Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Issue with get_component
#1
Was getting an error of <? displaying when i used components.

I adjusted to:

Code:
function get_component($id) {
        if (file_exists('data/other/components.xml')) {
            $thisfile = file_get_contents("data/other/components.xml");
            $data = simplexml_load_string($thisfile, NULL, LIBXML_NOCDATA);
            $components = $data->item;
            
            if (count($components) != 0) {
                foreach ($components as $component) {
                    if ($id == $component->slug) {
                        eval("?>" . stripslashes(htmlspecialchars_decode($component->value, ENT_QUOTES)));
                    }
                }
            }
        }

Remove an extra ?> at the end of the eval line, fixed it up. Can you let me know if this is a security issue or the correct method to fix the issue?
Nothing is too difficult... anything is possible.
'But you tried, and you failed.. the important thing? never try'
Reply
#2
I did see this on one of my local servers too, but haven't seen it anywhere else - is this where you saw it too? i think this would cause a problem for html and php code that are in the same component. The parser would try to evaluate HTML code as PHP and you would get errors...
- Chris
Thanks for using GetSimple! - Download

Please do not email me directly for help regarding GetSimple. Please post all your questions/problems in the forum!
Reply
#3
Yeah it's on the localhost (wamp)

I've not had any issues since uploading live with the change affecting my site.
Nothing is too difficult... anything is possible.
'But you tried, and you failed.. the important thing? never try'
Reply




Users browsing this thread: 1 Guest(s)