The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Problems with custom query and registration
Hi,
I run a custom query on my site. It looks like this: Code:
$creditinfo = $DB_site->query_first("SELECT curcredit FROM usrcredit WHERE usrname='$bbuserinfo[username]'"); $credit = $creditinfo[curcredit]; If a user tries to register with a ' in their username the query errors due to the '. I do have all odd characters including the ' excluded in the vb registration options. If my custom query is not added anywhere in any fine the registrtion will kickback and tell the user that the ' is unacceptable. But if my query is included in any file the query errors at registration, and registration only. I've added my query to global.php and even to the php_onclude_start template. it works fine in both those places, except for registration. So here's my question... how can I tell the query to not execute if the registration name contains bad characters? Thanks. |
#2
|
|||
|
|||
you can use the standard addslashes function to fix that problem (I'd probably also use htmlspecialchars.
Code:
$creditinfo = $DB_site->query_first("SELECT curcredit FROM usrcredit WHERE usrname='".addslashes(htmlspecialchars($bbuserinfo[username]))."'"); |
#3
|
|||
|
|||
Thanks Modin. That worked like a charm!
|
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|