PDA

View Full Version : Use short variable system


Shane
11 Mar 2008, 14:07
There is a more detailed article of what happens here (http://www.vbulletin.org/forum/showthread.php?t=119372).
Welcome! With 3.7.x there is now the ability to use short variables when passing through files. This allows you not to have an "ugly" name in the URL and allows everything to be easier read and created. Which means you don't have to memorize 100 possible larger variables to memory when using forms and redirect.

Since I haven't coded a thing for vB since 3.0.0, I figure I show this to those who are trying to make their programs be more effective, as I am basically re-learning as I go. This article shows you how the system works!

The Script


<?php

error_reporting(E_ALL & ~E_NOTICE);

define('THIS_SCRIPT', 'test');

require_once('./global.php');

// Create our short ID to a standard name so we can use them where ever we go.
$temp = $vbulletin->input->shortvars;
$vbulletin->input->shortvars = array(
't' => 'testid',
);
foreach (array('_GET', '_POST') AS $arrayname)
{
$vbulletin->input->convert_shortvars($GLOBALS["$arrayname"]);
}
$vbulletin->input->shortvars = array_merge($temp, $vbulletin->input->shortvars);

$vbulletin->input->clean_array_gpc('r', array(
'testid' => TYPE_INT,
));

// This var can be now anything I set inside my program so it can be identified easier!
$testid = $vbulletin->GPC['testid'];

echo "This should output <strong>1</strong>: " . $testid . "<br/>";

?>


Summary

Basically using the built in features in class_core.php inside your includes directory which gets initialized through your global.php file, has a "regiester" area where it takes my input of "t" from the URL (test.php?t=1) and makes $testid (which I would use through out the script) to get the input.

Now the most important thing is specifying what type of value it will be. In this case, "t" will always be an integer (TYPE_INT). If I were to do (test.php?t=This is a test) it would not output at all. This is a nice security feature built into vB and doesn't allow people to directly "test" the system to find vulnerabilities in your vB installation and your product (add-on). However, if I specified TYPE_STR then it would work both ways because a number can be a string.

Usually you would place this in a file that is always read by your product. Mine is in my "catch" all file loading after global.php is included. This makes it so all your pages uses the same data and you don't have to re-type this code anywhere else. :)

I hope this helps you! Enjoy! :D

Princeton
12 Mar 2008, 13:19
interesting ..

these are like easter eggs - it's exciting when finding new built-in functions that are useful

thanks for sharing :up:

Shane
12 Mar 2008, 15:57
Yeah. I didn't want to have to type in a 8 to 12 character varabile name anymore so I was trying to figure out how vB did it. Much easier to remember at least 2 or 1 letters for passing data around. :)