stmllr.net

Articles tagged with “cObject”

• Combining Fluid ViewHelpers and TypoScript in TYPO3 - 5 basic examples

  Jul 29, 2010 Here comes another blog article about TYPO3 after a long time of absence. This time I introduce the Fluid cObject ViewHelper, which brings together the power of TypoScript and Fluid. I will demonstrate the usage of this ViewHelper in five basic examples.

• Prevent SQL injection in TypoScript when using strings from GET parameters

  Nov 30, 2009 Whenever you are using GET/POST parameters in SQL queries, you have to face the risk of running into SQL injection. The golden rule here is not to trust user parameters, but always properly check and escape values. This article introduces a TYPO3 extension, which helps to sanitize parameters by extending TypoScript stdWrap. PLEASE ALSO READ THE COMMENTS ON THIS ARTICLE FOR UPDATES IN THE TYPO3 CORE TO TACKLE THIS ISSUE!

• Is SQL injection possible in TypoScript objects?

  Mar 5, 2009 Using GET/POST vars in SQL queries involves the risk of SQL injection if the parameter is not properly sanitized. There are lots of warnings and documents around in the web on how to prevent this in PHP scripts. But what about TypoScript?

• How to link to a file in a FE plugin of TYPO3?

  Nov 24, 2008 This short snippet demonstrates the essentials of how to create links to files in FE plugins. It reveals the power of cObjects and TypoScript. This technique is typical for TYPO3 and it shows you why TYPO3 can be so amazing.