MyBB Community Forums

Full Version: problem with breadcrumb
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi guys,
I have a problem with a code of my plugin:
$currdir = $mybb->input['directory'];
$list_dir = explode("/", $currdir);
foreach($list_dir as $d){
    $page->add_breadcrumb_item($d, "index.php?module=file-list&directory=$d");
}

When I go to myforum/admin/index.php?module=file-list&directory=admin/modules/user it works, it show me admin >> modules >> user but the link is wrong.
If I click modules it redirect me to ?module=file-list&directory=modules and not admin/modules, how to fix it?
Well, it just uses the invalid URL you specified, there's no code that would redirect it to admin/modules - you explode the path and then append only each exploded part at the end of it. It's also XSS vulnerable, you should escape user inputs before outputting them in HTML by using htmlspecialchars_uni().

I guess you meant something like:
$currdir = htmlspecialchars_uni($mybb->input['directory']);
$list_dir = explode("/", $currdir);
foreach($list_dir as $d)
{
    $proper_path = substr($currdir, 0, strrpos($currdir, $d) + strlen($d));
    $page->add_breadcrumb_item($d, "index.php?module=file-list&directory={$proper_path}");
} 
Thank you destroy, know a lot of php but many others have yet to learn
destroy there's a problem with the code, if I have a folder named prova in another folder named prova it show me the 2 directories in breadcrumb but the link is the same:

mysite/prova/prova
Home >> prova2 >> prova2

prova2 = mysite/admin/index.php?module=file-list&directory=/prova/prova
prova2 = mysite/admin/index.php?module=file-list&directory=/prova/prova

Help me Sad
Well, I thought the folder names were unique. You need a slightly more advanced solution for this then. Instead of strrpos() you can use strpos() with the $offset parameter: http://php.net/manual/en/function.strpos.php and increase the offset by the directory name strlen() after each breadcrumb. Starting with 0 ofc.