I created my own PHP-based form that integrates with vBulletin. When the form posts, everything has a value of "S" which makes absolutely no sense. I'll have a text input field called "CompanyName", and then in the code to process the form I'll have:


echo $_POST['CompanyName'];


The value will show as "S". It's like this for all of my fields.

I'm using the method described in this post (https://vborg.vbsupport.ru/showthread.php?t=228112) to generate my form/page. The same file that generates the form is also the one that handles the processing. I'm just using a switch() to check the value of a hidden field that determines if the form has been submitted or not. Of course, that doesn't work right either because the value of that hidden field is also posting as "S", even though if I view source on the form it shows the correct value.

Any ideas why this is happening?


EDIT: I should mention, if I change the target of the form to a PHP file that does not use any of the vBulletin stuff from that post mentioned above (no template or anything, just straight output), the values display properly. I'm assuming it's something that vBulletin does to forms?

It's really hard to tell what is going on from what you said, but you shouldn't be using echo on a page. You should be putting your results into a variable and then the variable in the template.

Also, make sure you are running your form input through the vbulletin cleaner (there are articles on this).

The echo was just for testing purposes when I realized the form wasn't working at all. As far as the input cleaner goes, I was not aware of that. I'll take a look for the article you mentioned.

--------------- Added 1263672988 at 1263672988 ---------------

Just a clarification: by input cleaning, is there something else I should be doing in addition to mysql_real_escape_string()? That's the function I use to prevent SQL injection, but I don't know if you mean that there's something else that vBulletin has to format/handle/process/whatever form data.

--------------- Added 1263673697 at 1263673697 ---------------

Ok, I think I figured it out and it appears to be the problem you've described. I located this post (https://vborg.vbsupport.ru/showthread.php?t=119372) which describes the input cleaner.

When I used clean_array_gpc() and changed $_POST['CompanyName'] to $vbulletin->GPC['CompanyName'], everything looks good so far. I'll keep playing around with this but I think this is the solution.

Thanks again, Lynne.