The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
PHP Code:
|
Благодарность от: | ||
Black Snow |
#12
|
||||
|
||||
Quote:
Quote:
|
Благодарность от: | ||
Black Snow |
#13
|
|||
|
|||
Quote:
--------------- Added [DATE]1409646066[/DATE] at [TIME]1409646066[/TIME] --------------- Quote:
Code:
$vbulletin->input->clean_gpc('r', 'do', TYPE_STR); $do = $vbulletin->GPC['do']; if (!isset($do)) //default value $do = "siterules"; //Use as http:/site.com/info.php?do=siterules if ($do == "siterules") { $pagetitle = 'General Site Rules'; $templater = vB_Template::create('siterules'); $templater->register_page_templates(); $templater->register('navbar', $navbar); $templater->register('pagetitle', $pagetitle); $templater->register('custom_nav', $custom_nav); print_output($templater->render()); exit; } |
#14
|
||||
|
||||
Quote:
PHP Code:
PHP Code:
|
#15
|
|||
|
|||
Quote:
|
#16
|
||||
|
||||
I can't see anything wrong now, and I don't have time right now to test it
Maybe this code could make a difference PHP Code:
|
Благодарность от: | ||
Black Snow |
#17
|
|||
|
|||
There is a $vbulletin->GPC_exists[] array, so you could try this:
Code:
$vbulletin->input->clean_gpc('r', 'do', TYPE_STR); if ($vbulletin->GPC_exists['do']) $do = $vbulletin->GPC['do']; else $do = "siterules"; // etc Another thing you could do is just make 'siterules' the default 'else': Code:
$vbulletin->input->clean_gpc('r', 'do', TYPE_STR); $do = $vbulletin->GPC['do']; if ($do == 'something') { // something } else if ($do == 'somethingelse') { // something else } else // default to siterules { // siterules } BTW, I'm not a php expert so I'm not going to argue with what's correct and what's "evil", but I would say that there was nothing actually wrong with what you originally had (as far as introducing vulnerabilities), and in fact the vb scripts do it that way (just for the 'do' variable). |
Благодарность от: | ||
Black Snow |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|