vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   Problem linking with paginator - in AdminCP (https://vborg.vbsupport.ru/showthread.php?t=204674)

Vaupell 02-08-2009 07:10 PM
Problem linking with paginator - in AdminCP
 
Hi was following the article paginator in admin cp,
and with only -2 views since yester kinda doubt a response is appearing there.
Paginate Admin CP Results

so if you think its the wrong place to start a topic, well in a perfect world articles responses was
feedback only not support, and support with scripts goes in support forum :p

anyway

the problem is this

the link from the pages appear to be fine when running but when you click
if loads nothing/blank screen which ofcourse is becourse it cannot find the
goto location.

my initial goto location is
PHP Code:
 if($_POST['do']=="Find"){ 
and the link is looking like this
PHP Code:
                    $pagenav .= " <a href=\"sh2.php?$session[sessionurl]do=Find&amp;page=$thispage\" class=\"normal\">$thispage</a> ";

//  ---  and futher down the actual print
  print_description_row($pagenavfalse8'''center'); 

in run mode it looks like this

http://localhost/forums/admincp/sh2.php?do=Find&page=2

and ofcourse it can easy find ?do=Find but the &page2
is the problem, im sure i need to add this somewhere, but not how
and neither articles on this clearify this..

suggestions ? :confused:


EDIT 2 :

modified the link a little, but still not allowed to use &page#
Code:
$pagenav .= "<a href='sh2.php?$session[sessionurl]do=Find&amp;page=$thispage'>".$thispage."</a>,";

Dismounted 02-09-2009 05:03 AM
The name of the variable that is used in the article is "pagenumber", not "page".

Vaupell 02-09-2009 05:56 AM
hmm okay,, time for a little code i gues

1) it didnt pay attention on the varible changed that in the link..

PHP Code:
 if($_POST['do']=="Find"){
$vbulletin->input->clean_gpc('r''searchstring'TYPE_NOHTML);
$vbulletin->input->clean_array_gpc('r', array('pagenumber'=> TYPE_UINT,));

  

    $perpage 10
    if(!$vbulletin->GPC['pagenumber']){ 
        $vbulletin->GPC['pagenumber'] = 1
    } 
    $start = ($vbulletin->GPC['pagenumber'] - 1) * $perpage

    $ipscount $db->query_first(
        SELECT COUNT(ipaddress) AS count 
        FROM " TABLE_PREFIX "post
        WHERE ipaddress='".$vbulletin->GPC['searchstring']."' 
    ");     
         
    $pagecount ceil($ipscount['count'] / $perpage); 
   print_cp_header("$vbphrase[EviFindipCPHeader]");
   print_table_start();
   print_table_header("$vbphrase[EviFindipTBFHeader]"8);
 
         if($pagecount 1){ 
            $pagenav "<strong>$vbphrase[go_to_page]</strong>"
            for ($thispage 1$thispage <= $pagecount$thispage++){ 
                if($thispage == $vbulletin->GPC['pagenumber']){ 
                    $pagenav .= " <strong>[$thispage]</strong> "
                } else { 
//  $pagenav .= " <a href=\"sh2.php?$session[sessionurl]do=Find&amp;pagenumber=$thispage\" class=\"normal\">$thispage</a> "; 
     $pagenav .= "<a href='sh2.php?do=Find&amp;pagenumber=$thispage'>".$thispage."</a> ,";
                } 
            } 

          print_description_row($pagenavfalse8'''center'); 
        } 
and yes i see that the pagenumber is the correct var, didnt work for the link
Notice ONLY reason i got dublicated link it besource im trying different things out

im also suspecting that input->clean array to have a wrong syntax
but dont know the correct syntax for it, can only compared to others
that work.

Dismounted 02-09-2009 10:05 AM
Okay, let's start at that insecure query there. It is vulnerable to SQL injection. You should read SirAdrian's article called "Create Secure Mods". It's all good and well that you escape HTML (it's not needed, by the way, it is only needed after fetching from the database/displaying it).

Vaupell 02-09-2009 10:53 AM
Quote:
Originally Posted by Dismounted (Post 1738560)
Okay, let's start at that insecure query there. It is vulnerable to SQL injection. You should read SirAdrian's article called "Create Secure Mods". It's all good and well that you escape HTML (it's not needed, by the way, it is only needed after fetching from the database/displaying it).


Dont get it, well i understand what it does, great.

But i have no clue of placement of $db->escape_string()

cant i just go with $db->query_read_slave() ? or is it a misleading name!


Edit 2 :
okay $db->query_read_slave() dosent work, it removes all links. = dosent count
and the same with $db->escape_string() = dosent count either

PHP Code:
    $ipscount $db->query_read_slave("
        SELECT COUNT(ipaddress) AS count 
        FROM " TABLE_PREFIX "post
        WHERE ipaddress='".$db->escape_string('searchstring')."' 
i mean the count is correct and all, but the page numbers that was printet with old code is gone.

giving up on this.

Dismounted 02-10-2009 05:02 AM
PHP Code:
$vbulletin->db->escape_string($variable

Vaupell 02-10-2009 09:19 AM
Quote:
Originally Posted by Dismounted (Post 1739411)
PHP Code:
$vbulletin->db->escape_string($variable
okay this works thank you..

PHP Code:
WHERE ipaddress='".$db->escape_string($vbulletin->GPC['searchstring'])."'"); 
But still dosent help me on the linking of pages :confused:

Link generated is
PHP Code:
$pagenav .= "<a href='sh2.php?do=Find&amp;pagenumber=$thispage'>".$thispage."</a> ,"
and function (i think its a function, remember ur dealing with a non programmer here)
PHP Code:
 if($_POST['do']=="Find"){
$vbulletin->input->clean_gpc('r''searchstring'TYPE_NOHTML);
$vbulletin->input->clean_array_gpc('r', array('pagenumber'=> TYPE_UINT,));

but it wont allow me to "reuse" that link,
should i remove all the " &amp;pagenumber=$thispage" alltogether and attempt
getting the page number with _get or _request perhaps instaed. ?


All times are GMT. The time now is 01:05 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01100 seconds
  • Memory Usage 1,770KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (9)bbcode_php_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (7)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete