Forum

This forum is now read-only. Support is provided at https://wordpress.org/support/plugin/sermon-browser/

Please consider registering
guest
sp_LogInOut Log Insp_Registration Register
Register | Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
sp_Feed Topic RSSsp_TopicIcon
Sermon Browser Not Uploading Typed in URL For Sermons
26 January, 2015
7:09 pm
jacobske@msn.com
Member
Members
Forum Posts: 5
Member Since:
23 February, 2014
sp_UserOfflineSmall Offline

Good Morning,

Need some help big time.  Using the latest version of Wordpress, Sermon Browser, etc.  

Many working properly, for example:

http://www.heritagepbc.org/hom.....mon_id=265

Not working properly:

Type the information in like normal, FTP the file up to normal location, save, and then go view...problem for example:

http://www.heritagepbc.org/hom.....mon_id=266

This one was working properly until I resaved it after editing it.  No change in the Attachment URL name, just cut it and replaced it with the same info.  My new entries files look like the id=266 above.

See an Earth Globe where the WP player normally appears.  File not found when you click on the globe...its URL is:  

http://www.heritagepbc.org/hom.....le_name= 

New entry from yesterday not working: http://www.heritagepbc.org/hom.....mon_id=269

Earlier in the week I tried using the WP export tool to export the sermon information so I could upload it in a new site.

Thanks!

Kip

28 January, 2015
7:20 pm
Extrafino
Enthusiast
Members
Forum Posts: 43
Member Since:
5 July, 2013
sp_UserOfflineSmall Offline

What version of PHP is your webspace running?

And, if you go and check inside your database, do you see any changes?

28 January, 2015
10:09 pm
jacobske@msn.com
Member
Members
Forum Posts: 5
Member Since:
23 February, 2014
sp_UserOfflineSmall Offline

Thanks for responding.

Version is php 5.5.20.

I can manually update the url name in the _sb_stuff part of the database and it appears/works correctly.  Unfortunately for some reason I cannot get the url to save when I add a new sermon or edit an older sermon.

Kip

28 January, 2015
11:14 pm
Extrafino
Enthusiast
Members
Forum Posts: 43
Member Since:
5 July, 2013
sp_UserOfflineSmall Offline

Try what I did here... I think you have the same problem and your filename is empty after save

https://www.sermonbrowser.com/f.....es-broken/

28 January, 2015
11:35 pm
jacobske@msn.com
Member
Members
Forum Posts: 5
Member Since:
23 February, 2014
sp_UserOfflineSmall Offline

Extrafino...from your link, "It seems it is the same problem I (you) already had.  I am (you are) using a PHP Version which does not support the function mysql_real_escape_string, everything passing through this function will return without a value.  I (you) had to remove 8 occurences in sermon-browser/sb-includes/ajax.php and use  $wpdb->prepare to protect from SQL attacks.

So it will now look like this

$ssname = $_POST['ssname'];

After this, everything works again."

Two questions:

1 - Where did you do/put this, "$wpdb->prepare to protect from SQL attacks"?

2 - If the "function mysql_real_escape_string, everything passing through this function will return without a value", why does everything save except the typed in URL?

Thanks for the help!

Kip

29 January, 2015
2:57 pm
Extrafino
Enthusiast
Members
Forum Posts: 43
Member Since:
5 July, 2013
sp_UserOfflineSmall Offline

Regarding your question

If the "function mysql_real_escape_string, everything passing through this function will return without a value", why does everything save except the typed in URL?

Because the programming looks like this: $sname = mysql_real_escape_string($_POST['sname']);

So only the name is put through this function and not the other values, because they require no user input.

Regarding

Where did you do/put this, "$wpdb->prepare to protect from SQL attacks"?

I removed all occuences of mysql_real_escape_string and used $wpdb->prepare everywhere where data is saved to the database. That means anywhere you find $wpdb->query("INSERT INTO 

Forum Timezone: Europe/London
Most Users Ever Online: 381
Currently Online:
Guest(s) 7
Top Posters:
Rich Brown: 358
Matt Schlueter: 93
Mindy: 72
Don Johnson: 65
anointed: 57
0be1: 55
Member Stats:
Guest Posters: 7
Members: 3188
Moderators: 1
Admins: 1
Forum Stats:
Groups: 1
Forums: 2
Topics: 1713
Posts: 7499
Newest Members:
marktest, deatles50, ValeriaGoodriz, dapedPup, oapedPup, Margarettoimb
Moderators: Ben Miller: 1628
Administrators: Mark Barnes: 435