The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
07-25-2014, 07:46 PM
|
||||
|
||||
where to place my safe custom functions?
Hi...
Possibly a new security feature of my vBulletin is stopping me from including my custom php file which has a custom-function within it and then using that function in a custom template, where should I place my 'safe' function and get my template working again? The error I'm having is: Fatal error: Call to undefined function customfunction() in /home/www/xxx/includes/adminfunctions_template.php(3950) : eval()'d code(277) : eval()'d code on line 47 please advise 
|
|
#3
07-25-2014, 09:19 PM
|
||||
|
||||
|
Quote:
|
|
#4
07-25-2014, 09:28 PM
|
|||
|
|||
|
This should help.
 http://www.vbulletin.com/docs/html/f...n_conditionals If you have a specific question and you can show your work, then I can be of more assistance.
|
|
#5
07-25-2014, 09:37 PM
|
||||
|
||||
|
Thank you...
Yes were on the right track... I have a custom php file in my forums directory which through a template is being included, all that php file really has in it is that function, the template is not being saved telling me it's undefined... So in the php file I've included the line : $safe_functions[] = 'myFunction'; but it's a no show still... It all used to work using vBulletin 3.8.7 Patch Level 4 - Just need to let vB know that myFunction is a good'un and I'm golden.. the custom php file is being included, just can't save the template without an error....Thanks for the help. \ EDIT, I'm getting it now I think....
|
|
#6
07-25-2014, 09:54 PM
|
|||
|
|||
|
Quote:
"Safe Functions" allows a PHP function or user function to be accessible via a template. It's main purpose was to limit harmful functions from being executed at presentation. "$safe_function" is an array that you can add the name of your function to, this is added to the array at template hook: "template_safe_functions". (See .. "/includes/adminfunctions_template.php" around line ~1888. I have a notion that you are trying to send information to the template through output buffering, but cannot be sure without seeing your code. My forte' lies with vb4, so you could be still doing something I am not familiar with.
|
| Благодарность от: | ||
| omardealo | ||
|
#7
07-25-2014, 09:59 PM
|
||||
|
||||
|
Yeah I dunno...
just want a function included simple as... so I see in my 'adminfunctions_template.php' this line: ($hook = vBulletinHook::fetch_hook('template_safe_functions ')) ? eval($hook) : false; What's a hook? do I need to create a new plugin for my function? insert some code into my custom php file to allow vB to accept it? or insert more code into my custom template? or create a new template with proper allowed custom functions? - I'm confused... I'll explain, this should be easier you know  Got a custom php file, it's being included, here's the code Code:
<?
function paginateRecords($dataFile,$page,$numRecs=10){
$output='';
// validate data file
(file_exists($dataFile))?$data=(file
($dataFile)):die('Data file not valid.');
// validate number of records per page
(is_int($numRecs)&&$numRecs>0)?$numRecs=$numRecs:die
('Invalid number of records '.$numRecs);
// calculate total of records
$numPages=ceil(count($data)/$numRecs);
// validate page pointer
if(!preg_match("/^\d{1,2}$/",$page)
||$page<1||$page>$numPages){
$page=1;
}
// retrieve records from flat file
$data=array_slice($data,($page-1)*$numRecs,$numRecs);
// append records to output
foreach($data as $row){
$columns=explode('_',$row);
foreach($columns as $column){
$output.=$column.' ';
}
$output.='<br />';
}
// create previous link
$output.='<div class="cheatpagenation">';
if($page>1){
$output.='<a href="'.$_SERVER['PHP_SELF'].'?page='.
($page-1).'"><< Previous</a> ';
}
// create intermediate links
for($i=1;$i<=$numPages;$i++){
($i!=$page)?$output.='<a href="'.$_SERVER
['PHP_SELF'].'?page='.$i.'">'.$i.'</a> ':$output.=$i.' ';
}
// create next link
if($page<$numPages){
$output.=' <a href="'.$_SERVER['PHP_SELF'].'?page='.
($page+1).'">Next >></a></div>';
}
// return final output
return $output;
}
?>
Code:
// // require_once('top10pagenation.php');
// $page=$_GET['page'];
// echo paginateRecords('top10.txt',$page);
Thanks ever so for the help, I just can't seem to understand what's what with this, cheers --------------- Added [DATE]1406330921[/DATE] at [TIME]1406330921[/TIME] --------------- I placed in the admin_functions template near those lines you mentioned '$safe_functions = array( 'paginateRecords', // test ); so it's like this now: Code:
static $safe_functions;
if (!is_array($safe_functions))
{
$safe_functions = array(
// logical stuff
0 => 'and', // logical and
1 => 'or', // logical or
2 => 'xor', // logical xor
// built-in variable checking functions
'in_array', // used for checking
'is_array', // used for checking
'is_numeric', // used for checking
'isset', // used for checking
'empty', // used for checking
'defined', // used for checking
'array', // used for checking
// vBulletin-defined functions
'can_moderate', // obvious one
'can_moderate_calendar', // another obvious one
'exec_switch_bg', // harmless function that we use sometimes
'is_browser', // function to detect browser and versions
'is_member_of', // function to check if $user is member of $usergroupid
'paginateRecords', // test
);
|
|
#8
07-25-2014, 10:44 PM
|
|||
|
|||
|
Quote:
But I don't think that's what you want. It looks to me like you are trying to call your custom function to do some formatting, in which case you would want to use a plugin. Your code would then create one or more variables and you'd use them in a template. So, which hook location should you use? It depends on what you're trying to do. Hooks are just places in the vbulletin scripts where addon code can be called, so you need to find one in a location that's allows you to do what you want to do.
|
| Благодарность от: | ||
| tbworld | ||
|
#9
07-25-2014, 11:12 PM
|
||||
|
||||
|
Quote:
Code:
<?xml version="1.0" encoding="ISO-8859-1"?>
<plugins>
<plugin active="1" executionorder="9" product="vbulletin">
<title>paginateRecords</title>
<hookname>template_safe_functions</hookname>
<phpcode><![CDATA[function paginateRecords($dataFile,$page,$numRecs=10){
$output='';
// validate data file
(file_exists($dataFile))?$data=(file
($dataFile)):die('Data file not valid.');
// validate number of records per page
(is_int($numRecs)&&$numRecs>0)?$numRecs=$numRecs:die
('Invalid number of records '.$numRecs);
// calculate total of records
$numPages=ceil(count($data)/$numRecs);
// validate page pointer
if(!preg_match("/^\d{1,2}$/",$page)
||$page<1||$page>$numPages){
$page=1;
}
// retrieve records from flat file
$data=array_slice($data,($page-1)*$numRecs,$numRecs);
// append records to output
foreach($data as $row){
$columns=explode('_',$row);
foreach($columns as $column){
$output.=$column.' ';
}
$output.='<br />';
}
// create previous link
$output.='<div class="cheatpagenation">';
if($page>1){
$output.='<a href="'.$_SERVER['PHP_SELF'].'?page='.
($page-1).'"><< Previous</a> ';
}
// create intermediate links
for($i=1;$i<=$numPages;$i++){
($i!=$page)?$output.='<a href="'.$_SERVER
['PHP_SELF'].'?page='.$i.'">'.$i.'</a> ':$output.=$i.' ';
}
// create next link
if($page<$numPages){
$output.=' <a href="'.$_SERVER['PHP_SELF'].'?page='.
($page+1).'">Next >></a></div>';
}
// return final output
return $output;
}]]></phpcode>
</plugin>
</plugins>
My template (incidentally I have php plugin which allows me to use php in templates, so for the 'echo' statement I'm hoping is all ok) Code:
// require_once('top10pagenation.php');
$page=$_GET['page'];
echo paginateRecords('top10.txt',$page);
|
|
#10
07-25-2014, 11:31 PM
|
|||
|
|||
|
Couple questions:
What modification are you using to include PHP in templates? What template are you inserting this into? You do not need "$safe_functions" for what you are doing, since you are circumventing the template system. Give me a few minutes to get my bearing on this with VB3.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 09:01 PM.