Banshee
the secure PHP framework

Forum

best way to integrate module/page with inline php

colin
7 december 2011, 20:06
what is the best way to add a page that has multiple inline php sections/lines into banshee site? Would just adding random.php to public directory reduce security? When trying to add content from random.php to xslt view of created module i get errors about unescaped characters. Is there a practical way to add exclusions so php is parsed as php or a way to include php line in xml from external file? thanks

Banshee version: 3.3
PHP version: 5.3.6
MySQL version:
Webserver: hiawatha
Hugo Leisink
7 december 2011, 20:20
If the output of random.php is public information, I don't see any security issues when you place random.php in the public folder.

If you want to integrate it in Banshee, you can create a new page and add the content of random.php to the execute() function of the page controller. You can use $this->output->disabled = true to disable to output library. The XSLT sheet for that page is then ignored and all output that has been printed is sent to the browser.
colin
7 december 2011, 23:34
I added random.php to controller and it output html as desired. Is there a way to include output html to xslt as the rest of my layout is controlled through xslt.
colin
8 december 2011, 01:06
nevermind, stupid question. output is disabled. i'll just add html that xslt would have generated. thanks
Message preview

The following BB-codes are available in a message:

  • [b]Bold text[/b]
  • [center]Center text or imagen[/center]
  • [color=color name or #RGB code]Colored text[/color]
  • [i]Italic text[/i]
  • [img]Link to image[/img]
  • [right]Align text or image right[/right]
  • [s]Strike-through text[/s]
  • [size=pixelsize]Big or small text[/size]
  • [u]Underlined text[/u]
  • [url]Link to website[/url]
  • [url=link to website]Link text[/url]
Back
Built upon the Banshee PHP framework v6.3CMS