phpback / phpback Goto Github PK
View Code? Open in Web Editor NEWPHPBack is an open source feedback system
Home Page: http://www.phpback.org/
License: GNU General Public License v3.0
PHPBack is an open source feedback system
Home Page: http://www.phpback.org/
License: GNU General Public License v3.0
The new recaptcha standard used in https://www.google.com/recaptcha/intro/index.html is more user friendly then the current in use one. It would be nice if we can upgrade to the new version or at least enable selection of which version we can use.
The application seems to be translated into various languages, but there is no way to change the language or to set it when creating the account or elsewhere (as you don't have a user settings page).
I don't know if the language is automatically detected, but if it is the case it doesn't work.
when you login as the owner of idea or admin, and open idea, the delete idea button not working
Hi there
I recently downloaded phpBack to run in conjunction with another site and get user feedback for that site. I am running on an IIS server and had a few initial challengers to get phpBack running (installed fine but then could not find the various pages - IIS error telling me they did not exist).
I managed to overcome that by installing URL Rewrite 2 onto the IIS server and adding a web.config file to the site with some rewrite rules (file attached).
However, my issue now is that the HTML is not rendering correctly - it almost looks as though it is not applying the CSS styles at all.
I have attached a screen shot of how the page renders along with the web.config file I added
Any thoughts on the issue?
Thanks
same as #41 but on bing
WARNING!
This site might download malicious software that can harm your computer. Learn More
We recommend you choose another result or you can go to this site anyway.
To learn more about why this URL was marked as malicious, please visit the Bing Site Safety page.
http://www.bing.com/toolbox/bing-site-safety?url=http%3a%2f%2fwww.phpback.org%2f
Site Safety Report for http://www.phpback.org/
URL Status
The URL is currently classified as suspicious due to the following detection types:
- Malware Network Reference
- Malicious JavaScript
- Indications of malicious activity.
- Malware Found on Adjacent Pages
Suspicious content was last detected at this URL on 2/15/2016.
Scan Information
This URL was last scanned on 3/14/2016.
We have scanned this URL 26 time(s) over the past 30 days.
If you want to attract contributors, you should improve the quality of your code right now because it difficult to understand and to maintain:
It would be interesting to specific user groups access to provide to certain categories.
As an an example:
Followed all the instructions and it looks like it installs ok however when I goto admin or login or post new idea all i get is No input file specified.
featuredstreamer.com/feedback/
When creating a new user before login in,
I got the following error:
Error Number: 1364
Field 'banned' doesn't have a default value
INSERT INTO `users` (`name`, `email`, `pass`, `votes`, `isadmin`) VALUES ('Comfort food', '[email protected]', '$2a$08$.hnucYdZeHrqVU96l22IGeRoO36IWFVaw4oqFSX.xkY3NwqhsE4Bu', 20, '0')
Filename: /var/www/models/post.php
Line Number: 54
Missing banned
Solution:
Add value for banned in array $data line 51
vi application/models/post.php
44 else{
45 $data = array(
46 'name' => $name,
47 'email' => $email,
48 'pass' => $pass,
49 'votes' => $votes,
50 'isadmin' => '0',
51 'banned' => '0'
52 );
53 }
54
When creating a new user account, an error is thrown in line 48 of controllers/action.php saying that function ereg()
is deprecated (caused by a new version of php). We should use preg_match()
instead.
The install folder of phpback_v1.2.0.zip is empty.
So the steps described in the installation guide do not work.
Please add support for composer
When i have upload all files (phpback_v1.2.0 files from http://www.phpback.org/) to my local web server (IIS) and fill in the details.
I fill index1.php
(MySQL hostname, MySQL username and password, MYSQL database) & admin name, email, password and click proceed i moving to the next step.
Then i fill in the details there.
Feedback title, Mail email, leaving recaptcha blank because I don't know how it works yet.,
and click proceed. I get a (HTTP 404-error).
The installation creates the database but it doesn't creates any entries on the tables.
PHPBack seems to build atop an older version of CodeIgniter, which has numerous security vulnerabilities:
Please update system/
to the latest version of CodeIgniter.
i try to create idea using "(" character and it appear in the url and create an error:
The URI you submitted has disallowed characters.
Not really secure and also PHP will throw a notice for this:
PHP Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash.
Hi there!
I recently added CodeIgniter multi language support to this project.
It is necessary to add more language files in application/languages
folder.
Feel free to create a pull request adding more languages files.
Thank you!
hi, i just try to install ohoback,
and after i input my mysql detail and admin, and click "proceed"
the url go to mydomain.com/install/install1.php and the display just blank white screen with no error
and the installation failed
If we can select multiple categories to a question this would give more flexability
Unfortunately you can not successfully register at "PHPBack Feedback" (www.phpback.org/feedback/). I would love to give my feedback to you.
In admin panel, when I select:
The secondary tabs (eg "New Ideas" of "Ideas and Comments") doesn't look clickable for user (I'm not speaking from a technical perspective here, but from a user point of view). You should change the mouse pointer icon to hand for these tabs.
I found an error when users try to register account, they always get "invalid email" error
Hi,
Thks for this application.
I tried to install it from 1.3 et 1.2 but I have a message error in administration page :
Parse error: syntax error, unexpected '[' in /var/www/html/phpback/vendor/visualappeal/php-auto-update/src/AutoUpdate.php on line 362
Best regards
PHP 5.3.8
Mysql 5.5.15
Apache/2.2.9 (Fedora)
Hi,
I was testing code for security vulnerabilities and got few one. i am not done with my testing but still i want to update you.
in home controller, code for search functionality
`public function search() {
$data = $this->getDefaultData();
$query = $this->input->post('query');
$data['ideas'] = $this->get->getIdeasBySearchQuery($query);`
data from post parameter 'query' is passing to function getIdeasBySearchQuery
and in getIdeasBySearchQuery function, code is exploding input data on the basis of space and then crafting SQL query. In whole process, user supplied data is not getting filter which is arising remote SQL Injection vulnerability.
Payload to confirm the vulnerability is
URL
http://127.0.0.1/phpback-master/home/search
query=')%0Aor%0Aextractvalue(6678,concat(0x7e,(select%0Auser()),0x7e))--%0A%23
above injected request will fetch database user username
i have figured out other vulnerabilities to which i will drop soon
Thank you
MySQL 5.5+ and MariaDB seem to have sqlmode=STRICT_TRANS_TABLES enabled by default on new installations. Most of the phpback insert queries have 'id' => ''
, which causes the error with strict mode enabled. I think the queries should be revised for compatibility, as many users will not be able to modify their database server settings.
Temporary fix: comment out sqlmode line in my.ini and restart MySQL
To let MySql generate sequence numbers for an AUTO_INCREMENT field you have three options:
-specify list a column list and omit your auto_incremented column from it as njk suggested. That would be the best approach. See comments.
-explicitly assign NULL
-explicitly assign 0
http://stackoverflow.com/questions/14762904/incorrect-integer-value-for-column-id-at-row-1
Some unit testing (or integration test) is needed for this project.
I'll be adding it soon.
Conclude the installation, but the friendly urls do not work.
I'm not using fastCGI
The way you generate random string is not safe. You should rely on PHP Internal/openssl
See how I revisited you code:
https://github.com/bbalet/phpback/blob/e9b2415f1d845cb607b156e65f236a5f4f359dd4/install/install1.php#L130
Hello,
We would like to use your wonderful web application.
But for registration it needs to have first name + name and we just would like to get an alias (just one word) for the name. Do you think that it's possible please ?
Regards,
Marie
I login as admin and created ideas, and then I try to open it via click on its category, but this error appear:
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
SELECT * FROM ideas WHERE categoryid='1' AND status !='new' ORDER BY votes DESC LIMIT 0,
Filename: /home/jarfeed/public_html/models/get.php
Line Number: 111
when I try to install, I got 500 internal server error, the URL: install/index2.php
I've created a few 'ideas', using both admin and non-admin accounts. The ideas are visible in the admin/ideas page. I can also open them and vote on them.
However, no ideas show up in the front page. "Last Completed Ideas" etc. are all blank. All ideas are in the (sole existing) category 'foo', but the 'home/category/1/foo' page is empty, too.
My understanding is that the ideas should be visible somewhere.
Is there a way to receive email notifications each time that somebody creates an idea or comment.
Or if I can edit the code to do so?
Hi,
is it possible to write an feedback as guest (without any registration / login)?
regards
I've create an idea and deleted the idea and now I've a -1 on the category.
Is there any plans on upgrading to CI 3.0.X?
After a clean install in a subdomain, everything seems to work right. When trying to use System Settings (/admin/system), I get a blank page with no error.
Could it be an .htaccess issue?
Thanks!
I get a 404 page not found when installing after the SMTP screen (http://localhost/feedback/install/install2.php)
I am installing on IIS with MySQL 5.6
The tables should have a prefix on the database.
You should clean the folder /public/js because you have various version of the lib and a mix of minified and full source.
I am able to flag, but I am unable to delete,
When i have upload all files (phpback_v1.2.0 files from http://www.phpback.org/) to my web hosting company and fill in the details.
for PHPBack installation
(MySQL hostname, MySQL username and password, MYSQL database) & admin name, email, password and click proceed i moving to the next step.
Then i fill in the details there.
Feedback title, Mail email, leaving recaptcha blank because I don't know how it works yet.,
and click proceed. when i came to http://feedback.supportportalen.mobi/install/install2.php i get error.
(HTTP 404-error), im going back to my ftp and take a look at the install map.
The install map is empty. Why?
Then if i go to http://feedback.supportportalen.mobi/ i get error:
A Database Error Occurred
Unable to connect to your database server using the provided settings.
Filename: core/Loader.php
Line Number: 347
Can you explain how I can solve the problem?
https://dl.dropboxusercontent.com/u/42214358/supportportalen/errors/error_install_phpback.mp4
Is there any Documentation on how to customize the UI
Hello (again)
When I was testing, I create an idea and it appears in the right list. "1" appears for the category but as it wasn't validated it doesn't appear on the page...
Thank in advance for your reply
Regards
Hi,
How do I know the reason for this pgn stay blank?
When I navigate to the Admin page I see this error. In the wiki there is no description on which folder I need to give what permission to fix this error.
A PHP Error was encountered
Severity: Warning
Message: mkdir(): Permission denied
Filename: src/AutoUpdate.php
Line Number: 199
Extracting the files to our web root and having installed the application, we now encounter a 404 if we want to log in, post an idea, etc.
urls include but might not be limited to:
/home/postidea
/home/login
/home/search
Apache Access log reports:
"GET /home/postidea HTTP/1.1" 404 2097 "http://yourServer.de/" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36"
"GET /favicon.ico HTTP/1.1" 200 3306 "http://yourServer.de/home/postidea" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36"
"GET /home/login HTTP/1.1" 404 2098 "http://yourServer.de/" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36"
"POST /home/search HTTP/1.1" 404 2097 "http://yourServer.de/" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36"
Issue seems unaffected by browser, tested with up2date FireFox, Apache und IE.
I assume I did something wrong, maybe the server setup is wrong. I don't know my way around CI enough to figure it out myself.
Google is flagging www.phpback.org as harmfull: "This site may harm your computer."
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.