vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Coding practices with VB? (https://vborg.vbsupport.ru/showthread.php?t=68059)

AcidMaX2 08-06-2004 02:10 PM
Coding practices with VB?
 
Is there a faq, document etc anywhere that shows how things should be handled when coding modules for vbulletin?

For example, my issue right now is know how "SPECIFICALLY" I need to parse input text. So if I have a textarea to prevent people from submitting javascript code, or injecting into the db etc, what process is there for inputting data with DB functions and then retrieving to view the code properly. Ie.,.

right now I just learned of the globalize function, is this also going to strip html? I use the STR_NOHTML option for it but it still seems to work. Should I run everything through parse_bbcode on insert or just on retrieval?

Any help you can offer would be good. We were beta testing some stuff and realized some injections could occur.

Andy

Tigga 08-06-2004 03:31 PM
htmlspecialchars() maybe?


All times are GMT. The time now is 11:11 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00943 seconds
  • Memory Usage 1,700KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (2)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete