MyBB Community Forums

MyBB Community Forums > Extensions > Plugins > Plugin Development > Is this code save?
Full Version: Is this code save?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

marcus123

2014-06-21, 11:59 AM
Could you please tell me if is it safe to use this code?

PHP code

if($mybb->input['action'] == 'cookielaw_change')
	if(isset($mybb->input['allow']))
	{
	   my_setcookie('mybb[allowed_cookies]', '1');
			header('Location: '.$_SERVER['REQUEST_URI']);
	}


HTML code

<form action="{$mybb->settings['bburl']}/misc.php?action=cookielaw_change" method="post">
<div align="right"><input type="submit" name="allow" value="Hide this message" /></div>


Also when these cookies will expire and what is the difference betwenn them????

my_setcookie('mybb[allowed_cookies]', '1');
my_setcookie('mybb[allowed_cookies]', '0');

ectomatt

2014-06-21, 03:25 PM
(2014-06-21, 11:59 AM)marcus123 Wrote: [ -> ]Could you please tell me if is it safe to use this code?

PHP code

if($mybb->input['action'] == 'cookielaw_change')
	if(isset($mybb->input['allow']))
	{
	   my_setcookie('mybb[allowed_cookies]', '1');
			header('Location: '.$_SERVER['REQUEST_URI']);
	}


HTML code

<form action="{$mybb->settings['bburl']}/misc.php?action=cookielaw_change" method="post">
<div align="right"><input type="submit" name="allow" value="Hide this message" /></div>


Also when these cookies will expire and what is the difference betwenn them????

my_setcookie('mybb[allowed_cookies]', '1');
my_setcookie('mybb[allowed_cookies]', '0');

The code looks fine to me, all it does is set a cookie and redirect a user when a certain condition is met.

According to this: https://github.com/mybb/mybb/blob/master....php#L1661

changing the second parameter in the my_setcookie just determines the value of the cookie.

marcus123

2014-06-21, 06:11 PM
Thanks very appreciate your help.
MyBB Community Forums > Extensions > Plugins > Plugin Development > Is this code save?