Forums

ChronoForms v8 is now WordPress ready, ChronoMails is out

The JED needs volunteers!

Form displaying on white BG instead of joomla template

cl
claudem 25 May, 2013
Hi,

I am working on a form and it is showing on a white background instead of the template background. I also checked other forms which I had previously used on the same site and they also did the same even though they had previously worked OK.

IT seems I might have unknowingly changed some settings, but not sure what that might be.

Thank you in advance for your help.

Claude
cl
Gr
GreyHead 25 May, 2013
Hi Claude,

Please see this message at the bottom of the page:

Warning: base64_decode() has been disabled for security reasons in /home/chooswel/domains/bluemed.org/public_html/components/com_chronocontact/libraries/chronoform.php on line 534

You'll need to white-list the com_chronocontact files to get them to work correctly.

Bob

PS This is a pretty inept piece of security setting; although it is sometimes used to wrap hacked code there are also plenty of completely legitimate reasons to use base64 encoding in PHP.
cl
claudem 27 May, 2013
Hi Greyhead,

thanks for your help. Umm I don't really know any php. here are the two references to base64
that I found. What should I do?


md5('chrono'));
}else{
//srand((double)microtime()*10000);
//$inum = substr(base64_encode(md5(rand())), 0, 16);
//$session->set('chrono_secret_check_'.$formname, $inum, md5('chrono'));
return md5(trim($secret).$session->getId());
}*/
return md5(trim($secret).$session->getId());
}




and



{
global $mainframe;
$database =& JFactory::getDBO();
$query = "SELECT * FROM `#__components` WHERE `option` = 'com_chronocontact' AND parent='0' AND admin_menu_link='option=com_chronocontact'";
$database->setQuery( $query );
$result = $database->loadObject();
//$configs = JComponentHelper::getParams('com_chronocontact');
$configs = new JParameter($result->params);
if($configs->get('licensevalid', 0)){
return '';
}else{
return base64_decode('PCEtLSBZb3UgYXJlIE5PVCBhbGxvd2VkIHRvIHJlbW92ZSB0aGUgZm9sbG93aW5nIDMgbGluZXMgaWYgeW91IGRpZG50IGJ1eSBhIGxpY2Vuc2UgLS0+IA0KPGRpdiBjbGFzcz0iY2hyb25vZm9ybSI+DQo8YSBocmVmPSJodHRwOi8vd3d3LmNocm9ub2VuZ2luZS5jb20iPlBvd2VyZWQgQnkgQ2hyb25vRm9ybXMgLSBDaHJvbm9FbmdpbmUuY29tPC9hPg0KDQo8L2Rpdj4NCjwhLS0gWW91IGFyZSBOT1QgYWxsb3dlZCB0byByZW1vdmUgdGhlIDMgbGluZXMgYWJvdmUgaWYgeW91IGRpZG50IGJ1eSBhIGxpY2Vuc2UgLS0+');
}
}
Gr
GreyHead 27 May, 2013
Hi claudem,

Ask your web host to white-list those files - or change web host.

Bob
This topic is locked and no more replies can be posted.