RevCMS Bugged news

[Razz]

Alright so every since I isntalled the dynamic IP restriction feature to my IIS the news has been bugged. I know this doesn't have to do anything with the news. I have already replaced various files, for instance, replaced the whole ASE, and make sure it was running web.config, and I've replaced the WHOLE housekeeping folder in my theme. I'm currently running Tashia's edit(fixed). I have also replace the cms_news in my database, nor that didn't work.

Here's a picture of what it looks like:

 

[AlexFallen]

Simple!
Go to c:\inetpub\WWWROOT\app\tpl\skins\YOURSKIN\hk\news2.php and open up news2.php.

Then find:

mysql_query("INSERT INTO cms_news (title,shortstory,longstory,published,image,author, campaign, campaignimg) VALUES ('" . filter($_SESSION["title"]) . "', '" . filter($_SESSION["shortstory"]) . "', '" . filter($_SESSION["longstory"]) . "', '" . time() . "', '" . filter($_POST["topstory"]) . "', '" . filter($author) . "', 0, 'default')") or die(mysql_error());

And Replace With:

mysql_query("INSERT INTO cms_news (title,shortstory,longstory,published,image,author, campaign, campaignimg) VALUES ('" . filter($_SESSION["title"]) . "', '" . filter($_SESSION["shortstory"]) . "', '" . ($_SESSION["longstory"]) . "', '" . time() . "', '" . filter($_POST["topstory"]) . "', '" . filter($author) . "', 0, 'default')") or die(mysql_error());

Or just use this:

You must be registered for see links

and paste it into news2.php

 

[Razz]

I've just tried that. So far it's not working. Any other suggestions?

 

[AlexFallen]

EDIT:
Replace your class.form.php with this.
Try and see if this does anything.

 <?php
 
namespace Revolution;
if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); }
class forms implements iForms
{
 
public $error;
 
final public function setData()
{
global $engine;
foreach($_POST as $key => $value)
{
if($value != null)
{
$this->$key = $engine->secure($value);
}
else
{
$this->error = 'Please fill in all fields';
return;
}
}
 
}
 
final public function unsetData()
{
global $template;
foreach($this as $key => $value)
{
unset($this->$key);   
}   
}
 
final public function writeData($key)
{
global $template;
echo $this->$key;
}
 
final public function outputError()
{
global $template;
if(isset($this->error))
{
echo "<div id='message'> " . $this->error . " </div>";
}
}
 
/* Manage different pages */
 
final public function getPageNews()
{
global $template, $engine;
 
if(!isset($_GET['id']) || !is_numeric($_GET['id']))
{
$_GET['id'] = 1;
}
$result = mysql_query("SELECT title, id FROM cms_news WHERE id != '" . $engine->secure($_GET['id']) . "' ORDER BY id DESC");
 
while($news1 = mysql_fetch_array($result))
{
$template->setParams('newsList', '&laquo; <a href="index.php?url=news&id='.$news1["id"].'">' . $news1['title'] . '</a><br/>');
}
 
$news = $engine->fetch_assoc("SELECT title, shortstory, longstory, author, published FROM cms_news WHERE id = '" . $engine->secure($_GET['id']) . "' LIMIT 1"); 
$template->setParams('newsTitle', $news['title']);
$template->setParams('newsContent', $news['longstory']);
$template->setParams('newsAuthor', $news['author']);
$template->setParams('newsDate', date("d-m-y", $news['published']));
$template->setParams('newsPreview', $news['shortstory']); 
 
unset($result);
unset($news1);
unset($news);
}
 
final public function getPageHome()
{
global $template, $engine;
$a = 1;
$data = mysql_query("SELECT title, id, published, shortstory, image FROM cms_news ORDER BY id DESC LIMIT 5");
 
while($news = mysql_fetch_array($data, MYSQL_ASSOC))
{
$template->setParams('newsTitle-' . $a, $news['title']);
$template->setParams('newsID-' . $a, $news['id']);
$template->setParams('newsDate-' . $a, date("d-m-y", $news['published']));
$template->setParams('newsPreview' . $a, $news['shortstory']);
$template->setParams('newsCaption-' . $a, $news['shortstory']);
$template->setParams('newsIMG-' . $a, $news['image']);
$a++;
}
 
unset($news);
unset($data);
}
 
}
 
?>