Got the easy part down, find it easy to work in the control panel enviroment,
but displaying, modifying and editing content back and forth from db.

But now i want to work with user end app's.
I sorta got it narrowed down how to move around inside a php
file using do, get and request. almost like cp area.

and i got vb styled pages working, using header,footer etc.

Let me put up an exsample.

i have some content in the db, i want to show a user.

the user clicks some botton etc and gets to the point where the
content should be shown in the php file,,

So my question is how do i get the php file and templates to work together ?
i can get content from the db using the php file correct ?
and i style the user view with the template correct ?

so the datamovement would go like this db-> php file -> template -> user view
or am i way off.

any articles on this, or suggestions where i can get more info on this
specifik topic. ?

In the php file, you eval the template to get it to show. You might want to look at this article - [How-To] vBulletin API Basics: Creating Custom Pages & Misc. (https://vborg.vbsupport.ru/showthread.php?t=98009) That might help you out some.

You may also want to look at the many other articles that could help you.

tx lynne, sorta missed that one.

really hard with 0 experience, ;) but i guess only one way to learn :D

tx lynne, sorta missed that one.

really hard with 0 experience, ;) but i guess only one way to learn :D
I learned by doing lots of reading! Oh, and playing on my test site. :)

well okay went through that article, and nothing "new" here.

got all that narrowed down.

mypage.php
mypage_content (template)

Exsample in the db i make a table named .table_prefix."testtable
with 2 colums ID(auto,primary) testcontent(text)

with the content =
ID 1 : line 1
ID 2 : line 2
etc.....

---------------------------here we go the hard part ;) (for me)

I want to display display content from the table lwhere id = 2--

i make my sql query etc.. ...
but where do i make the query, do i make it inside the template ?
or do i make it in the .php file ?

i got my table's in the the template but when i try to run
a query in the templates it just bugs.

i can run querys in the php but cant make it fit into the tables
i import/read from the templates.. hehe lol

confusing, i hope you know what i mean, and what im trying to achive.
i donot have anything to display,
just doing alot of test pages, which i usually delete when they mess to
much up.. :D



EDIT :

- Got php pages and creating vb powered pages
- Got using the querys in vb
- Got using templates.

But mixing it together.. ehhh.. im lost. :D

Queries go in the php page - mypage.php - before you eval the template.

Queries go in the php page - mypage.php - before you eval the template.

allright thank you..

eksample i then do a query

----------template page---------

<table......
.....some content, phrases... . etc
<tr> <td>$test</td></tr>
</tr>
</table>
------------------------------------
?
?
?
-----------php page-----

$test = querystring........

eval template

----------------------------


did i understand it correctly ? ;)

EDIT ADD :

saw this post https://vborg.vbsupport.ru/showthread.php?t=205362
and think i got it right time for some tests.

I wrote a fairly simple mod that does a query and then spits out some stuff on vb like page. It has two templates with it. You may want to take a look at it. It's here - View all your social group messages (https://vborg.vbsupport.ru/showthread.php?t=205163). It may help you with figuring out how to do what you want.

ahh yes, then i got it right..

then its the evel thats bugging me...

Php page named "Test.php" in forumroot

// ################################################## #####################
// ######################## START MAIN SCRIPT ############################
// ################################################## #####################

if (!isset($vbulletin->userinfo['userid']) OR $vbulletin->userinfo['userid'] == 0)
{
print_no_permission();
}

if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'main';
}
if ($_REQUEST['do'] == 'main')
{

$navbits = array();
$navbits[$parent] = 'Test Page A';

$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');

$testmessage = $vbulletin->db->query_read_slave("
SELECT evireviewpost.RID as RID, evireviewpost.Rtitle as Title,
evireviewpost.Rdesc as BESK, evireviewpost.Rscore as Score,
evireviewpost.Ruid as user, evireviewpost.Rlink as link
FROM " . TABLE_PREFIX . "evireviewpost as evireviewpost
WHERE evireviewpost.RID = 1
");

// eval('print_output("' . fetch_template('test_testa') . '");');
eval('$testmessage.= "' . fetch_template('test_testa') .'";');
// eval('$messagebits .= "' . fetch_template('socialgroups_messagelistbits') .'";');

}

and my template named "test_testa"


$stylevar[htmldoctype]
<html xmlns="http://www.w3.org/1999/xhtml" dir="$stylevar[textdirection]" lang="$stylevar[languagecode]">
<head>
$headinclude
<title>Test</title>
</head>
<body>
$header
<if condition="$navbar">$navbar<else /><br /><br /></if>


<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
<tr>
<td class="tcat">$testmessage[Title]</td>
</tr><tr>
<td> $testmessage[RID] - $testmessage[BESK]</td>
</tr><tr>
<td> normal text </td>

</div>
</td>
</tr>
</table>


$footer

</body>
</html>

and a screenshot of the database content..

94884

when using Print output eval works fine, when using $testmessage just says
error at random lines in eval()_line x

this is my only current barrier for some modding :D

---- EDIT found the ) and replaced with ; in the end of Eval line,
howewer instead of an error a blank page? wth.. :p

When you just do a query (query_read), the result is just a pointer to where that data is. You then need to tell it that you would like to please see the actual data. You do that with fetch_array or similar. vBulletin does have a special way of doing both of those steps together if the result is just one item. That would be query_first in place of query_read.

so your saying i need to

1) Query
$getcontentA= $vbulletin->db->query_first(" ....

2) Start an array ?
while ($data = $vbulletin->db->fetch_array($getcontentB){

3) Then eval
eval('$data.= "' . fetch_template('test_testa') .'";');

4) end the while
}

Just to display a single row of colums, which i allready have selected in the query using WHERE.

... well of to bed, dosent make sence at all.

EDIT just tryed something else..


$result = $vbulletin->db->query_read("SELECT RID, Rtitle, Rdesc, Rscore, Ruid, Rlink, FROM " . TABLE_PREFIX ."evireviewpost WHERE RID = 1");
while ($row = $db->fetch_array($result))
{
$rowid = $row['RID'];
$Rtitle = $row['Rtitle'];
$Rdesc = $row['Rdesc'];
$Rscore = $row['Rscore'];
$Ruid = $row['Ruid'];
$Rlink = $row['Rlink'];
eval('print_output .= "' . fetch_template('test_testa') . '";');
}

But this just gives me a unspecified error at last line ?> EDIT 2, ; error,, parseing,

getting db errro instead. 'FROM evireviewpost WHERE RID = 1' at line 1
just checking this out..
EDIT 3 DB error sorte, its now working..

back to a "blank" page as result.. lol wTH..

working query
$result = $vbulletin->db->query_read("SELECT RID, Rtitle, Rdesc, Rscore, Ruid, Rlink FROM " . TABLE_PREFIX . "evireviewpost WHERE RID = 1");
while ($row = $vbulletin->db->fetch_array($result))
{
$rowid = $row['RID'];
$Rtitle = $row['Rtitle'];
$Rdesc = $row['Rdesc'];
$Rscore = $row['Rscore'];
$Ruid = $row['Ruid'];
$Rlink = $row['Rlink'];
eval('$row .= "' . fetch_template('test_testa') .'";');
}

partial from the template



<td class="tcat"> TEST </td>
</tr><tr>
<td> $rowid - $Rdesc</td>
</tr><tr>
<td> normal text </td>

--------------- Added 1234656725 at 1234656725 ---------------

allright GOT IT WORKING..

ADDED php]eval('print_output("' . fetch_template('test_testa') . '");');[/php]
at the end,, taddaa it "pint" the whole ting.

omg, crazy,, i think i got it.. :)

Um, what I said at the end was to get just one result, use query_first instead of query_read. If it was several rows you were after, you would need to do the while statement.

Reading and wrapping your head around vBulletin's default code will get you some good knowledge. Also see the vBulletin Code Standards section of the vBulletin Manual.

well i figured out to get a list diplayed proberly,

using
eval('$tabel_list .= "' . fetch_template('test_testtabel') .'";');

and the $tabel_testtabel ONLY contains the table formatting not table begin or end

then i made ANOTHER template named test_testa and i place a link/hook/ahm location
named $tabel_testtabel where i wanted the list displayed and it actually works.

which means i really only need one main template with the reference to the
others, and call them from the php file, depending what im trying to display.

Gonna make a complete mini test mod now ;)


@Dismounted : yep, thats where i got the final solution
was looking through the forumhome and trying to figure out how it
shows the categories. :D

just going back and forth until it made some sort of sense.. !

next step - adding user imput to the db with sql injection protection.

next step - adding user imput to the db with sql injection protection.
"SQL injection protection" shouldn't really be an afterthought - it should already be part of your habits. However, the "Creating Secure Mods" article will get you started.

"SQL injection protection" shouldn't really be an afterthought - it should already be part of your habits. However, the "Creating Secure Mods" article will get you started.

im a newb ;)

i now use
'Rdesc' => TYPE_NOHTML,
when getting data from user
and when running query i use

WHERE RUID = '" . $db->escape_string($vbulletin->GPC['RUID']) . "'"

;)

TYPE_NOHTML should be used when you are not entering data into the database, but displaying it. You should be using TYPE_STR, and use htmlspecialchars_uni() when fetching and displaying the data.

TYPE_NOHTML should be used when you are not entering data into the database, but displaying it. You should be using TYPE_STR, and use htmlspecialchars_uni() when fetching and displaying the data.

ahh thats how its supposed to be understod.. tx was confused by the article.

Exsample..

- retrive data


$result = $vbulletin->db->query_read("SELECT someinfo, ...........

// run the array

while ($row = $vbulletin->db->fetch_array($result))
{
$Rtitle = htmlspecialchars_uni($row['someinfo'])
}


And when reciving it from a user to add to the db
i would do


$vbulletin->input->clean_array_gpc('p', array(
'someinfo' => TYPE_STR,

$someinfo =& =& htmlspecialchars_uni($vbulletin->GPC['someinfo']);

$db->query_write("INSERT ignore into table someinfo..................



does this also secure agains XSS crazy people ?

You don't use htmlspecialchars() when inserting into the DB.
$someinfo = $db->escape_stting($vbulletin->GPC['someinfo']);