hi, i use sourcerer to get some data from database to a breezing forms default field values. it works very good. and i like it so much.

but i found a problem. if any user was filling these forms used the sourcerer code to fill like a text area . the code is excuted. i suggest that in plugin security settings. there is an option that checks the user using the plugin and if it is not administrator then do not excute code.


i have a breezing form with text area as a comments. i have to enable sourcerer for breezing forms because i use it in back end of breezing forms to get default values from database. i do not want any user to submit sourcerer code in my form and excute it.

i use jumi to make a page to display mysql records that has been input by the breezing forms form and when the sourcere code that stored in database in comments entered by text area in breezing forms frontend. the code is excuted.


i am not experienced php programmerer.

It would be pretty difficult in you example to let Sourcerer check what code it should and shouldn't execte.
In you example there are 2 pieces of source code, one entered by you in the form, one by the user entered through the fields. But all Sourcerer will see is that the page is a breezing form page and the logged in user is such and such. It can't really tell what part is by you and what part is by someone else.

Easiest solution is to change the tagname Sourcerer uses. So instead of {source}...{/source} use your own secret word. That means that {source} will not work anymore.

thanks for the solution i did that.
also i want to know if possible to use soucerer like jumni. like making pages with php that can be accessed from the menu.

about the part i was talking about before if it is possible to make sourcere execute only administratoe cpde in plugins like that for the content manager and articles.

thanks

Sourcerer doesn't work exactly the same as Jumi. Jumi is aimed mainly at including external files. Sourcer aimed mainly at placing inline code. You can include external php files too with Sourcerer. But it doesn't have a menu to select available php files. You are free to include any (php) file you want:
www.nonumber.nl/forum/14-sourcerer/5172-...o-include-a-php-file

Regarding the admin code. Still same answer.
You can select in the plugins security settings in which areas Sourcerer should be active.