//================================================================================ // PLEASE DO NOT REMOVE THIS HEADER!!! // // COPYRIGHT NOTICE // This script is licensed under the GPL // // Copyright 2007-2008 Alias 454 Studios and Brandon Keep (c) All rights reserved. // Created 11/18/2007 // Brandon Keep, http://www.openautoclassifieds.com // http://www.alias454studios.com/scripts/ // // Last Modified 05-06-2008 by // Brandon Keep, bkeep@alias454studios.com //================================================================================ // This software IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL // THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR // OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, // ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR // OTHER DEALINGS IN THE SOFTWARE. //================================================================================ Changelog: version v1.4.5b Changed Moved a lot of hardcoded text into the lang file most of the userside tpl files have all of the text in the lang file now. Exceptions are the header, sidebar and index tpl files Fixed listing id is passed as an int version v1.4.4b CRITICAL RELEASE!!! FIXED bypass login SQL injection attack FIXED remote SQL exploit to gather user data by unauthorized user in listing.php FIXED unauthorized user escalation in admin section FIXED SQL attack vulnerability which allows unauthorized user to change database entries version v1.4.3b Fixed function mismatch typo in the image functions and the image php file [partsnthings] Fixed typo in en lang file milage should be mileage Fixed typo in functions php for listing_condition in addListing function [sammy95] Changed listings.tpl will not display empty fields now if no data is in the db column Changed the way random images are displayed on the index page does not show sold autos in the random list Added currency symbol in the lang file [gathrawn] version v1.4.2b Fixed Syntax error when importing openauto.sql[galeens] version v1.4.1b Fixed missing brackets around sql query caused errors when not contacting seller Fixed invalid id in sidebar.tpl for w3c code validator version v1.4.0b Fixed Refined the search functions so the session was reset when performing a new search Added a Loan Calculator page Added a "QUICK SEARCH" on the sidebar Added a stock # box Added Captcha for contact us page Added contact seller feature Added view changes to listing link on edit listing page Added misc new text for new pages in en lang file Added Mark as "SOLD" with a watermark Changed Text in en lang file Removed "static" class functions version rc 1.3.0 Fixed show proper search results when multiple pages of search results Added a search by zip code into search Added a search by state into search Added vin for future use maybe checking with carfax reports Added check for empty zip value when adding new or editing a listing Changed Reduced ad title to only allow 25 chars to reduce line wrapping when browser text set to large Changed Sort order for search items when displayed now shows newest listing first other misc fix/changes version rc 1.2.1 Fixed updated the search Fixed bug that only appears in MySQL 5 not allowing the adding or editing of listings Changed moved some of the static settings into the admin site settings misc fixes/updates version rc 1.2.0 Added Expanded search functionality Added search by min and max price Added dynamic content in title when viewing a listing Added dynamic keywords when viewing a listing Changed Moved all text into the language file except the sidebar.tpl text and link text version rc 1.1.1 Fixed MySQL column count mismatch Changed name= tag to id= in listings.tpl for valid markup version rc 1.1.0 Fixed no image bug added search function added featured listings on front page add javascript onmouseover event to change single listing main image fixed bug for editlistings when logged in as seller misc fixes and style additions/changes changed error text input from referrer to ip address version rc 1.0.0 initial release