2018-07-10, 04:01 AM
Hi, I'm just curious.
in forumdisplay.php
$page = $mybb->input['page'];
$start = ($page-1) * $perpage;
.
.
.
$query = $db->query("
.
.
LIMIT $start, $perpage
");
I think it can cause security problems by connecting to DB
I think "$mybb->get_input('page', MyBB::INPUT_INT);" is better
Am I thinking wrong?
in forumdisplay.php
$page = $mybb->input['page'];
$start = ($page-1) * $perpage;
.
.
.
$query = $db->query("
.
.
LIMIT $start, $perpage
");
I think it can cause security problems by connecting to DB
I think "$mybb->get_input('page', MyBB::INPUT_INT);" is better
Am I thinking wrong?