Customizing SMF > SMF Coding Discussion
External HTML Form pass ($_GET/$_POST) to SMF PHP Page
Elmacik:
First, you don't have to use SSI.php inside a native forum page; because you can already reach to context variables without it.
Second; the index names are not the same in both your codes. You are sending player_name from the ban page, but you are trying to read real_name in the page2564. And as well you are sending staff_name and trying to read mod_name. Just change the variable names and indexes to match each other.
MrPhil:
$_GET is for data passed via the URL Query String, either as form "GET" or by a link.
$_POST is for data passed via form "POST"
$_REQUEST is a merge of $_GET and $_POST
If your register global variables are turned off (as they should be), you have to explicitly use the model $var1 = $_GET['var1']; to pick up the value. $var1 by itself will not be defined with any value. Or, use $_GET['var1'] directly in the expression in place of $var1.
Kindred:
also, if you are doing a direct get or post, you should always "clean" the data before you use it.... (avoid injection hacks)
Elmacik:
--- Quote from: Kindred on June 11, 2012, 09:53:18 AM ---also, if you are doing a direct get or post, you should always "clean" the data before you use it.... (avoid injection hacks)
--- End quote ---
I was going to warn about the same thing; but soon I came to realize that SMF already cleans the request variables.
Kindred:
we clean it in the SMF code... but, if someone is writing additional code, they would have to do their own cleaning.... or use the SMF clean function... right?
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version