Possible Miscode in poll.php

[DJ29Joesph]

I was coming across some code and was in poll.php and I think I found an error in the php file.

Heres the code

Its on line 626.

PHP Code:

        while ($name = $db->fetch_array($public))
        {
            fetch_musername($name);
            $allnames["$name[voteoption]"][] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u=$name[userid]\">$name[musername]</a>";
        } 


I believe where the </a> ends it should be a single quote, not a double quote. Can someone please look at this for me.

I may be wrong I am just a beginner, but I thought I would give it a shot of reporting it.

I have vbulletin Version 3.8.3. Thanks

[HMBeaty]

I do believe you are correct

--------------- Added [DATE]1248140019[/DATE] at [TIME]1248140019[/TIME] ---------------

Actually, now that I look at it again, I think it may be missing a quote

[JamesC70]

Quote:

Originally Posted by DJ29Joesph

I was coming across some code and was in poll.php and I think I found an error in the php file.

It looks correct to me. I'll use quote instead of code, so I can highlight the pairs:

Quote:

$allnames["$name[voteoption]"]
[] = '<a href="member.php?'
. $vbulletin->session->vars['sessionurl']
. "u=$name[userid]\">$name[musername]</a>";

In each line of the quote above, the opening and closing quotes are highlighted in red.

The one that's throwing you off is the green one, preceeded with a backslash. The backslash indicates to PHP to "keep this intact, don't interpret it as code". This needs to be done when including a double-quote character within double-quote marks.

The double-quote before member.php (line 2 in quote above) doesn't need a backslash in front of it because it's not inside a pair of double-quotes, it's inside single quotes. Hence the difference.


Refer to php.net for further information.

[DJ29Joesph]

Personally that doesn't make any sense.

Why would u=$name be part of </a>???

[HMBeaty]

Thats part of the link that allows you to go to the users profile when clicked

[JamesC70]

The code is creating a clickable link.... embedding a variable into HTML.

HTML uses <a href="_____">click this part</a> -- "click this part" is what you see on the screen; the code in brackets is what tells the browser to interpret it as a link.

[DJ29Joesph]

$allnames[START1$name[voteoption]END1]
[] = START2<a href=START3member.php?END2
. $vbulletin->session->vars[START4sessionurlEND4]
. END3u=$name[userid]\START5 OR NOTHING>$name[musername]</a>START5 OR END 5;

still doesnt make any sense.

I know how to make a link I have 2 years of web design on my belt

EDIT::::

ok, if I'm correct the only thing wrong is "u=$name should be a single quote not double

[JamesC70]

Quote:

Originally Posted by DJ29Joesph

ok, if I'm correct the only thing wrong is "u=$name should be a single quote not double

If $name is inside a single quote, PHP won't give it a value. It must be inside double quotes, or inside no quotes at all, for PHP to assign a value to $name.

This is why $allnames["$name[voteoption]"] uses double-quotes instead of single-quotes, too.

Quote:

Originally Posted by php.net

The most important feature of double-quoted strings is the fact that variable names will be expanded. See string parsing for details.

[DJ29Joesph]

I believe the quote is "$allnames
not ["$name

I think im seeing things

u= is part of the link not the variable

[JamesC70]

Quote:

Originally Posted by DJ29Joesph

I believe the quote is "$allnames
not ["$name

I think im seeing things

You might be. I've been copying/pasting from your first post, and everything looks consistent here.

Yes, u= is part of the link. When a variable is inside double-quotes, PHP will replace the variable with it's value. In this case, the user's id would be inserted in place of $name[userid].