Fork me on GitHub

Get module type  Bottom

  • MACscr
    MACscr
    Expert
    • Rank: Expert
    • Registered: Dec 31, 1969
    • Last visit: Oct 21, 2009
    • Posts: 1437
    Link to this post Posted: Sep 04, 2005 - 11:10 PM
    Im working on a hack that i might be turning into a plugin that will load a particular peice of code. It all depends on if "user" or "admin" areas are being viewed. For some reason i cant seem to be able to pull that variable information out of URL. Currently im just trying some simple PHP Smarty code in a template to see if can get it working, then from there i turn it into a pnrender plugin hopefully. Anyway, its 6am for me and i have been up all night, so im probably missing something simple.

    Most of the code here is just for testing, but here is what i have:

    Code

    <!--[php]-->

    $filename = $_SERVER['PHP_SELF'];
    $newfilename = str_replace("/", "", $filename);

    //print_r $filename;

    if ($type == 'admin' || $module == 'advProfile' || $module == 'User' || $newfilename == 'user.php'){

    $domain = $_SERVER['HTTP_HOST'];
    $newdomain = str_replace("secure.", "", $domain);

        if ( isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) == 'on' ) {
           header ('Location: http://'.$newstring.$_SERVER['REQUEST_URI']);
           exit();
        }
    }

    echo $newfilename;
    <!--[/php]-->
  • Simon
    Simon
    Legend
    • Rank: Legend
    • Registered: Dec 11, 2002
    • Last visit: Oct 21, 2009
    • Posts: 11674
    Link to this post Posted: Sep 05, 2005 - 05:07 AM
    You are assuming the variable $type is available, which it might not be, so shouldn't you be pnVarCleanFromInput() them first?

    --
    itbegins.co.uk - Zikula Consulting

    birtwistle.me.uk - Personal Blog


    Please read the Support Guide
  • Landseer
    Landseer
    Team Member
    • Rank: Team Member
    • Registered: Jan 02, 2003
    • Last visit: Oct 21, 2009
    • Posts: 800
    Link to this post Posted: Sep 05, 2005 - 08:21 AM
    $type is available only with register_globals = on which is a bad idea for security. pnVarCleanFromInput, as Simon mentioned, is the correct way.

    --
    "He is not dangerous, he just wants to play...."
  • MACscr
    MACscr
    Expert
    • Rank: Expert
    • Registered: Dec 31, 1969
    • Last visit: Oct 21, 2009
    • Posts: 1437
    Link to this post Posted: Sep 05, 2005 - 09:19 AM
    yep, got it working. Thanks!

    Now i have SSL for logins, edit user, and all administration. Woo hoo!
  • Simon
    Simon
    Legend
    • Rank: Legend
    • Registered: Dec 11, 2002
    • Last visit: Oct 21, 2009
    • Posts: 11674
    Link to this post Posted: Sep 05, 2005 - 09:59 AM
    Great work!

    Care to write a tutorial for the masses?

    --
    itbegins.co.uk - Zikula Consulting

    birtwistle.me.uk - Personal Blog


    Please read the Support Guide
  • MACscr
    MACscr
    Expert
    • Rank: Expert
    • Registered: Dec 31, 1969
    • Last visit: Oct 21, 2009
    • Posts: 1437
    Link to this post Posted: Sep 05, 2005 - 10:31 AM
    Unfortunately my solution is just a hack for Xanthia themes only. If someone wants to work with me to clean it up and turn it into a real solution, i would be glad to share it.
  • Landseer
    Landseer
    Team Member
    • Rank: Team Member
    • Registered: Jan 02, 2003
    • Last visit: Oct 21, 2009
    • Posts: 800
    Link to this post Posted: Sep 05, 2005 - 10:37 AM
    If you share the hack we can see how it can be implemented correctly (this does not mean that your solution is not correct!)

    Feel free to post it to the patch tracker on NOC.

    --
    "He is not dangerous, he just wants to play...."

Users on-line

This list is based on users active over the last 60 minutes.