Home » Beyond the basics » Snippets » PHP snippets » PHP page snippets » Drupal 4.7.x page snippets

Display (n) most recent nodes (including flexinodes) of certain taxonomy terms

<?php
       
    $taxo_id = "1,2,14"// The taxonomy term ID numbers
    $list_no = 5; // Maximum number of posts to list
    $sql = "SELECT DISTINCT(n.nid), node.title FROM {node} n INNER JOIN {term_node} tn ON n.nid = tn.nid WHERE tn.tid in ($taxo_id) AND n.status = 1 ORDER BY n.created DESC ";
    $result = db_query_range(db_rewrite_sql($sql), 0, $list_no);
    $output = "";
    while ($anode = db_fetch_object($result)) {
        $output .= node_view(node_load($anode->nid), TRUE);
    }
    print "<div class=\"link-container\">";
    print $output;
    print "</div>";
?>

‹ Creating a paged list of nodes from a taxonomy category, with teasers.upDisplay (x) last logged in userpictures ›
» Login or register to post comments

How exactly does somebody inject here?

ultimante - February 24, 2006 - 02:28

There are no user set variables here, so how is this code insecure?

Login or register to post comments
 
 

Drupal is a registered trademark of Dries Buytaert.