Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.12) Gecko/2009070611 Fi

[serjuc11111]

I can not reproduce exactly why this happens.Some users are registered using Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.12) Gecko/2009070611 .The problem is:
in oc_t_user i see
fk_i_region_id- NULL
s_region (empty)
fk_i_city_id - NULL
s_city 7642
How can fk_i_city id to be null and s_city to be a numeric value?
And when he post ad, in oc_t_location s_city is a numeric value (7642).
In item post page i have a validation form which make region and city requiered.
I user auto register plugin when someone post ad but i tested it before,and i dont see where the problem can be.
Any advice?has anyone had this problem?Thx in advance!

[serjuc11111]

Image att.

[dev101]

You did not post a complete UA string, but if it is something like Firefox 3 (very very old version), I suspect that is not a real user, but some bot script.

Your validation is client-side only, as bots usually have disabled js, code inside your theme will do nothing to prevent form submission.

Inside, core is by default configured NOT to require any location, so when the bot passes some random numbers, they are just validated against text and replaced by empty.

Internally Osclass would never insert an integer into that field (but NULL instead), so it could be related to your auto-register plugin.

Regards

[serjuc11111]

Auto register plugin has nothing to do with this one.This plugin insert into oc_t_user information,and yes,if user post ad with s_city:7485 then that plugin will insert into oc_t_user s_city that id number,because we are seaching if a user exist by email posted in ad email field.To avoid this we can just leave blank s_city and s_region from oc_t_user(uncomment or delete Params::setParam('regionId',    $input['regionId']);
Params::setParam('cityId',      $input['cityId'])
let's go back to add from itemaction.
I have a function to detect if js is enabled or not in browser and i hide the form...to avoid the form submition with empty field....The problem is:If user disabled js after page is loaded,then form can be submited.
this if from itemaction.php seems to me to be wrong:

<code>
       if( $aItem['regionId'] != '' ) {
                if( intval($aItem['regionId']) ) {
                    $region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
                    if( count($region) > 0 ) {
                        $regionId = $region['pk_i_id'];
                        $regionName = $region['s_name'];
                    }
                }
            } else {
                $regionId = null;
                $regionName = $aItem['region'];
                if( $aItem['countryId'] != '' ) {
                    $auxRegion  = Region::newInstance()->findByName($aItem['region'], $aItem['countryId'] );
                    if($auxRegion){
                        $regionId   = $auxRegion['pk_i_id'];
                        $regionName = $auxRegion['s_name'];
                    }
                }
            }
</code>
That if allow $aItem['regionId'] =='' to save a empty or numeric value to database
                $regionId = null;
                $regionName = $aItem['region'];//this can be numeric like my case
the condition should be:

<code>
       if( $aItem['regionId'] != '' ) {
                if( intval($aItem['regionId']) ) {
                    $region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
                    if( count($region) > 0 ) {
                        $regionId = $region['pk_i_id'];
                        $regionName = $region['s_name'];
                    }
                }
            else {
                $regionId = null;
                $regionName = $aItem['region'];
                if( $aItem['countryId'] != '' ) {
                    $auxRegion  = Region::newInstance()->findByName($aItem['region'], $aItem['countryId'] );
                    if($auxRegion){
                        $regionId   = $auxRegion['pk_i_id'];
                        $regionName = $auxRegion['s_name'];
                    }
                }
            }
       }
</code>
if $aItem['regionId'] != ''  or cityId is not empty we search in database if is numeric we search region by id else by name.
Thx for your time!

[dev101]

Not sure 100% right now as I'm in a hurry, and I do not quite understand your comments below your code with functions... but if you take a closer look, IF any of the input values are not empty (id or name), this means that either condition will be true (not both).

So, let's assume your user/bot entered an empty id, and integer for a name. First condition will not be true (if it was, than it would be easy, as that case takes precedence and will try to find it), so we jump to the next one. Next one will automatically assume that id is NULL, and check to find a proper one by name. But, it will fail.

Next lines are these (not the ones you've posted, so I am confused what you refer to):

Code: [Select]

            $aItem['regionId']      = $regionId;
            $aItem['regionName']    = $regionName;

The array will assign at this stage $regionId as null, and $regionName is undefined equal to $aItem['region'] (because, we also allow users to enter textual values!), so it will keep the integer value, as you describe.

But, then you have osc_validate functions, they are set to "silent mode" as said, but they will remove integer from text inputs and replace them with empty string. At this point, I do not see *how* would it be possible to insert integer into text (??).

Yesterday, before my reply, I have done exactly that scenario with js on initial load, then defeated js validate, and I could not enter integer (it was replaced by NULL).

Take some more tests, and I will also look into this in the upcoming days, could be missing something.

Also, post a complete UA string with FF version please.

(updated, as I've noticed earlier line in the code flow)

[serjuc11111]

 if( $aItem['regionId'] != '' ) {
                if( intval($aItem['regionId']) )
as long as the regionId will never be an empty value,It does not matter if is the name or id regions
the else should be for  if( intval($aItem['regionId']) ) and not for  if( $aItem['regionId'] != '' ).After i investigate that function and my form validation i concluded that any field can not be sent as an empty one.

[dev101]

I have reproduced this with autocomplete inputs.
Your issue is here: https://github.com/osclass/Osclass/issues/2071

One thing why was this allowed is maybe there are cities and regions in the world which may contain numbers in their names (I do not know all that, but it could be a possibility).

Regards

(edited, sorry, it needs to be done differently)

[serjuc11111]

I use drop-down for region and city and option value  is always a integer but not this is the problem.
The problem might be  "intval' from itemaction add() function and preparedata(),this attempts to convert a string of numbers to an integer value.
Location like Bacelona-23-August will cause this problem,inval for this value is -23,and we are searching the location by id,and worst this value is a negative one.Even if the value if a positive one,if we dont have location with that id then   
                $regionId = null;
                $regionName = $aItem['region'];
 $regionName will be integer(positive or negative integer).
We should use is_numeric instead,my opinion.

[serjuc11111]

And yes,you are right about "One thing why was this allowed is maybe there are cities and regions in the world which may contain numbers in their names (I do not know all that, but it could be a possibility)."

[garciademarina]

Dear serjuc11111,

What version of osclass core are you using ?

What theme are you using ?

Regards

[serjuc11111]

I use 3.2 version theme bender!

[serjuc11111]

Solution to my problem.I use dropdown for locations (Country,input hidden)Region and City dropdown.All options value are numeric....so i don't need a second codition.If city not found,i let this empty and error occurs "city is required"

            if( $aItem['cityId'] != '' ) {
                if( intval($aItem['cityId']) ) {
                    $city = City::newInstance()->findByPrimaryKey($aItem['cityId']);
                    if( count($city) > 0 ) {
                        $cityId = $city['pk_i_id'];
                        $cityName = $city['s_name'];
                    }
                }
            } /*else {
            
                $cityId = null;
                $cityName = $aItem['city'];
                if( $aItem['countryId'] != '' ) {
                    $auxCity = City::newInstance()->findByName($aItem['city'], $aItem['regionId'] );
                    if($auxCity){
                        $cityId   = $auxCity['pk_i_id'];
                        $cityName = $auxCity['s_name'];
                    }
                }
            }*/

[Bigiolush]

serjuc11111, salut!

putem comunica pe vre-un chat?

daca folosesti facebook ma gasesti dupa bigiolush