Sorry I didn't read that right.
At 05:28 PM 1/29/2010, you wrote:
Enable the PHP module that comes with core (which is disabled by default).
On Fri, Jan 29, 2010 at 4:26 PM, Daniel Carrera <mailto:daniel.carrera@theingots.orgdaniel.carrera@theingots.org> wrote: Hello,
I have Drupal 6. I want to create an input format that allows me to insert PHP code in a web page. Of course, this is only for admin. Anyways, I can't figure out how to do that. When I go to "input formats" and select "add input format" I don't see any option to allow PHP code.
Help?
Daniel.
[ Drupal support list | http://lists.drupal.org/http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
Yeah. Thanks for the help anyways.
The fact that the PHP module is disabled by default must be a new feature/bug.
Cheers, Daniel.
Marty Landman wrote:
Sorry I didn't read that right.
At 05:28 PM 1/29/2010, you wrote:
Enable the PHP module that comes with core (which is disabled by default).
On Fri, Jan 29, 2010 at 4:26 PM, Daniel Carrera <mailto:daniel.carrera@theingots.orgdaniel.carrera@theingots.org> wrote: Hello,
I have Drupal 6. I want to create an input format that allows me to insert PHP code in a web page. Of course, this is only for admin. Anyways, I can't figure out how to do that. When I go to "input formats" and select "add input format" I don't see any option to allow PHP code.
Help?
Daniel.
[ Drupal support list | http://lists.drupal.org/http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
Pretty sure it has been this way for some time. It isn't something you want enabled unless you have a reason.
On Jan 29, 2010 5:58 PM, "Daniel Carrera" daniel.carrera@theingots.org wrote:
Yeah. Thanks for the help anyways.
The fact that the PHP module is disabled by default must be a new feature/bug.
Cheers, Daniel.
Marty Landman wrote:
Sorry I didn't read that right.
At 05:28 PM 1/29/2010, you wrote:
E...
I want to make a form that points to a non-Drupal PHP script, but I want to make reasonable efforts to ensure that the user is logged into Drupal and that I record the Drupal user id when he submits the form.
I need PHP to get the Drupal user id.
I'm struggling to find a secure way to send the data. The data is not secret, I just don't want the Drupal user id to be forged. So far what I have in mind is to take the HMAC of the Drupal user id and a timestamp:
<? global $user; $data = ($user->id) . ':' . time(); $hmac = hash_hmac('sha256', $data, 's3kr3T'); ?>
Then the receiving script can check that the timestamp is recent and the data string and hmac match.
In practice, this should be enough, but I would still prefer to use something that didn't reply on an expiring timestamp.
Anyways, this is actually going on a tangent. Even if I don't use any HMAC at all, I still need Drupal just to get the Drupal user id.
Cheers, Daniel.
Michael Scappa wrote:
Pretty sure it has been this way for some time. It isn't something you want enabled unless you have a reason.
On Jan 29, 2010 5:58 PM, "Daniel Carrera" <daniel.carrera@theingots.org mailto:daniel.carrera@theingots.org> wrote:
Yeah. Thanks for the help anyways.
The fact that the PHP module is disabled by default must be a new feature/bug.
Cheers, Daniel.
Marty Landman wrote:
Sorry I didn't read that right.
At 05:28 PM 1/29/2010, you wrote:
E...
-
Daniel Carrera -
Marty Landman -
Michael Scappa