Hi ! I am editing the templates codes of my new one.
Somewhere, i really need to write a php/mysql code for set a variable and echo this one. But i tryed and the php code don't appear on the site.
Is it protected from php in templates codes ?
like for the : 'header_welcomeblock_member' templates code.
If its protect, is there a way to put my php code ?
That's what plugins are for.
What is the name of this plugin ?
You said you need to write some PHP and query the database, so you need to create a plugin to do that.
oh... I don't know making plugin...
Ok i found a plugin that let me write php
But MyBB tel me that my script have potential security issue... i don't see where...
lok my script :
$balance = mysql_query("SELECT balance FROM iconomy WERE 'username' = '{$mybb->user[\'fid4\']}'");
$s_balance = mysql_escape_string($balance);
echo $s_balance;
how can i make this with no security issue ?
(2012-01-08, 10:57 PM)dexon95 Wrote: [ -> ]$balance = mysql_query("SELECT balance FROM iconomy WERE 'username' = '{$mybb->user[\'fid4\']}'");
$s_balance = mysql_escape_string($balance);
echo $s_balance;
how can i make this with no security issue ?
Your script has tons of spelling and syntax errors in it, you need to pay more attention to those...
$balance = mysql_query("SELECT `balance` FROM iconomy WHERE `username` = '{$mybb->user[\'fid4\']}'");
echo mysql_real_escape_string($balance);
You cannot use PHP in templates like that. It just won't work. You need to create a plugin that does the server side stuff.
Once again: You need to create a plugin that does the server side stuff.
when i only write : <?php echo 'lol'; ?>
The 'lol' appear on the page
so the plugin i just installed works i think.
But with your code, fizz, it still tell me that there is a security issue :/
(PHP and Template Conditionals (1.9)) for 1.6.x
http://mybbhacks.zingaburga.com/showthread.php?tid=260
(2012-01-09, 01:07 AM)dexon95 Wrote: [ -> ]when i only write : <?php echo 'lol'; ?>
The 'lol' appear on the page
so the plugin i just installed works i think.
But with your code, fizz, it still tell me that there is a security issue :/
(PHP and Template Conditionals (1.9)) for 1.6.x
http://mybbhacks.zingaburga.com/showthread.php?tid=260
You need to either make a core edit or a plugin, like Nathan's said multiple times. There's plenty of documentation on how to do it in the Wiki.