Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

I moved Avatar system to 9

I get this error when using the drop down menu or picking an avatar.

Token was not posted.
There was an error while processing your request

Thanks,
John
This is the feature of the core Fusion Defender security measures for Token Security that attempts to prevent CSRF vulnerabilities.

By default, each form has to submit a encrypted salt to be validated by your server every post, and if hash is mismatched, the server will generate that notice. When this happen, all SQL insert/delete actions will be halted immediately before breach happens. However, you need to implement version 9 api for the safeguard measures.

To get rid of the notice, simply use the openform() and closeform() function.

Amend your codes in whichever page has form submissions to the Version 9 Dynamics API. The libraries can be found here:
https://github.com/php-fusion/PHP-Fusion/blob/9.03/includes/dynamics/includes/form_main.php

CodeDownload  
<form name='my_frmName' method='post' action='".FUSION_SELF."' class='display-block'>


is:
CodeDownload  
echo openform('my_frmName', 'post', FUSION_SELF, array('class'=>'display-block'));



CodeDownload  
echo "</form>\n";


is:
CodeDownload  
echo closeform();



Dynamic Components can be found here. https://github.com/php-fusion/PHP-Fusion/tree/9.03/includes/dynamics/includes

To implement defender safety checks, simply wrap your SQL insert/delete with:

CodeDownload  
if (\defender::safe()) {
// it's safe to execute anything here.
}

Do not see the error anymore, but I can only change the avatar once when trying to change it for the second time. The only time I can change it again is to go into the edit profile and delete it. Then go back into the Avatar Studio.

Thanks,
John
Add a

CodeDownload  
redirect(FUSION_REQUEST);



This will refresh the token. After each post, the generated token will be consumed. You need a new token that only can be obtained after each refresh.

Alternatively, you can adjust the max_tokens settings like this.

CodeDownload  
openform('my_frmName', 'post', FUSION_SELF, array('max_tokens'=>10'));



The max tokens means you allow the form to be valid for 10 page refresh without redirecting. (i.e. CTRL+F5 on browser will prompt you that there is cached post data and ask you to confirm). The standard way still is do a redirect..

CodeDownload  

if (isset($_POST['your_button'])) {
 $sanitize = stripinput($_POST['example_field']);
.. do SQL
.. delete / add
// finally
redirect(FUSION_REQUEST);
}



Additional Info

The last parameter of openform provides developers a configuration array methods. (Well, almost all dynamics has this). You can add and stack them up too.

CodeDownload  

$array = array(
        'form_id'    = "",
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
openform('my_frmName', 'post', FUSION_SELF, $array);



Version 9 has huge amount of APIs to play around with, please read them files, because these tools is created to enhance developer's productivity and capabilities.
I tried to add the code but the code but it did not work for last post that you sent me.

CodeDownload  
<?php
/*---------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright © 2002 - 2012 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: avatar_studio.php
| Version: 2.03
| Author: Terry Broullette (Grimloch)
| Email: webmaster@whisperwillow.com
| Web: http://www.whisperwillow.com
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../maincore.php";
require_once THEMES."templates/header.php";

// Check if locale file is available matching the current site locale setting.
if (file_exists(INFUSIONS."avatar_studio/locale/".$settings['locale'].".php")) {
   // Load the locale file matching the current site locale setting.
   include INFUSIONS."avatar_studio/locale/".$settings['locale'].".php";
} else {
   // Load the infusion's default locale file.
   include INFUSIONS."avatar_studio/locale/English.php";
}
define('AVATAR_FOLDER', IMAGES . 'avatars/avatar_studio/');
include INFUSIONS."avatar_studio/include/avatar_functions.php";

opentable($locale['ast_001']);
global $locale, $userdata;

if(isset($_POST['avatar_save'])) {
   if ($userdata['user_avatar']) {
   @unlink(IMAGES."avatars/".$userdata['user_avatar']);
   }
    echo SaveAvatar();
} else {


$array = array(
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
echo openform('avatarform', 'post', FUSION_SELF, array('class'=>'display-block'));




echo "<table width='100%' cellpadding='0' cellspacing='0' class='tbl-border'><tr>\n";
echo "<td align='center'><strong>".$locale['ast_002']."</strong><br /><br /></td>\n";
echo "</tr><tr>\n";
echo "<td align='center' valign='middle' height='28'>";
    $ava_cats = loadAvaCats();
    if(is_array($ava_cats))
    {
        sort($ava_cats);
        echo "<span class='lrg-txt'>".$locale['ast_003']."&nbsp;<select name='avatar_cat'>\n";
        foreach($ava_cats as $cat)
        {
            $selected = ( isset($_POST['avatar_cat']) && $_POST['avatar_cat'] == $cat ) ? 'selected="selected"' : '';
            echo "<option value='$cat'$selected>$cat</option>\n";
        }
echo "</select>&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' class='button' value='&nbsp;".$locale['ast_008']."&nbsp;' />";
echo "</span><br /><br /><br /></td>\n";
echo "</tr></table>\n";
echo "<table align='center' cellspacing='0' border='0' class='ava-tbl'><tr>\n";
echo "<td>\n";
// new table for manual avatar column change
            echo "<table width='100%' cellpadding='4' cellspacing='7'>\n";
        $avatar_cat = (isset($_POST['avatar_cat'])) ? $_POST['avatar_cat'] : $ava_cats[0];
        $avatar_images = loadAvaImgs($avatar_cat);
        if(is_array($avatar_images) && count($avatar_images) > 0)
        {
            $i = 1;
// define the avatar colums to display
            $avatar_cols = 3;
// end define columns
            $avatar_rows = array_chunk($avatar_images, $avatar_cols);
            foreach($avatar_rows as $avatar_images)
            {
                echo "<tr>\n";
                $i = 0;
                foreach($avatar_images as $avatar_name)
                {
                $image = AVATAR_FOLDER . $avatar_cat . '/' .  $avatar_name;
                $name = substr($avatar_name, 0, strrpos($avatar_name, '.'));
                echo "<td class='row1' align='center'>\n".
                "<img src='$image' alt='$avatar_name' title='$avatar_name' /><br />\n".
                "<input type='radio' class='row2' name='avatar_select' value='$avatar_name' />\n".
                "</td>\n";
                $i++;
            }
            if($i < $avatar_cols)
            {
                echo '<td colspan="'. ($avatar_cols - $i) ."\"></td>\n";
            }
            echo "</tr>\n";
        }
            echo "</table>\n";
// end new table
            echo "</td></tr></table>\n";
            echo "<table align='center' cellpadding='0' cellspacing='0' border='0'><tr>\n";
            echo "<td align='center'><br /><br />".(iMEMBER ? "<input type='submit' name='avatar_save' value='&nbsp;".$locale['ast_006']."&nbsp;' class='button' />" : "")."</td>\n";
        }
        else
        {
            echo "<td class='row1' align='center'><span style='color:red; font-weight:bold;'>".$locale['ast_009']."</span></td>\n";
        }
    }
    else
    {
        echo "<td class='row1' align='center'><span style='color:red; font-weight:bold;'>".$locale['ast_010']."</span></td>\n";
    }
    echo "</tr></table>\n";
   echo closeform();


closetable();
require_once THEMES."templates/footer.php";
?>

CodeDownload  
$formSettings = array(
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
echo openform('avatarform', 'post', FUSION_SELF, $formSettings);

Still does not work
their is nothing in the rar file.

Thanks,
John

Quote

their is nothing in the rar file.

Thanks,
John
- by jjwichter


I have my Avatar Studio working fine on V9 but will not work with Bootstrap Theme... still working on solution.
download file,
save avatar and
ctrl+f5
delete cache..
Hey let me know if you get it working with refresh and send me the file.

Thanks,
John
I did the enabled permalink for avatar studio but it does not update the image.

Thanks,
John
Maybe like this, ... if you are wiling to wrap up your codes into .zip and let me have a look whats wrong.
Here is the zip files

Thanks,
John
jjwichter attached the following file:
avatar_studio.zip [15.11kB / 113 Downloads]
I'll start inspection today. But from the way I'm looking at the code first 2 minute, it looks perfectly fine except <font> deprecated HTML tags in SaveAvatar() function.

I'll install it in my system once I am done with today's work on the new site.
Ok good, let me know and send me the change in the code.

Thanks,
John
Thread Information
Author
Replies
18 posts
Views
2,998 times
Last Post
Last updated on 2 years ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: jjwichter, Chan, karrak, Grimloch