Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Verifying fields in the API Classess
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-12-2005, 05:12 PM
VBCoder VBCoder is offline
 
Join Date: Jun 2005
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Verifying fields in the API Classess
Taking a look through the API, I see that when set()ing, you can choose whether to verify or not.

Two questions:
1) How does vB verify? I can't find the code to do it. I see all these references to VF_METHOD, but can't figure out what that is.

2) If you don't verify, and put in bad data, what happens? Does vB try to roll with it, and do as much as it can? Does it crash? Or, does it corrupt the database?
Reply With Quote
  #2  
Old 06-15-2005, 02:04 AM
VBCoder VBCoder is offline
 
Join Date: Jun 2005
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
As I haven't gotten a response, I'm assuming that my post lacked enough details to be clear. Please let me know what other information I need to add.
Reply With Quote
  #3  
Old 06-15-2005, 04:01 AM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by class_dm.php
FIELD 2 (VF_CODE) - This contains code to be executed as a lamda function called as 'function($data, $this)'.
Alternatively, the value can be VF_METHOD, in which case, $this->verify_{$fieldname} will be called.
In other words:
If this is set to VF_METHOD, a function verfiy_fieldname will be used to verify this field - or the function specified (FIELD 3, VF_METHODNAME).

If you don't verify, the data may be garbage (for examle 'c:\winnt' set as email in User Datamanager).
Reply With Quote
  #4  
Old 06-15-2005, 04:12 AM
VBCoder VBCoder is offline
 
Join Date: Jun 2005
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks, Kirbs - you hit the nail on the head.
Quote:
If you don't verify, the data may be garbage (for examle 'c:\winnt' set as email in User Datamanager).
Is there any prediction what happens in these cases (will the error be caught before corrupting the whole forum db?)?
Reply With Quote
  #5  
Old 06-15-2005, 04:28 AM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I think if there are no further checks in presave(), the data will just be written to the database.
At least this is how the User Datamanager behaves (with c:\winnt as eMail).

This might cause inconsistent data.
However, it should not cause mySQL-Errors.
But if you also set clean to false, the datatype will not be checked - and you might run into mySQL Errors and SQL injection vulnerbilities.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 01:07 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04367 seconds
  • Memory Usage 2,194KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete