Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.
Navigation

I moved Avatar system to 9

Last updated on 3 years ago
jjwichterjjwichter
Posted 3 years ago
I get this error when using the drop down menu or picking an avatar.

Token was not posted.
There was an error while processing your request

Thanks,
John
ChanChan
Posted 3 years ago
This is the feature of the core Fusion Defender security measures for Token Security that attempts to prevent CSRF vulnerabilities.

By default, each form has to submit a encrypted salt to be validated by your server every post, and if hash is mismatched, the server will generate that notice. When this happen, all SQL insert/delete actions will be halted immediately before breach happens. However, you need to implement version 9 api for the safeguard measures.

To get rid of the notice, simply use the openform() and closeform() function.

Amend your codes in whichever page has form submissions to the Version 9 Dynamics API. The libraries can be found here:
https://github.com/PHPFusion/PHPFusion/blob/9.03/includes/dynamics/includes/form_main.php

<form name='my_frmName' method='post' action='".FUSION_SELF."' class='display-block'>

is:
echo openform('my_frmName', 'post', FUSION_SELF, array('class'=>'display-block'));


echo "</form>\n";

is:
echo closeform();


Dynamic Components can be found here. https://github.com/PHPFusion/PHPFusion/tree/9.03/includes/dynamics/includes

To implement defender safety checks, simply wrap your SQL insert/delete with:

if (\defender::safe()) {
// it's safe to execute anything here.
}
Edited by Chan on 08-11-2017 13:17, 3 years ago
jjwichterjjwichter
Posted 3 years ago
Do not see the error anymore, but I can only change the avatar once when trying to change it for the second time. The only time I can change it again is to go into the edit profile and delete it. Then go back into the Avatar Studio.

Thanks,
John
ChanChan
Posted 3 years ago
Add a

redirect(FUSION_REQUEST);


This will refresh the token. After each post, the generated token will be consumed. You need a new token that only can be obtained after each refresh.

Alternatively, you can adjust the max_tokens settings like this.

openform('my_frmName', 'post', FUSION_SELF, array('max_tokens'=>10'));


The max tokens means you allow the form to be valid for 10 page refresh without redirecting. (i.e. CTRL+F5 on browser will prompt you that there is cached post data and ask you to confirm). The standard way still is do a redirect..


if (isset($_POST['your_button'])) {
 $sanitize = stripinput($_POST['example_field']);
.. do SQL
.. delete / add
// finally
redirect(FUSION_REQUEST);
}


Additional Info

The last parameter of openform provides developers a configuration array methods. (Well, almost all dynamics has this). You can add and stack them up too.


$array = array(
        'form_id'    = "",
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
openform('my_frmName', 'post', FUSION_SELF, $array);


Version 9 has huge amount of APIs to play around with, please read them files, because these tools is created to enhance developer's productivity and capabilities.
jjwichterjjwichter
Posted 3 years ago
I tried to add the code but the code but it did not work for last post that you sent me.

<?php
/*---------------------------------------------------+
| PHPFusion Content Management System
| Copyright © 2002 - 2012 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: avatar_studio.php
| Version: 2.03
| Author: Terry Broullette (Grimloch)
| Email: webmaster@whisperwillow.com
| Web: http://www.whisperwillow.com
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../maincore.php";
require_once THEMES."templates/header.php";

// Check if locale file is available matching the current site locale setting.
if (file_exists(INFUSIONS."avatar_studio/locale/".$settings['locale'].".php")) {
   // Load the locale file matching the current site locale setting.
   include INFUSIONS."avatar_studio/locale/".$settings['locale'].".php";
} else {
   // Load the infusion's default locale file.
   include INFUSIONS."avatar_studio/locale/English.php";
}
define('AVATAR_FOLDER', IMAGES . 'avatars/avatar_studio/');
include INFUSIONS."avatar_studio/include/avatar_functions.php";

opentable($locale['ast_001']);
global $locale, $userdata;

if(isset($_POST['avatar_save'])) {
   if ($userdata['user_avatar']) {
   @unlink(IMAGES."avatars/".$userdata['user_avatar']);
   }
    echo SaveAvatar();
} else {


$array = array(
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
echo openform('avatarform', 'post', FUSION_SELF, array('class'=>'display-block'));




echo "<table width='100%' cellpadding='0' cellspacing='0' class='tbl-border'><tr>\n";
echo "<td align='center'><strong>".$locale['ast_002']."</strong><br /><br /></td>\n";
echo "</tr><tr>\n";
echo "<td align='center' valign='middle' height='28'>";
    $ava_cats = loadAvaCats();
    if(is_array($ava_cats))
    {
        sort($ava_cats);
        echo "<span class='lrg-txt'>".$locale['ast_003']."&nbsp;<select name='avatar_cat'>\n";
        foreach($ava_cats as $cat)
        {
            $selected = ( isset($_POST['avatar_cat']) && $_POST['avatar_cat'] == $cat ) ? 'selected="selected"' : '';
            echo "<option value='$cat'$selected>$cat</option>\n";
        }
echo "</select>&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' class='button' value='&nbsp;".$locale['ast_008']."&nbsp;' />";
echo "</span><br /><br /><br /></td>\n";
echo "</tr></table>\n";
echo "<table align='center' cellspacing='0' border='0' class='ava-tbl'><tr>\n";
echo "<td>\n";
// new table for manual avatar column change
            echo "<table width='100%' cellpadding='4' cellspacing='7'>\n";
        $avatar_cat = (isset($_POST['avatar_cat'])) ? $_POST['avatar_cat'] : $ava_cats[0];
        $avatar_images = loadAvaImgs($avatar_cat);
        if(is_array($avatar_images) && count($avatar_images) > 0)
        {
            $i = 1;
// define the avatar colums to display
            $avatar_cols = 3;
// end define columns
            $avatar_rows = array_chunk($avatar_images, $avatar_cols);
            foreach($avatar_rows as $avatar_images)
            {
                echo "<tr>\n";
                $i = 0;
                foreach($avatar_images as $avatar_name)
                {
                $image = AVATAR_FOLDER . $avatar_cat . '/' .  $avatar_name;
                $name = substr($avatar_name, 0, strrpos($avatar_name, '.'));
                echo "<td class='row1' align='center'>\n".
                "<img src='$image' alt='$avatar_name' title='$avatar_name' /><br />\n".
                "<input type='radio' class='row2' name='avatar_select' value='$avatar_name' />\n".
                "</td>\n";
                $i++;
            }
            if($i < $avatar_cols)
            {
                echo '<td colspan="'. ($avatar_cols - $i) ."\"></td>\n";
            }
            echo "</tr>\n";
        }
            echo "</table>\n";
// end new table
            echo "</td></tr></table>\n";
            echo "<table align='center' cellpadding='0' cellspacing='0' border='0'><tr>\n";
            echo "<td align='center'><br /><br />".(iMEMBER ? "<input type='submit' name='avatar_save' value='&nbsp;".$locale['ast_006']."&nbsp;' class='button' />" : "")."</td>\n";
        }
        else
        {
            echo "<td class='row1' align='center'><span style='color:red; font-weight:bold;'>".$locale['ast_009']."</span></td>\n";
        }
    }
    else
    {
        echo "<td class='row1' align='center'><span style='color:red; font-weight:bold;'>".$locale['ast_010']."</span></td>\n";
    }
    echo "</tr></table>\n";
   echo closeform();


closetable();
require_once THEMES."templates/footer.php";
?>
Edited by jjwichter on 08-11-2017 19:53, 3 years ago
ChanChan
Posted 3 years ago
$formSettings = array(
        'class'      => "",
        'enctype'    => false,
        'max_tokens' => 20,
        'remote_url' => "",
        'inline'     => FALSE,
        'on_submit'  => '',
    );
echo openform('avatarform', 'post', FUSION_SELF, $formSettings);
jjwichterjjwichter
Posted 3 years ago
Still does not work
karrakkarrak
Posted 3 years ago
jjwichterjjwichter
Posted 3 years ago
their is nothing in the rar file.

Thanks,
John
GrimlochGrimloch
Posted 3 years ago

Quote

their is nothing in the rar file.

Thanks,
John
- by jjwichter


I have my Avatar Studio working fine on V9 but will not work with Bootstrap Theme... still working on solution.
karrakkarrak
Posted 3 years ago
download file,
save avatar and
ctrl+f5
delete cache..
jjwichterjjwichter
Posted 3 years ago
Hey let me know if you get it working with refresh and send me the file.

Thanks,
John
karrakkarrak
Posted 3 years ago
Add permalink,
rewrite code,

Uninstall avatar_studio
http://fusionjatek.hu/tmp/avatar_stud...dio3.0.rar
or
https://github.com/karrak1/PHPFusion_...ion_Addons

copy files folder
install avatar studio

Select avatar, if not enabled permalink ctrl+f5 delete cache, if enabled permalink the selected image appears
jjwichterjjwichter
Posted 3 years ago
I did the enabled permalink for avatar studio but it does not update the image.

Thanks,
John
ChanChan
Posted 3 years ago
Maybe like this, ... if you are wiling to wrap up your codes into .zip and let me have a look whats wrong.
jjwichterjjwichter
Posted 3 years ago
Here is the zip files

Thanks,
John
jjwichter attached the following file:
avatar_studio.zip [15.11kB / 138 Downloads]
ChanChan
Posted 3 years ago
I'll start inspection today. But from the way I'm looking at the code first 2 minute, it looks perfectly fine except <font> deprecated HTML tags in SaveAvatar() function.

I'll install it in my system once I am done with today's work on the new site.
jjwichterjjwichter
Posted 3 years ago
Ok good, let me know and send me the change in the code.

Thanks,
John
You can view all discussion threads in this forum.
You cannot start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
You cannot set up a bounty in this discussion thread.
Moderator: Support Team
Users who participated in discussion: jjwichter, Chan, karrak, Grimloch,