Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 Programming Discussions
Reload this Page File Sanitize / cleaning via Vbulletin
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-16-2015, 07:14 AM
Mickie D Mickie D is offline
 
Join Date: Jun 2002
Posts: 430
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default File Sanitize / cleaning via Vbulletin
How do I convert this for VBulletin Sanitize (cleaning).

PHP Code:
$_FILES["fileToUpload"]["size"
I tried this but it breaks the page

PHP Code:
$vbulletin->input->clean_gpc('f''fileToUpload''size'TYPE_FILE); 
Thank you.
Reply With Quote
  #2  
Old 06-16-2015, 07:39 AM
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Posts: 1,987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Mickie D View Post
it breaks the page
Be specific, please.

Quote:
PHP Code:
$vbulletin->input->clean_gpc('f''fileToUpload''size'TYPE_FILE); 
You did replace 'fileToUpload' and 'size' with the variables that contain the actual values, did you?
Reply With Quote
  #3  
Old 06-16-2015, 08:00 AM
Mickie D Mickie D is offline
 
Join Date: Jun 2002
Posts: 430
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by cellarius View Post
Be specific, please.


You did replace 'fileToUpload' and 'size' with the variables that contain the actual values, did you?

thanks for the reply, yes those values are the values from the form.

What happens is nothing, it does not upload at all nothing gets moved into the directory.
The strangest thing also is I have another part of the script that outputs the files from foreach loop using DIV'S and the vbulletin form code breaks this when I change it , makes everything huge (which I cannot explain).

But as soon as I change it back to the $_FILE method it works perfectly?

I am just trying for good practice and security to use the built in vbulletin cleaning functions...
Reply With Quote
  #4  
Old 06-16-2015, 03:12 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
The clean_gpc function only takes 3 arguments. I've never used the vbulletin functions to do file uploads, but I think you want something like:
Code:
$vbulletin->input->clean_gpc('f', 'fileToUpload', TYPE_FILE);  

$vbulletin->GPC['fileToUpload']['size']

That is, after calling clean_gpc, the size value would be in $vbulletin->GPC['fileToUpload']['size'].
Reply With Quote
Благодарность от:
Mickie D
  #5  
Old 06-16-2015, 04:43 PM
Mickie D Mickie D is offline
 
Join Date: Jun 2002
Posts: 430
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by kh99 View Post
The clean_gpc function only takes 3 arguments. I've never used the vbulletin functions to do file uploads, but I think you want something like:
Code:
$vbulletin->input->clean_gpc('f', 'fileToUpload', TYPE_FILE);  

$vbulletin->GPC['fileToUpload']['size']

That is, after calling clean_gpc, the size value would be in $vbulletin->GPC['fileToUpload']['size'].

I will give that a go once my kids get off the PC...

Also when you say 3 arguments, are you talking about GET, POST, FILE ?

Or the SIZE, TYPE, ERROR, NAME, etc

Thanks again
Reply With Quote
  #6  
Old 06-16-2015, 04:50 PM
kh99 kh99 is offline
 
Join Date: Aug 2009
Location: Maine
Posts: 13,185
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I mean parameters, values you pass to the function, like 'f', 'fileToUpload', TYPE_FILE. In your first post you have 4.
Reply With Quote
  #7  
Old 06-16-2015, 04:53 PM
Mickie D Mickie D is offline
 
Join Date: Jun 2002
Posts: 430
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Ah, I see the second code I posted only has 3 arguments allowed

Cheers
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 12:01 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09549 seconds
  • Memory Usage 2,227KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_code
  • (3)bbcode_php
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (1)post_thanks_box_bit
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete