The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#21
|
||||
|
||||
That's what I just said.
Is there any reason to use the input cleaner instead of just performing the checks yourself as I suggested? The advantage that way is that you don't have to change the way you access the variable and you can also assign extra or different checks instead of being limited to the few GPCs and can assign if/else to deal with the data as well. That's a terrific tutorial but the one thing it doesn't do is explain why you should use it instead of your own way. |
#22
|
|||
|
|||
Thanks
If I did this: $playername = SELECT name FROM players WHERE id='" . $_REQUEST['id'] . '' Will it work? |
#23
|
|||
|
|||
Quote:
|
#24
|
||||
|
||||
The only case where I would consider not using vB's sanitizing functions would be if you're only dealing with one single int variable in a plugin, then it would probably be more readable/simpler to just use intval to force it to be an int. If I remember right, that's what vB does anyway to sanitize an int variable.
$i = intval ($_GET['i']); In all other cases (and maybe even in this one), follow Danny's advice. |
#25
|
|||
|
|||
What should I put in the red text if I'm going to using REDTYGER's advice?
Code:
if($_GET['id'] == "here) { do something else; } |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|