PHP in BBCODE
 

Hi,

I tried to add php to bbcode with no luck.

E.g I have [test] bbcode and in the bbcode replacement I want a php script to run. I want to use sessions to store information but just for example, lets say I need to include a file:

[include]test.php[/include] Is it possible to actually run php code and make it execute: <?php include("test.php"); ?>

Thanks,
Karthick

Possible yes but it would be a HUGE security flaw id say in your forums and i wouldn't advise it at all

- Zero Tolerance

I dont understand, how is it even a slight security flaw?

If you allow php to be executed anywhere, you are allowing anything to be run, which means someone could drop your database, specific tables, even get passwords or other viatal info :)

No, I dont want others to be able to run PHP code. I want to run my own php code in bbcode. For example, someone types [store]this[/store] I want to be able to type php code in the bbcode replacement variable so that I can use php to store "this" as a session variable.

I hope I am making sense :S

Why exactly would you want to make session vars in a post?

Im a little un-certain why such a thing would be needed

5 AM here, so ill try and make this quick.

http://64.91.226.5/showthread.php?t=452&page=2

Please see the chess boards. The BB Code just currently tags a php file through Iframe, <iframe src=blah.php?chess moves etc. Now Apache GET limit is 8kb max, and to change that, I would have to recompile apache, which is not advisable. I want to allow up to 200kb.

So I need to get PHP to store a session variable with that name, or do ANYTHING with php to store the information somewhere, instead of tagging it onto iframe.

Can someone give me a hint on how to do this?

Alternatively, How can I make a template into bbcode? E.G how are all the standard bbcodes as templates? How does it know that template is bbcode?

bump

I dont think anyone is going to code an open security risk.

You can take a service request but most of these are paid.