Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
Reload this Page Reading $_POST in PHP / vB
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 08-17-2010, 08:56 AM
janaf janaf is offline
 
Join Date: Dec 2009
Posts: 169
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Reading $_POST in PHP / vB
New at php and vB:

I am using PHP direct-eval and using $_POST to read posted data but it seems it is not available with vB? I can not read the passed variable name / value:

PHP Code:
$output $_POST["mystr"]; 
calling the page with
HTML Code:
content.php?305&mystr=hi
Returns nothing

What are my options to pass / read data with vB / php?

I would like to have a simple pull-down menue and read it's value at post / submit, posting to the same page.

Is there another / better way to do this?

I also have a related post problem discribed here:
https://vborg.vbsupport.ru/showthread.php?t=248700

Any input appreciated...
Reply With Quote
  #2  
Old 08-17-2010, 09:22 AM
Eric's Avatar
Eric Eric is offline
 
Join Date: May 2006
Location: Kentucky
Posts: 792
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
As far as input ($_POST/$_GET/etc), try reading this:

http://www.vbulletin.com/docs/html/codestandards_gpc

So, for example:
PHP Code:
$vbulletin->input->clean_gpc('r''mystr'TYPE_STR); 
And it would be available as:
PHP Code:
$vbulletin->GPC['mystr'
However, this is all going to depend on where in vBulletin you're trying to use this.
Reply With Quote
  #3  
Old 08-17-2010, 09:35 AM
janaf janaf is offline
 
Join Date: Dec 2009
Posts: 169
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Many thanks!

Looks exactly like what I needed to progress.

I am trying to use this in a php direct eval page and php gadget.
Reply With Quote
  #4  
Old 08-18-2010, 04:40 PM
janaf janaf is offline
 
Join Date: Dec 2009
Posts: 169
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Sorry but I am stuck on the first line. Pasted this into a php direct eval page:
PHP Code:
$vbulletin->input->clean_gpc('r''mystr'TYPE_STR); 
I get
HTML Code:
Fatal error: Call to a member function clean_gpc() on a non-object in /var....../phpeval.php(97) : eval()'d code on line 1
and I feel like a fool. What the .... should I do?
Reply With Quote
  #5  
Old 08-25-2011, 02:09 AM
blamo blamo is offline
 
Join Date: Apr 2002
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Try this:

vB::$vbulletin->input->clean_gpc('r', 'mystr', TYPE_STR);
Reply With Quote
  #6  
Old 08-25-2011, 02:37 AM
Marco64Th Marco64Th is offline
 
Join Date: Aug 2011
Posts: 34
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Are you sure that $vbulletin is in scope?

Try adding a:
PHP Code:
global $vbulletin
Just before the call to clean_gpc().
Reply With Quote
  #7  
Old 08-25-2011, 02:08 PM
nhawk nhawk is offline
 
Join Date: Jan 2011
Posts: 1,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
You also need to understand the difference between GET, POST and REQUEST. In general...

GET = Anything passed via a URL
POST = Anything passed via an input (<input type=...etc>)
REQUEST = All GET, POST and COOKIE data.

Using these with vB and not cleaning them with $vbulletin->input->clean.. is bad practice as this could possibly introduce rogue code into the system.

This code..
Code:
$vbulletin->input->clean_gpc('r', 'mystr', TYPE_STR);
Could be passing more information than you need.

It's best to narrow down what you need with
Code:
$vbulletin->input->clean_gpc('p', 'mystr', TYPE_STR);
or
Code:
$vbulletin->input->clean_gpc('g', 'mystr', TYPE_STR);
If I'm wrong on that, someone please correct me.
Reply With Quote
  #8  
Old 08-25-2011, 02:24 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I'm not an expert on the matter, but I agree with what nhawk says above, except that I think I'd make the decision on using GET, POST, or REQUEST based on if I thought the script was useful as something that would be used as a link or url. That is, even if you're using it to process form data, if you could see it being useful for someone to enter the paramters in a url or to create a link to it, then you could use REQUEST instead of POST.

Also, I think it's important to note that calling clean_gpc() with TYPE_STR does almost nothing to the value, so you still need to be careful if you're using it in a database query or including it directly in the output.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 02:03 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07362 seconds
  • Memory Usage 2,240KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (3)bbcode_code
  • (2)bbcode_html
  • (5)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete