FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.
Home » FUDforum Development » FUDforum 3.0+ » Issue with reporting messages
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Issue with reporting messages [message #2044 is a reply to message #2043] Sun, 28 April 2002 17:55 Go to previous messageGo to previous message
Olliver   Germany
Messages: 443
Registered: March 2002
Karma:
Senior Member
Hm. The empty message thing is really annoying. U can flood the forum with this report form. just keep on clicking the button, and the mod will get spammed with useless empty comments. More than that after performing the flooding u can even generate a crash:
Quote:

Query Failed: SELECT fud2_msg.*, fud2_thread.locked, fud2_thread.forum_id, fud2_avatar.img AS avatar, fud2_users.id AS user_id, fud2_users.login, fud2_users.custom_status, fud2_users.display_email, fud2_users.email, fud2_users.posted_msg_count, fud2_users.join_date, fud2_users.location, fud2_users.sig, fud2_users.icq, fud2_users.aim, fud2_users.is_mod, fud2_users.msnm, fud2_users.yahoo, fud2_users.avatar_loc, fud2_users.avatar_approved, fud2_users.invisible_mode, fud2_users.private_messages, fud2_msg_report.id AS report_id, fud2_msg_report.stamp AS report_stamp, fud2_msg_report.reason AS report_reason, fud_users_r.id AS report_user_id, fud_users_r.login AS report_user_login, fud2_ses.time_sec AS time_sec, fud2_level.name AS level_name, fud2_level.pri AS level_pri, fud2_level.img AS level_img, fud2_forum.name AS frm_name, fud_ses_r.time_sec AS time_sec_r FROM fud2_msg_report LEFT JOIN fud2_msg ON fud2_msg_report.msg_id=fud2_msg.id LEFT JOIN fud2_users ON fud2_msg.poster_id=fud2_users.id LEFT JOIN fud2_avatar ON fud2_users.avatar=fud2_avatar.id LEFT JOIN fud2_thread ON fud2_msg.thread_id=fud2_thread.id LEFT JOIN fud2_forum ON fud2_thread.forum_id=fud2_forum.id INNER JOIN fud2_mod ON fud2_forum.id=fud2_mod.forum_id AND fud2_mod.user_id= LEFT JOIN fud2_users AS fud_users_r ON fud2_msg_report.user_id=fud_users_r.id LEFT JOIN fud2_ses ON fud2_ses.user_id=fud2_msg.poster_id LEFT JOIN fud2_ses AS fud_ses_r ON fud2_msg_report.user_id=fud_ses_r.user_id LEFT JOIN fud2_level ON fud2_users.level_id=fud2_level.id ORDER BY fud2_msg_report.id
Reason: You have an error in your SQL syntax near 'JOIN fud2_users AS fud_users_r ON fud2_msg_report.user_id=fud_users_r.id ' at line 48
From: /usr/local/httpd/htdocs/kunden/web180/html/forum/reported.php
Server Version: 3.23.37-log

Seems to me a nice exploit to take revenge on a forum Sad
--edit--
Cleaning up the posts is pretty annoying too as it completely slows down the server. Its no problem to generate 100 empty messages within a minute.
---
bye Ken

[Updated on: Sun, 28 April 2002 18:03]

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: bug: sending pm while not logged in
Next Topic: Bug: Forum's title gets screwed up
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Sep 19 16:08:08 GMT 2024

Total time taken to generate the page: 0.05165 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.1.3.
Copyright ©2001-2023 FUDforum Bulletin Board Software