The Arcive of Official vBulletin Modifications Site.

Artistichaven · #1 05-11-2011, 04:26 PM

I created a custom form in an if statement. The form will take you to the right page, but will not run the next $GET. If you refresh the page (by clicking enter in the URL box, not actually refreshing) it will run the next $GET. Any ideas as to why?

Code:

if ($banTime == 0)
		 {	 	 
		  $userid = $vbulletin->GPC['userid'];
	  	  print_form_header('user', 'banned&u=' . $userid);
		  print_table_header("Ban a User");
		  print_label_row("Ban: " . $username);
		  print_select_row("Ban Length", 'banLength', array(24 => "1 Day", 48 => "2 Days", 72 => "3 Days", 168 => "1 Week", 336 => "2 Weeks", 720 => "1 Month", -1 => "Permanently"), $vbulletin->GPC['userid']);
		  print_input_row("Ban Reason:", 'banreason');
		  print_submit_row("Ban");
		 }

kh99 · #2 05-11-2011, 06:34 PM

I don't notice anything wrong with that form, but user.php has no "do == banned" section so I'm assuming you've added that? In any case I don't know what "will not run the next $GET" means.

Artistichaven · #3 05-11-2011, 06:39 PM

Quote:

Originally Posted by kh99

I don't notice anything wrong with that form, but user.php has no "do == banned" section so I'm assuming you've added that? In any case I don't know what "will not run the next $GET" means.

This is custom. By not run, I mean it will not do the user.php?do=banned&u=userID portion. It will put it in the URL and go to the search area, but it will not 'ban' the user. But if you hit enter in the URL it will go and 'ban' the user.

kh99 · #4 05-11-2011, 06:51 PM

The default method for the form generated by print_form_header() is POST, so I guess what's happening is that you're getting 'do' and 'userid' in $_GET because you added them in the second parameter, but the other fields are in $_POST. You could either add the do and userid fields as hidden field in the form, or else set the method to get (it's like the ninth parameter or something). Or, you could use $_REQUEST[] which is a combination of $_GET, $_POST, and $_COOKIE.

Artistichaven · #5 05-11-2011, 07:00 PM

Quote:

Originally Posted by kh99

The default method for the form generated by print_form_header() is POST, so I guess what's happening is that you're getting 'do' and 'userid' in $_GET because you added them in the second parameter, but the other fields are in $_POST. You could either add the do and userid fields as hidden field in the form, or else set the method to get (it's like the ninth parameter or something). Or, you could use $_REQUEST[] which is a combination of $_GET, $_POST, and $_COOKIE.

Sorry, I am using $_REQUEST.

Code:

if ($_REQUEST['do'] == 'banned')
		{
		 $result = $db->query_read("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid = " . $vbulletin->GPC['userid']);
		 $row = mysql_fetch_array($result);
		 $username = $row['username'];
		 print_table_header(construct_phrase($username));
		 print_label_row("You just banned $username");
		}

kh99 · #6 05-11-2011, 07:17 PM

OK, sorry, I assumed you were using $_GET because you mentioned $GET.

But, I think I know what the problem is - the way you have it, you are ending up with do set to 'banned&u=' (plus whatever the userid is). So maybe you need to make u a hidden field in the form. (Edit: using 'do&u=' doesn't work)

Artistichaven · #7 05-11-2011, 07:22 PM

Quote:

Originally Posted by kh99

OK, sorry, I assumed you were using $_GET because you mentioned $GET.

But, I think I know what the problem is - the way you have it, you are ending up with do set to 'banned&u=' (plus whatever the userid is). So maybe you need '&u=' as the second parameter, or else make u a hidden field in the form.

I changed it to "&u=" and it's still not working.

kh99 · #8 05-11-2011, 07:24 PM

Yeah, sorry. I decided to try that and found that it didn't work (and edited the above, but too late I guess). So I guess you have no choice but to make u a hidden field, or else just echo() your own form tag (plus the other stuff output by print_form_header())

Artistichaven · #9 05-11-2011, 07:27 PM

Quote:

Originally Posted by kh99

Yeah, sorry. I decided to try that and found that it didn't work (and edited the above, but too late I guess). So I guess you have no choice but to make u a hidden field, or else just echo() your own form tag.

Why would a hidden field make this work?

Edit:
I added "echo $vbulletin->GPC['userid'];" right after I made the form and it gave me "Array['userid'] ".
^Not sure if that matters. It works if I put I call "$username" ($username = $vbulletin->GPC['userid']

kh99 · #10 05-11-2011, 07:42 PM

Quote:

Originally Posted by Artistichaven

Why would a hidden field make this work?

That's a good question, and I just now figured it out: the print_form_header() function is adding do on the url *and* as a hidden field, and the hidden field value is run through htmlspecialchars(), so the '&' gets encoded and it looks like one field. I guess this hidden POSTed field is overriding the GET value for do on the url. So maybe your existing code would work if you used $_GET for do and u and $_REQUEST for the rest of the values.

Quote:

I added "echo $vbulletin->GPC['userid'];" right after I made the form and it gave me "Array['userid'] ".
^Not sure if that matters. It works if I put I call "$username" ($username = $vbulletin->GPC['userid']

I think you need {$vbulletin->GPC['userid']} to make it so you don't get "Array['userid'] ".

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.15359 seconds Memory Usage 2,260KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (2)bbcode_code (6)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!