Bug Fix for Who's Online!

See https://vborg.vbsupport.ru/showthread.php?p=2533411#post2533411 below.


New Version 1.2 with sprites. See below. (Also some bugs fixed)

This product puts a file manager with a CodeMirror editor right in your forum's admin control panel, giving you full access to your files without logging in on the server. Besides file manager operations it makes forum management easier by providing a full code editor for templates and plugins, a hook finder and function finder that shows the hook or function in the file, and allows you to switch to debug mode without editing config.php.


Features:


CodeMirror editor with toolbars has Search, Replace, Replace All, Highlight Matching, Undo, Redo, Font and Mode selection, Auto-Indent, Auto Formatting, Tab settings, Go To Line and Word Wrapping.


Filesystem operations include



New Directory


New File


Zip Compression


Zip Extraction


Upload


Download


Change Perms


Delete File


Move File


Copy File


Rename File


Edit/View File



Function Finder allows you to search for PHP functions by function name, file name or both. The highlighted function is shown on a read-only version of CodeMirror, scrolled into position.


Hook Finder uses vBulletin's hook list to let you search for hooks by name or file name. The highlighted hook is shown on a read-only version of CodeMirror, scrolled to position.


Debug On/Off allows you to set debug mode with a cookie on your PC. Debug mode is used only for Templates, Plugins, Phrases and Scheduled Tasks.


File Manager Admin page allows you to configure File Manager outside of vBulletin Options so only those with special permissions can view it.


CodeMirror editor for editing templates, plugins and other code. A small version appears on the main page and a larger version is available by clicking the Large Edit Box button.


New Features for Version 1.1

Drag and Drop for moving or copying files and directories from File List to Directory Tree and moving or copying directories within the Directory Tree. Drag and Drop can be turned off to prevent accidental operations.


Directory Tree Auto-scrolls when you move mouse above or below during Drag and Drop operations.


Context Menu in File List for shortcuts to filesystem operations. Depending on the file, it features inline editing of file name and file permissions, edit or view files, zip to this directory, unzip to this directory, download and delete. Delete feature requires a second click to confirm.


Faster Operation. When a filesystem operation changes the directory structure or changes files the Directory Tree and/or File List is rebuilt immediately rather than after the main page receives confirmation.


Sanity Checks. AJAX requests with blank inputs are rejected and moving or copying a directory into one of its own sub-directories is rejected


Deleting Non-empty Directories is disabled. PHP will not allow deleting directories if they contain any files. File Manager will not allow attempts to delete non-empty directories and lists such directories if you try.


Overwriting Existing Files is now controlled with a radio button input. You can choose to overwrite or require confirmation.


Upload 4 Files at a Time. The original version uploaded only one at a time.


Security Key Timeout can now be set higher than Cookie Timeout. This avoids having to frequently reset the security key after inactivity.


Security Token Reset. The security token is now reset whenever you reset the security key.


Default Settings are now automatically set in File Manager Admin.


Global Image Path can be set in File Manager Admin in case the automatic coding doesn't get it right.


New Features for Version 1.2

I've rebuilt all the file icons and converted to sprites for faster loading. I tried to find all the different file types in vBulletin but I may have missed some. If you need other icons for different files I've included a sprite factory in the images directory. You will find detailed instructions there. For results perfectly matching existing icons you may wish to download Paint.NET


Security

Of course nothing beats ssl/tls, but I've tried to build in enough security to foil the dilettante hacker. File Manager requires a separate login, which may have to be different from the user's regular one, depending on settings. The login verification process follows vBulletin's double hashing, but unlike vBulletin, File Manager hashes using SHA512, which cannot be cracked. As with the standard login, five strikes and you're out for 15 minutes.

CSRF protection is active and a security key gives further protection. The security key is a hash generated by various formulas depending on the operation. The JavaScript in your computer and the PHP on the server update it with each operation and the two versions are compared with each operation (except downloading a file ). They could get out of sync if someone else (an eavesdropper) sends an AJAX request or submits a form. This could be a concern on an unsecure WiFi connection. But if a window is inactive for too long the Security Key will be deleted and you will get a notice. If you have no reason to suspect eavesdropping you can just reset it and move on. Each File Manager page has its own security key. When you log out of the File Manager all your security keys are deleted. If you log back in you will have to reset the security keys on any code editor pages that were left open. Logging out of the AdminCP always logs you out of the File Manager.

All filesystem functions use the file full path but the server username (home/XXXXXXXX) never appears on the AJAX query string.

For protection against remote hacking, the filemanager directory name can be changed to a random string or some name that disguises its purpose.

The filemanager index page fakes a 404 Not Found error (regardless of the filemanager directory name) to hide the existence of the File Manager from snoops.


Miscellaneous

Never MOVE files out of the filemanager directory, always COPY where necessary. You want to keep the originals for your next upgrade.
This was developed in vB 4.2.1 and vB 4.2.2. It will probably work in vB 3X.

All the active JavaScipt files in filemanager/clientscript are minified using jscompress.com (http://jscompress.com/). The originals can be found in filemanager/misc.

The Edit/View feature shows a code editor for code and an image viewer for images. (There could be a problem getting the right image path. Let me know if you have any problems.)

No alerts, confirms or prompts. All messages appear in built-in message blocks.

You select directories from the Directory Tree to move or copy. No typing in misspelled directories and accidentally creating new ones.

The full Directory Tree is loaded when the page loads; no AJAX call when you open a directory.

Directory Tree and File List automatically rebuild and reload when needed

The File Manager main page and the Code Editor window use AJAX login for both the AdminCP and File Manager so your work and settings are preserved.

For both the Code Editor and Template Editor, if you open a new edit window any older one will be closed.

The product is fully phrased. Anyone wishing to translate is free to do so but PM me for details on changing phrases in the CodeMirror toolbars.


Installation


If you have already downloaded the codemirror-3.0 package you will need to replace some files from fix_codemirror.zip. If you don't already have CodeMirror from one of my earlier projects, install the entire package in the clientscript directory.


Upload the filemanager_files group to your forum root.


Open filemanager/misc/file_edits.txt. There you will find instructions for editing includes/config.php and includes/adminfunctions.php.


If you wish to change the name of the filemanager directory, now is a good time to do it. Be sure the value of $config['Misc'][filemanagerdir'] matches your new directory name.


If you don't want the full File Manager and want only the Template Editor, Function Finder, Hook Finder and Debug On and Off, go to includes/xml and delete cpnav_file_manager.xml and copy cpnav_function_finder.xml from filemanager/misc to includes/xml (there's a copy of cpnav_file_manager.xml in filemanager/misc if you change your mind)


Name out textarea.php in the admincp directory, then go to filemanager/misc and copy textarea.php to the admincp directory.


In your AdminCP upload the product file in Products. You should see the Files Functions & Hooks nav block just below Products & Plugins.


Go to File Manager Admin and assign yourself a password.


Set a value for File Manager Path for super admins.


Log in to File Manager and check out operation.


Configure File Manager for the different administrator groups. Super admins can view and use the File Manager Admin page. Other admins can be given permission in Administrator Permissions.


Go to Admin Permissions and set permissions for other administrators. Administrators not given File Manager permissions can still use Function Finder, Hook Finder and Debug On and Off if they have plugin permissions.


Known Issues


Internet Explorer. As far as I know all my coding is IE compatible but IE is not fully compatible with CodeMirror; in particular copying and pasting don't seem to work properly. People with real lives have better things to do than fight with the MicroSoft engineers.


CodeMirror has a few glitches of its own; in particular, sometimes the last four characters of the longest line don't show. I don't know if this has been corrected on later versions.


Formatting. The formatting feature doesn't always do a perfect job formatting JavaScript files. It works on most of them though. I would not recommend saving these files after Formatting.


Harmless file. When viewing the filemanager directory a ".sem" file shows in the directory. I don't know how to get rid of it but it seems harmless.


Upgrading to Version 1.2

First, UNINSTALL THE OLD VERSION and then follow the same procedure as the original installation. The only thing you need not do is edit config.php.

Bugs Fixed
Versions 1.0 and 1.1



Username and password storage for AJAX login
Setting to disallow using the regular password for File Manager
Problem with displaying Directory Tree when it is rebuilt after a filesystem operation
Problem with zipping a single file
Problem with setting original password

Version 1.2

Problem with large edit box for page with multiple textarea inputs
Problem with large edit box if function print_textarea_row() is not edited in adminfunctions.php
Problem viewing new, moved, copied or renamed directories in Directory Tree after filesystem operation
Problem with copying multiple directories in a single operation
Fixed bug for Who's online plugin

Images for new features

RESERVED2

so now need no any ftp uploader its good every thing in admincp
i will check it soon

so now need no any ftp uploader its good every thing in admincp
i will check it soon

I already found a little bug and fixed it. You will have to load the new version of filemanager_files.

Sorry for the inconvenience.

What do you mean by "name out" textarea.php?

Thanks, installed! I cannot access my FTP at work, so I am hoping this helps

What do you mean by "name out" textarea.php?

Thanks, installed! I cannot access my FTP at work, so I am hoping this helps

Just change it to something like textarea_old.php, so it won't be overwritten when you move the new version to the same directory

Just change it to something like textarea_old.php, so it won't be overwritten when you move the new version to the same directory

Thank you Nerbert, I sent you a PM if you are able to accommodate. Thank you.

I've added new features including Drag and Drop, Inline Editing and more. Check out the opening post.

Installed but it wont let me login... It just prompts me for my password and sits here.

Did you assign yourself a password in File Manager Admin?

Yes and it said it saved it.
Now I can not even get into my ACP. I even disabled hooks...

Yikes. I've tried this in several browsers and it works fine for me.

What exactly happens when you try to go to adminCP?

What browser are you using?

When I login, in the upper left corner I get a little box that displayed a hook name for a DB product. When I went to the ACP I got the same box but blank. However this one I could adjust its size. I had to pull the adminfunctions file in order to get back in. Using IE under Win 8.1

I wonder if you made an error pasting in the new function print_textarea_row() in adminfunctions.php.

That isn't necessary for the File Manager, it's only for putting in a CodeMirror code editor for plugins and products. If there's a problem like a missing curly it would make a mess of a whole bunch of functions.

I was able to access the other options just could not access the manager. I uploaded the codemirror-3.0 folder to the clientscript folder.

When I edited the adminfunctions I found the file on line 999 like you mentioned. I remarked that line out and then added the code.

I guess I'll have to go try again and see if I maybe missed something...

Yea still got the same problem. Sigh...

Well re-installed from scratch and got the same results :(
The only thing I can think of is it is in some sort of debug mode or the code mirror folder is not support to get uploaded to the clientscript folder? I must be missing something...

Just skip the adminfunctions edit for now and see how it goes

I was able to access the other options just could not access the manager. I uploaded the codemirror-3.0 folder to the clientscript folder.

When I edited the adminfunctions I found the file on line 999 like you mentioned. I remarked that line out and then added the code.

I guess I'll have to go try again and see if I maybe missed something...

Not sure what you mean when you say "remarked that line". You should change the name of the original function to something like "print_textarea_row_OLD()" or something like that and then paste the new version above it

I added // in front of the line. If I renamed the function it hung.

I thought that's what you meant. If you do that the old function's content (all the stuff between the opening and closing curlies) executes when the file loads. That why it put a box (actually a textarea) up in the corner.

Just restore adminfunctions.php to the original and we can deal with that later.

I don't know what you mean by "the function hung"

Well now I am getting failed login attempts. At least it is progress. How do I reset he password? I tried to reset it via the File Manager Admin section and set the password options to both no. I then entered my user ID and a password. It says saved but when I login it says incorrect user name or password.

You should enter your user NAME and password but if you entered a user ID you would get a message "No match for 1234"

To reset the password just set it again as you did the first time.

Is your browser filling in the password? I can't remember if it does that. If it does that's your regular password, so type in the correct file manager password. Use local storage settings to store the new password once you get going.

For an initial test, use the simplest password of all, just "a". There's less chance of mistyping.

Wow this is pretty sharp. I've tagged it.

Well now I am getting failed login attempts. At least it is progress. How do I reset he password? I tried to reset it via the File Manager Admin section and set the password options to both no. I then entered my user ID and a password. It says saved but when I login it says incorrect user name or password.

operation as above :(

I'll do a fresh install and see if I can figure out what's going on.

@ hoangserip: What browser are you using?

I found the problem. You can either install the new version of the filemanager files or do the following edits in filemanager/admin.php:

On line 169, filemanager/admin.php
Find:

$password = hash('sha512', trim($vbulletin->GPC['password']) . $admin['salt']);


Replace with:

$password = hash('sha512', trim($vbulletin->GPC['sha_password']) . $admin['salt']);



On line 254, filemanager/admin.php
Find:

print( '
<script>
document.forms.cpform.setAttribute("onsubmit", ""+
"var form = document.forms.cpform;"+
"var password = form.password.value;"+
"form.testpass.value = hex_md5(password);"+
"form.sha_password.value = sha512(password);"+
"")
</script>
');


Replace with:

print( '
<script>
document.forms.cpform.setAttribute("onsubmit", ""+
"var form = document.forms.cpform;"+
"var password = form.password.value;"+
"form.testpass.value = hex_md5(password);"+
"form.sha_password.value = sha512(password);"+
"form.password.value = \'\'"+
"")
</script>
');


I apologize for the inconvenience.

I've just updated File Manager to Version 1.2. This new version uses sprites for faster loading. I tried to identify all the different file types and make icons for them but I may have missed some. If you need other icons I included a sprite factory with detailed instructions in the images directory.

There were some bugs I fixed too. There was a problem copying multiple directories in a single operation and changes in the directory structure weren't always reflected in the directory tree afterwards without closing and re-opening the parent directory. I fixed some problems with the textarea large edit box for templates, plugins etc too.

If you find any bugs please let me know. I want this to work perfectly!

Although, I would debate if sprites really speed things up - you're now loading the entire larger image file no matter even if it's only displaying the smallest icon in the sprite - it does reduce requests. It's open in my mind how much it helps if you're only displaying 2-3 of the icons in the sprite.

But this is a great mod you made even better.

I have a very slow satellite connection and I would say it does help. It used to be the page loaded and then the icons would load a few at a time. Now they all load all at once.

Use the blazes out of it, if there are any more bugs I want to fix them.

I have a very slow satellite connection and I would say it does help. It used to be the page loaded and then the icons would load a few at a time. Now they all load all at once.But, once cached in the browser this shouldn't happen. You should see no loading issues after the first time.

The sprite tradeoff is, larger image file but only one request no matter how many of the icons are displayed. It's a slick way to load icons especially if there's alot of them to be displayed.

The whole sprite image for the file icons is 16 x 606 so size is not an issue here. What is nice is that when you view a directory with an unusual file type in it, like swf or mp3, the icon is right there and is loaded just as fast as the commonly used ones such as php or js.

Also sometimes the directory tree would load unevenly and directory names would shift as the images would load.

Probably the main advantage of sprites in this project is it cuts down the length of the html string for the directory tree. Instead of an image tag it just uses a three letter class name

I also minified all the JavaScript files. I don't know how much difference that makes.

The whole sprite image for the file icons is 16 x 606 so size is not an issue here.I'm talking about file size, not pixel dimensions. Example, if each icon is only 1kb let's say, with sprites you are loading the whole sprite image, which typically is well over 50kb. This is no matter how many of the icons you're displaying.

Using sprites increases kb page load. Because you are loading the entire image file on browsers instead of the few small, 1kb images.

Bug Fix for Who's Online!

There is an error in the File Manager: Show User in "Admin Control Panel" in Who's Online Plugin. You can either upload the new product file or follow these directions:

Change the hook location to "online_location_unknown"

Change the code to:


if (strpos($userinfo['location'], '/' . $vbulletin->config['Misc']['filemanagerdir'] . '/') !== false)
{
$handled = true;
$userinfo['action'] = $vbphrase['admin_control_panel'];
$userinfo['where'] = '';
}


DONE

anyone have this working with vb3? ...max?

anyone have this working with vb3? ...max?I never installed this, not even on my v4 sites.

i managed to get it all organized in proper folders cause this was a mess, but i got a sql error (i think its for vb4s stylevars) tried removing the query but no luck.

may have done something wrong idk, didnt really spend too much time dinkin with it cause how messy it is lol

anyway, heres a neater file structure for anyone that wants it, includes everything you need, and its all structured.