phpBB • Free and Open Source Forum Software

#-----[ OPEN ]--------------------------------------------- # styles/subsilver2/template/index_body.html # #-----[ FIND ]--------------------------------------------- # Around Line 78 </tr> <tr> <td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text...

[player]{SIMPLETEXT}[/player] <a href="/player.php" onclick="NewWindow(this.href,'player','300','200','no','left');return false" onfocus="this.blur()">{SIMPLETEXT}</a> That easy, huh? I don't want to leave that bbcode active for all users though. Could I create it, update the two posts, delete the ...

The key here is that basically anything you could want to do with HTML, you can do with custom BBCodes. That being said, it is still possible to inject security issues with certain custom BBCodes, so one must be careful. If you're looking to place popup code on the site, why not just modify the tem...

Yeah, looks to be working again.
Thanks for your help.
Any thoughts as to why that was needed in 3.0.6 but not in 3.0.5 or less?

Where/how do you mean to put that?
Been long time since I messed with these.

Comes back with: NULL

When you var_dump() the $user variable before your small if statement, what does it return? Moving to MOD Writers Discussion... Off hand, I'm not sure how to do that. Are you including the script somewhere in a template file like this: <!-- INCLUDEPHP ../example.php --> I was experiencing similar d...

Bump for help

To clarify, injecting HTML into database fields (by administrators) isn't actually a security risk. Good to hear, because that is what I did on my forum. Just for two topics though. I made a post in the BBCode topic in phpbb3 general asking how to convert the html script I use to bbcode. It's a for...

~

Pit$Bull wrote:

Seraphic wrote: How so?

As stated, SECURITY RISK.

Could you go into a little more detail as to how HTML is a SECURITY RISK?

I think it is hard disabled. This is how I do it since I am admin. Make a post, then go into the mysql database, edit the post's table, and add the HTML you want. Bad idea. How so? I do it so I can add pop-up windows for my chatroom/musicplayer. Tell me how to do that with BBCode and I'll give a try.

I think it is hard disabled.
This is how I do it since I am admin.
Make a post, then go into the mysql database, edit the post's table, and add the HTML you want.

Does anyone have some thoughts as to why this php included script would no longer work under 3.0.6 on my forum? Soon as I updated my database from 3.0.5 to 3.0.6, it no longer flags me as logged in when logged in. (always shows logged out page) <?php if($user->data['is_registered']) { echo " logged-...

Thanks a lot. Didn't think of doing it that way.
Kept looking for text color somewhere in the new reCAPTCHa files.