Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
Reload this Page How can I handle data or values within pages
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #1  
Old 05-17-2011, 04:48 PM
caracena caracena is offline
 
Join Date: Apr 2006
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default How can I handle data or values within pages
Hi everybody,

I'm in the process of learning how to make a program/plugin for vBulletin and it's pretty darn fun! I begun yesterday and I already know how to make a program with it's own templates and plugins (thanks Lynne and Cellarius) and those pages look great! My problem now is that I don't know what to do with those pages.

For example, I have a template with a form and two text boxes in it asking for 2 numbers and I want to display another page/template with the result of adding those two numbers together (i.e. 2+3=5). Where should my form point to? Another page? same page with an IF clause in the template? Where should the math take place? Should I use GET or POST?

Thanks in advance!
Reply With Quote
  #2  
Old 05-17-2011, 05:10 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
You could point to another page or the same one. I think with the "add two numbers" example you describe I'd probably use one page and use the input form data to initialize the input text fields (or leave them blank if the input isn't set, like the first time you go to the page), and then check to see if both input variables are set to numbers, and if so display the answer.

As far as GET vs POST, both with will work. I had never really thought about it much until you asked, so I searched and found this answer: http://stackoverflow.com/questions/4...do-you-use-get
Reply With Quote
  #3  
Old 05-17-2011, 06:38 PM
caracena caracena is offline
 
Join Date: Apr 2006
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
All right, thanks for your answer. My question about using POST or GET was aimed toghuards security. I would like to learn to do this "the right way" from the start instead of later having to correct "old habits".

I'm just realizing that I will always have to check if it's a user or a guest who's using the product (passing the arguments) and whether that user is in a group that is allowed to do it. Is there some easy way of doing this? Maybe something integrated into vBulletin's core?

I don't want to make a mod that will enable anybody to type /somepage.php?action=delete&what=someid and get away with it but I also hate the idea of making a mod that will add a million queries to each page load.

Thanks again!
Reply With Quote
  #4  
Old 05-17-2011, 07:35 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by caracena View Post
All right, thanks for your answer. My question about using POST or GET was aimed toghuards security. I would like to learn to do this "the right way" from the start instead of later having to correct "old habits".
I don't think it makes any difference from a security standpoint. It might seem like POST is more secure because you don't see the data, but it's really not. I think that answer I linked to above talks about the safety of not being able to just go to a url and have it do something dangerous, but I guess another way to look at it is that if it's not useful to allow it to be specified on the url then you might as well use POST. As for security, no matter how the input comes, you have to be careful what you do with it.

vbulletin has a gpc_clean() function that takes values from any one of or all three of GET, POST, and cookie data and puts them in the array $vbulletin->GPC[]. If you specify 'r' as the first param it gets a value from any of the three, so if you use that it doesn't matter if you use GET or POST (or use both in different situations). You shouldn't have any trouble finding examples of that in the vb code.

Quote:
I'm just realizing that I will always have to check if it's a user or a guest who's using the product (passing the arguments) and whether that user is in a group that is allowed to do it. Is there some easy way of doing this? Maybe something integrated into vBulletin's core?
I assume you've used one of those "make your own vbulletin page" articles, so including global.php will make your page check if a user is logged in and load their info. So you can check $vbulletin->userinfo[userid] and it will be their user id or else 0 if they're not logged in. You can check for the user being a member of one or a set of groups using is_member_of($vbulletin->userinfo, 1, 2, 3), which will be true if the user is a member of either group 1, 2, or 3 (you can specify one or more group ids, I just put three as an example).

What I mentioned above is what you'd use in php code. You can also do it from template conditionals like <vb:if condition="$bbuserinfo[userid] != 0"> or <vb:if condition="is_member_of($bbuserinfo, 1, 2, 3)">.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:36 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07265 seconds
  • Memory Usage 2,184KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (4)post_thanks_box
  • (4)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit_info
  • (4)postbit
  • (4)postbit_onlinestatus
  • (4)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete