of view.php if((!function_exists('register_frontend_modfiles') || !defined('MOD_FRONTEND_CSS_REGISTERED')) && file_exists(WB_PATH .'/modules/testimonies/frontend.css')) { echo '\n"; } /** * THE FUNCTIONS AND SETTINGS OF YOUR MODULE IN THE WB FRONTED ARE DEFINED BELOW THIS LINE HERE * * The code below extracts the text stored in the database, removes the contained slashes and * outputs the clean text to the view.php. In addition the modification data/time is written out. * The modification date is stored as timestamp and converted into human readable format via the * language file. This way all outputs can be customised depending on the language. * * Some CSS defininitions are used to demonstrate the usage of the external frontend.css file. * A dummy Javascript function call is added at the end of the script. The function itself is defined in * the modules frontend.js file loaded automatically by Website Baker. * * KEEP IN MIND: * All user inputs should be treated as dangerous. You need to apply the required measures to * prevent that harmful code is added to the MySQL database or executed by PHP. * Always think about filtering HTML/CSS/Javascript code from the user input. * * Some aspects on security: * Tags like can be used to deface your layout (some text) * Text fields can also be used for Javascript hacks: * To prevent SQL-injection, escape special characters before writting to the database. Use WB function add_slashes() * when dealing with data from POST, GET, COOKIES to prevent double quoting if magic_quotes is enabled in your php.ini. * * Make use of: strip_tags, add_slashes, or htmlspecialchars to prevent such kind of things */ // obtain data from module DB-table of the current displayed page (unique page defined via section_id) fncTestimonials(); ?>