I am a complete noob as far as LUA programming, although I have some C++ experience (very little but enough to be able to figure out how something works). I am trying to fix TitanStanceSets 2.0.3-compatible version so that I can use poisons from my bag on equipped items again. I managed to narrow it down to these lines of code:

local StanceSets_Save_PickupContainerItem = PickupContainerItem;
PickupContainerItem = function (bag,slot)
StanceSets_PickedupItem = { };
StanceSets_PickedupItem.bag = bag;
StanceSets_PickedupItem.slot = slot;
return StanceSets_Save_PickupContainerItem(bag,slot);
end

and when I comment those out I can cast my poisons, but then I lose the ability to place items that are equipped into the StanceSets window for swapping, and instead have to unequip my weapons and place them in the bag, and then drag them to the StanceSets window, and then equip them again.

What I would like to know is how I can rewrite the above lines to securely call PickupContainerItem (or how to hook the above lines so that they get called with PickupContainerItem so that StanceSets will detect that I am dropping the item in the StanceSets window), in order to prevent the action blocked message. I honestly have no idea where to begin to look for information on this so I hope I'm not gonna get told to go to hell or something lol.

Thanks

From http://forums.worldofwarcraft.com/thread.html?topicId=34224257&sid=1:

Hooking and the hooksecurefunc function

The taint model is the reason that 'hooking' as it is commonly done today can easily break lots of UI functionality, trying to hook a function that is used by secure code causes a tainted function to be called in the middle of an otherwise secure execution path, this then taints the execution path so that nothing following the hook can use secure functions - don't be too dismayed however, we've been given a tool to get around this.

The new hooksecurefunc API function allows AddOn code to 'post hook' a secure global function, that is run another function after the original one has been run. So for example you could track calls to CastSpellByName using hooksecurefunc("CastSpellByName", mySpellCastTracker). The API replaces the original global function with its own secure hook function that calls the original function, saves its return values away, and then calls your hook function with the same arguments as the original function (any return values from your hook function are thrown away) and then it returns the return values from the original.

The 'special' feature of this secure hook is that when your hook function is executed, it executes with the taint that was present at the time the hook was created, and when your hook function is done that taint is discarded and the original secure (or possibly tainted - you cannot use hooksecurefunc to REMOVE taint, just avoid it) execution mode is restored.

http://forums.worldofwarcraft.com/thread.html?topicId=64187212&sid=1:

* NEW hooksecurefunc([table,] "functionName", hookfunc) -- Creates a secure 'post hook' for the named function. The hookfunc is invoked after the original function, and receives the same parameters. Return values from hookfunc are discarded. This is the only safe way to hook functions that execute protected functionality.

I guess something like this could work:

hooksecurefunc("PickupContainerItem",
function (bag,slot)
StanceSets_PickedupItem = { };
StanceSets_PickedupItem.bag = bag;
StanceSets_PickedupItem.slot = slot;
StanceSets_Save_PickupContainerItem(bag,slot);
end
);

Thank you that worked perfectly, except for one thing.

The return line in the original code was calling the saved original function, so there was no need to call the saved original function since it was never saved. So I removed that line, but pasted the rest and it worked perfectly!

Thanks again