Firefox PHP

Creating a preview-area on a website

Posted by KnutBoehmer 
Creating a preview-area on a website
February 06, 2013 06:29AM
Hey everyone,

first of all, I'm very new to this whole thing, so maybe some of my questions may be silly or lack essential information - in that case, please just ask!

I'm currently tasked with finding a solution for the following problem:

The university website I work for has been using Phorum for a while now and is currently in the process of developing a new intranet. A planned small feature of this new intranet will be a "classifieds" section, i.e. sort of a "trading post", allowing for small ads to buy and/or sell stuff.
Since Phorum seems to be a solid backbone for this (and it is already working with the central user database) I was thinking about using it for this task.
However, I was asked if there is any way to create a small "preview"-area on the new intranet starting page that displays the 3-5 latest postings of the two sub-forums (Buying / Selling), containing not much more than the thread title, user name and date, as well as a link to the Phorum thread.

Is there a plugin, script or something alike that can help me solve this task?

Thanks a lot for your time!
Re: Creating a preview-area on a website
February 06, 2013 12:24PM
Simple php/mysql query

max is number of items to display
buy, sell are the numeric forum id numbers
phorum5/read.php?28,153281 - link to message
parent_id=0 thread starter

Language: PHP
$sql = "select * from phorum_messages WHERE (forum_id=buy or forum_id=sell) and parent_id=0 and status=2 and moved=0 ORDER BY datestamp desc limit $max";   mysql_select_db("phorum5");   $res = mysql_query($sql, resource $link_identifier);   while($row = mysql_fetch_object($res)) { print "<li>";   $mid = $row->message_id; if($row->thread) $mid=$row->thread;   $subj = trimstring($row->subject,50);   $auth = $row->author;     $subj = trim(strip_tags($subj)); $auth = trim(strip_tags($auth));   if(!$subj) $subj = "- No Subject -"; if(!$auth) $auth - "- No Author -";   print "<a href=\"phorum5/read.php?$forum_id,$thread\"><b>$subj</b>";   print date("H:i jS M Y",$row->datestamp); print " - posted by $auth"; print "</a></li>";   }



Edited 2 time(s). Last edit at 02/06/2013 12:34PM by DavidVonB.
Re: Creating a preview-area on a website
February 08, 2013 06:30AM
Great, thank you very much! :)
Re: Creating a preview-area on a website
February 09, 2013 05:50AM
Be aware that this script does not format any of the output. This might be a potential security risk, since it opens up the site for XSS attacks, because users can write plain HTML and javascript code in the subject and have it render on the page that uses this code.

Please add the following to the script code:
                $subj = trim(strip_tags($subj));
		$auth = trim(strip_tags($auth));
 
		if(!$subj) $subj = "- No Subject -";
		if(!$auth) $auth - "- No Author -";
 
                $subj = htmlentities($subj);
                $auth = htmlentities($auth);

That should make the code safe.


Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Sorry, only registered users may post in this forum.

Click here to login