action.

In both of these cases (passing return addr in url or getting url from referrer) I do not know how good it is security wise - can't this returned address be used by 3rd parties to hack something in b2evo?

4 Apr 18, 2005 22:14

I don't see how. Hitting any page in the admin area requires a login, and you could wrap your hack with a check to see if the user is logged in, else die.

Form is loading...

CMS + forums – This forum is powered by b2evolution CMS, a complete engine for your website.