General question about phpBB_Security
Posted: Thu Jun 29, 2006 9:10 pmDoes it secure custom forms and pages not included with the package but which are integrated and fall under the includes/page_header.php ?
In other words, I've created some custom pages and integrated them in the usual way using
--------------------------------
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if( !$userdata['session_logged_in'] )
{
$message="You must login or register";
message_die(GENERAL_MESSAGE, $message);
}
include ($phpbb_root_path . 'includes/page_header.'.$phpEx);
blah blah blah etc...
my custom page here
------------------------
So my question is, does that put my custom page and all of its forms under the protection of phpbb_security?
Or does phpbb_security only secure the original package?
In other words, I've created some custom pages and integrated them in the usual way using
--------------------------------
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
if( !$userdata['session_logged_in'] )
{
$message="You must login or register";
message_die(GENERAL_MESSAGE, $message);
}
include ($phpbb_root_path . 'includes/page_header.'.$phpEx);
blah blah blah etc...
my custom page here
------------------------
So my question is, does that put my custom page and all of its forms under the protection of phpbb_security?
Or does phpbb_security only secure the original package?