vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   Im struggling trying to get $username to show up (https://vborg.vbsupport.ru/showthread.php?t=214651)

powerful_rogue 05-27-2009 10:14 AM
Im struggling trying to get $username to show up
 
Hi,
Im still learning the ropes, so I thought I would take quite an easy hack and re-code differently.

This is what the code was orginally
Quote:
$title = "This just in: " . $username . " has just joined the forum!";
Im trying to get it so that you can enter the title via the acp rather then having to edit the product.

This is what ive got -

Quote:
$title = $vbulletin->options['ntur_title'];
Quote:
$threaddm->do_set('title', $title);
Quote:
<setting varname="ntur_title" displayorder="20">
<datatype>free</datatype>
<optioncode>textarea</optioncode>
<defaultvalue>Welcome $username</defaultvalue>
</setting>
However when the thread gets posted, the title shows up as "Welcome $username" - rather then the username of the person that has just registered.

Im getting there on the other parts, however seem to have hit a stumbling block on this!

Any help greatly appreciated!

bananalive 05-27-2009 11:34 AM
Instead of
PHP Code:
    $title $vbulletin->options['ntur_title']; 
Try...
PHP Code:
eval('$title = "' $vbulletin->options['ntur_title'] . '";'); 

powerful_rogue 05-27-2009 11:50 AM
Thanks bananalive, i'll give that a try now!

One more thing im strugging with is getting the users post count to increase after the thread has been created. The thread total increases by 1, however the users post count dosent seem to increase.

This is the current code ive got -

PHP Code:
require_once('./global.php');
    require_once('./includes/class_dm.php');
    require_once('./includes/class_dm_threadpost.php'); 

PHP Code:
    $threaddm =& datamanager_init('Thread_FirstPost'$vbulletinERRTYPE_ARRAY'threadpost');
        $threadinfo = array();
        
        $threaddm->set_info('forum'$foruminfo);
        $threaddm->set_info('thread'$threadinfo);
        $threaddm->setr('forumid'$forumid);
        $threaddm->setr('userid'$userid);
        $threaddm->setr('pagetext'$pagetext);
        $threaddm->setr('title'$title);
        $threaddm->set('allowsmilie'$allowsmilie);
        $threaddm->set('open'$open);
        $threaddm->set('visible'$visible);
        
        $threaddm->pre_save();
        if(count($threaddm->errors) < 1)
        {
            $threadid $threaddm->save();
            unset($threaddm);
            build_thread_counters($threaddm);
        } else {
            eval(standard_error(fetch_error($threaddm->errors$vbphrase['forum'], $vbulletin->options['contactuslink'])));
        }
        
        build_forum_counters($foruminfo['forumid']);  
// Update last post stuff on forumdisplay
    require_once('./includes/functions_databuild.php'); 
    build_forum_counters($forumid);]]> 
--------------- Added [DATE]1243432884[/DATE] at [TIME]1243432884[/TIME] ---------------

Quote:
Originally Posted by bananalive (Post 1818066)
Instead of
PHP Code:
    $title $vbulletin->options['ntur_title']; 
Try...
PHP Code:
eval('$title = "' $vbulletin->options['ntur_title'] . '";'); 
That worked a treat! Thank you so much!
A couple of quick questions, if someone was to use ' or " - it throws an error. Is there anyway of getting the code to ignore those characters?

Also, and I know this is cheeky, but im still learning, could you just go through what the line of code means? Ive done a little bit of digging.

Quote:
The eval() function evaluates a string as PHP code.

The string must be valid PHP code and must end with semicolon.

This function returns NULL unless a return statement is called in the code string. Then the value passed to return is returned. If there is a parse error in the code string, eval() returns FALSE.
Im guessing that when I put the " and ' characters into the title line "Hello '$username', Welcome to the forum" it produced the parse error that stopped it from showing $username.

I just dont quite understand what all the various " ' are in that line of code.

Once again, thanks for your help, its really appreciated.

--------------- Added [DATE]1243438523[/DATE] at [TIME]1243438523[/TIME] ---------------

Managed to solve the postcount issue - had to use an SQL query. Would have prefered to have done it via the datamanager but was having no luck.

If anyone knows of how to do this via the datamanager I would be really interested for furture use.

Ive still got one issue regarding " ' in the above post if someone could help.

Thanks

--------------- Added [DATE]1243442021[/DATE] at [TIME]1243442021[/TIME] ---------------

Ive come across one more problem that I could really do with some help with please!

When I used the "register_addmember_complete" hook - Once a member registers it creates a thread with the title being "Welcome to the forum John"

However when I used the hook "register_activate_process" it creates the thread after the member has activated via email, however it only shows the title as "Welcome to the forum" - for some reason it dosent seem to recognise the $username in the title.

Im sorry to be such a pest!

bananalive 05-28-2009 11:51 AM
Try

PHP Code:
eval('$title = "' addslashes($vbulletin->options['ntur_title']) . '";'); 
The ' are needed to use php functions inside the eval

The rest is like a normal php line, eg.

PHP Code:
$x "blah"
Look at the vbulletin source code and you might see there is different variable being used for $username

You could add this line at top of plugin

PHP Code:
$username $vbulletin->userinfo['username']; 

powerful_rogue 05-28-2009 12:19 PM
Quote:
Originally Posted by bananalive (Post 1818743)

Look at the vbulletin source code and you might see there is different variable being used for $username

You could add this line at top of plugin

PHP Code:
$username $vbulletin->userinfo['username']; 
Superb! Thank you, that worked a treat! I had

Quote:
$username = htmlspecialchars_uni($username);
inside the code, but replaced it for the code you posted and it works a charm.

Regarding the ' and " - I can see where your coming from, still need to get my head around them. Ive got a nice big php/sql book sitting here waiting for me to read it!

Dismounted 05-29-2009 09:20 AM
You should still sanitise it before displaying. (Not 100% sure if it is already sanitised when fetched.)
PHP Code:
$username htmlspecialchars_uni($vbulletin->userinfo['username']); 

powerful_rogue 05-30-2009 07:34 PM
Quote:
Originally Posted by Dismounted (Post 1819412)
You should still sanitise it before displaying. (Not 100% sure if it is already sanitised when fetched.)
PHP Code:
$username htmlspecialchars_uni($vbulletin->userinfo['username']); 
Hi Dismounted,

When you say "sanitise" it, what does that actually mean?

UKBusinessLive 05-30-2009 07:51 PM
Quote:
Originally Posted by powerful_rogue (Post 1820280)
Hi Dismounted,

When you say "sanitise" it, what does that actually mean?
When accepting data, any data at all, it should be sanitised before making its way to your database.

What does this mean? Well, for one, you’re going to inspect the data and make sure that it doesn’t contain any malicious code such as ill-intentioned javascript. Another is to prepare the data so that when it gets added to your insert/update SQL it doesn’t break the SQL (or do other nasty actions). Otherwise know as a SQL injection attack.

:D

powerful_rogue 05-30-2009 08:01 PM
Quote:
Originally Posted by UKBusinessLive (Post 1820286)
When accepting data, any data at all, it should be sanitised before making its way to your database.

What does this mean? Well, for one, you?re going to inspect the data and make sure that it doesn?t contain any malicious code such as ill-intentioned javascript. Another is to prepare the data so that when it gets added to your insert/update SQL it doesn?t break the SQL (or do other nasty actions). Otherwise know as a SQL injection attack.

:D
Ah thank you UKBL, makes perfect sense now. :)

UKBusinessLive 05-30-2009 08:17 PM
Quote:
Originally Posted by powerful_rogue (Post 1820289)
Ah thank you UKBL, makes perfect sense now. :)
Thats OK Buddy, oh i forgot this for you

http://www.diamondvues.com/disinfectant.bmp

:D


All times are GMT. The time now is 09:58 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02178 seconds
  • Memory Usage 1,782KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (12)bbcode_php_printable
  • (12)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete