GetSimple Support Forum

GetSimple Support Forum > GetSimple > General Questions and Problems > Issue with get_component
Full Version: Issue with get_component
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

crashfellow

2009-09-04, 01:31:41
Was getting an error of <? displaying when i used components.

I adjusted to:

Code:
function get_component($id) {
        if (file_exists('data/other/components.xml')) {
            $thisfile = file_get_contents("data/other/components.xml");
            $data = simplexml_load_string($thisfile, NULL, LIBXML_NOCDATA);
            $components = $data->item;
            
            if (count($components) != 0) {
                foreach ($components as $component) {
                    if ($id == $component->slug) {
                        eval("?>" . stripslashes(htmlspecialchars_decode($component->value, ENT_QUOTES)));
                    }
                }
            }
        }

Remove an extra ?> at the end of the eval line, fixed it up. Can you let me know if this is a security issue or the correct method to fix the issue?

ccagle8

2009-09-05, 11:43:36
I did see this on one of my local servers too, but haven't seen it anywhere else - is this where you saw it too? i think this would cause a problem for html and php code that are in the same component. The parser would try to evaluate HTML code as PHP and you would get errors...

crashfellow

2009-09-06, 11:55:48
Yeah it's on the localhost (wamp)

I've not had any issues since uploading live with the change affecting my site.
GetSimple Support Forum > GetSimple > General Questions and Problems > Issue with get_component