Ok I am working on porting a vb 3.0.3 hack to vb 3.5 and globalize is no longer used so I need to know what replaced it and say for instance replace this line:

globalize($_REQUEST, array('u' => INT));

I figured out quite alot of the new stuff just that is questioning my experiences. Kinda mind boggling for me. hehe

Any help would be much appreciated.

Yes this is unaltered file and vbulletin test forum.

Thanks
Myth

$vbulletin->input->clean_gpc('r', 'goto', TYPE_STR);

Change "R" based on which superglobal you want to clean from (request, post, get, cookies, etc)

Change goto to the variable you wish to clean, and type_str to the type you want to clean it to (find them in a file somewhere, not sure which)

You should then use the below method to access the variable (not it doesnt get "globalised").

$vbulletin->GPC['goto']

You may also clean multiple variables in one command,

$vbulletin->input->clean_array_gpc('r', array(
'perpage' => TYPE_UINT,
'pagenumber' => TYPE_UINT,
'highlight' => TYPE_STR,
'posted' => TYPE_BOOL,
));

Thanks that helped.

Now I get this error:
Database error in vBulletin 3.5.0 Release Candidate 2:

Invalid SQL:

SELECT username
FROM vbuser
WHERE userid =;

MySQL Error : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3
Error Number : 1064
Date : Monday, September 5th 2005 @ 09:35:22 AM
Script : http://www.eternaltide.net/test/admincp/qas.php?&do=qaslink&u=1
Referrer :
IP Address : XX.XXX.XXX.XX
Username : Admin
Classname : vb_database

This is what its referring to:
$vbulletin->input->clean_array_gpc('r', array( 'u' => TYPE_UINT));
$user = $db->query_first("
SELECT username
FROM " . TABLE_PREFIX . "user
WHERE userid = $u
");

thanks Merk for your help

Myth

You will need to set $u yourself or change $u to {$vbulletin->GPC[u]}

so how would I set it myself also if not that, how would or where would {$vbulletin->GPC[u]} go? Would I just put it in place of WHERE userid = $u to look liked WHERE userid = {$vbulletin->GPC[u]} ?

Hrm - not only that but you're using the wrong function.

$vbulletin->input->clean_gpc('r', 'u', TYPE_UINT);
$user = $db->query_first("
SELECT username
FROM " . TABLE_PREFIX . "user
WHERE userid = " . $vbulletin->GPC['u']
);

Ok got it but this new warning shows up:
Warning: Invalid argument supplied for foreach() in /includes/class_core.php on line 1519

This is at line 1519:
foreach ($variables AS $varname => $vartype)
{
if (!isset($this->registry->GPC["$varname"])) // limit variable to only being "cleaned" once to avoid potential corruption
{
$this->registry->GPC_exists["$varname"] = isset($sg["$varname"]);
$this->registry->GPC["$varname"] =& $this->clean(
$sg["$varname"],
$vartype,
isset($sg["$varname"])
);
}
}
}

That is 1519 to 1531

Now after that warning I get this:

Database error in vBulletin 3.5.0 Release Candidate 2:

Invalid SQL:

SELECT userid, username, qas
FROM vbuser
WHERE userid =;

MySQL Error : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3
Error Number : 1064
Date : Monday, September 5th 2005 @ 09:51:34 AM
Script : http://www.eternaltide.net/test/admincp/qas.php
Referrer :
IP Address : XX.XXX.XXX.XX
Username : Admin
Classname : vb_database

Now what I think its refering to is in one of two places, I am providing both places, please double check to make sure I have it correct.

Place 1:
$vbulletin->input->clean_array_gpc('r', 'u', TYPE_UINT, 'u2');
$user1 = $db->query_first("
SELECT userid, username, qas
FROM " . TABLE_PREFIX . "user
WHERE userid = " . $vbulletin->GPC['u']
);

Place 2:
$user1 = $db->query_first("
SELECT userid, username, qas
FROM " . TABLE_PREFIX . "user
WHERE userid = " . $vbulletin->GPC['u']
);
$returntou1="$vbphrase[qas_return_to] <a href=\"user.php?$session[sessionurl]&do=edit&u=$user1[userid]\">$user1[username]'s $vbphrase[profile]</a>";
$user2 = $db->query_first("
SELECT userid, username, qas
FROM " . TABLE_PREFIX . "user
WHERE userid = " . $vbulletin->GPC['u2']
);

Thanks again Merk

Myth

The warning at the top of your post indicates that $variables is not an array. Code above that that builds $variables might not be returning anything.

The database error that you are getting is a similar cause of the same problem above.

As for your attempt to use "u2" as a variable will fail because you havent cleaned it first. You must clean all variables you're using.

Call the function you call for u, but replace u with u2.

Ok Merk, no go, couldn't get it figured out.

I can't find the function used to call for u.

Ok the whole warning thing I'm ignoring for now as I believe this coding error is whats causing that warning.

How would I clean the variable for "u2"? What should the function look like?

I take it the user1 query in "place 1" and "place 2" are the same query?

You need to clean every single input variable you might be using to make sure they are actually input variables.

They do not get globalised, so you need to access them from where vBulletin stores them, $vbulletin->GPC['name'].

To get them put into that GPC array, you will need to run clean_gpc or clean_array_gpc (the second one takes many different variables at the same time, does the same thing).

To clean 2 variables, you should use (which would replace the clean_gpc command that you are using at place one.

$vbulletin->input->clean_array_gpc('r', array(
'u' => TYPE_UINT,
'u2' => TYPE_UINT,
));

Awesome, it worked great.

now for some reason its not keeping the linked users actually linked.

I am porting Quick Account Switch and the linking procedure in the admincp isn't keeping the users linked.

I am attaching the file that is used by the admincp, if you could Merk, please look it over and make sure I haven't made any mistakes that might be causing problems.

Thanks
Myth

I get the feeling something is up with this piece of code that I had to use when altering admincp/user.php

// Quick Account Switch 1.2 - Start
$qas_is_slave=false;
print_table_header($vbphrase['qas_version']);
if (!empty($user['qas']))
{
$qas = unserialize($user['qas']);
foreach ($qas as $qas_acct => $qas_acct_value)
{
if ('m'==$qas_acct_value['type']) // we are a master account to this slave account
{
$qas_link = "(<a href=\"user.php?$session[sessionurl]&do=edit&u=$qas_acct_value[userid]\">$vbphrase[profile]</a>)";
// parameters: u2 (slave), u (master)
$qas_link .= " (<a href=\"qas.php?$session[sessionurl]&do=qasunlink&u=$user[userid]&u2=$qas_acct_value[userid]\">$vbphrase[qas_unlink]</a>)";
print_label_row($vbphrase['qas_master_to'] . ' ' . base64_decode($qas_acct_value['username']), $qas_link);
}
else // we are a slave account to this master account
{
$qas_link = "(<a href=\"user.php?$session[sessionurl]&do=edit&u=$qas_acct_value[userid]\">$vbphrase[profile]</a>)";
$qas_link .= " (<a href=\"qas.php?$session[sessionurl]&do=qasunlink&u=$qas_acct_value[userid]&u2=$user[userid]\">$vbphrase[qas_unlink]</a>)";
print_label_row($vbphrase['qas_slave_to'] . ' ' . base64_decode($qas_acct_value['username']), $qas_link);
$qas_is_slave = true;
}
}
}
else
{
print_label_row($vbphrase['qas_no_accounts'], '', '', 'top', 'noslaves');
}
if (!$qas_is_slave)
{
$qas_link = " <a href=\"qas.php?$session[sessionurl]&do=qaslink&u=$user[userid]\">$vbphrase[qas_add_to] $user[username]</a>";
print_description_row($qas_link);
}
print_table_break('', $INNERTABLEWIDTH);

// Quick Account Switch 1.2 - End



EDIT: Attached code modifications needed for this hack and I think certain pieces are no longer used in vb 3.5 but I could be wrong I am using the right code.

Please note that 'u' is one of the special shorthand variables (like f=forumid, p=postid, t=threadid,....) that get a special treatment.

Right Marco

Any idea why its not staying linked up?

Thanks
Myth

Check if it is converted from 'u' to 'userid'.

How would I go about doing that? Is it a function that would do that or what?

Thanks Marco

Myth

Sorry mate, I cant really see what the problem is (just by looking at code).

It looks reasonably okay to me, with a few minor habbit things that I would do differently, but i think Marco is right – The url variables you are using should be modified so they are not getting broken by vBulletin because it thinks that variable is its own.

You should change u to be more descriptive (qas_user1) or at least more unique.

The same should go for all variables you're using.

Tis ok Merk, I will try to change the variables but I'm afraid if I do that and not know where to change it in the file to make sure it reads it right then it will give me more errors than I want.

I'm having no end of trouble converting my custom PHP scripts to work with the new vbulletin 3.5 code structure. Basically I have a form that calls itself to pass variables to my database. I'm using this to initialize the form variables at the top of my script:


$bbuserinfo = $vbulletin->userinfo;

$vbulletin->input->clean_array_gpc('p', array(
'name' => STR,
'gender' => INT,
'race' => INT,
'class' => INT,
'level' => INT,
'trade1' => INT,
'trade1skill' => INT,
'trade2' => INT,
'trade2skill' => INT,
));


Then using this to pass the variables to my database.


if ($submit) {
$tstamp = mktime();
$timestamp = date("Ymdhis", $tstamp);
$sql_result = mysql_query("UPDATE `wowmembers` SET
name='$vbulletin->GPC[name]',
gender='$vbulletin->GPC[gender]',
race='$vbulletin->GPC[race]',
class='$vbulletin->GPC[class]',
level='$vbulletin->GPC[level]',
trade1='$vbulletin->GPC[trade1]',
trade1skill='$vbulletin->GPC[trade1skill]',
trade2='$vbulletin->GPC[trade2]',
trade2skill='$vbulletin->GPC[trade2skill]',
lastupdate='$timestamp'
WHERE eqname='$bbuserinfo[username]'", $db);
}


Each of the variables in the initialization are used in various parts of the form as such.

<select name="race">

The form action is set to post but no matter what I do I get this error:

Call to a member function clean_array_gpc() on a non-object in script path line 5.

Anyone have any suggestions?

Tried moving the clean_array_gpc code to after my form but before the submit button with no change. Tried just using clean_gpc on each variable and it still gives me the non-object error on:

$vbulletin->input->clean_gpc('p', 'gender', INT);

I have no idea what the problem is.

The types are not 'STR' naymore, but 'TYPE_STR', same for the other types.