This one is by request from here (http://vbulletin.org/forum/showthread.php?s=&postid=197531), and really quite simple...

No matter what the forum rules say, Admins and Super Mods should always be able to post in HTML.

Tested on my board and works fine.

I think this is an awesome idea and I've been wanting to see something like this for a long time. However, before I add it, I'd like to get ideas from the Admins. and Mods of this board.....what does this hack do for potential security threats to the board?? Anyone?

This hack is exactly what I was looking for. I was gonna request it yesterday too infact :)

But I too would like to know if there are any security issues. If not, Im definetly going to install it :)

Security Issues:

Withing the vB itself, none. They can't do anything that would screw up your database or swipe passwords or get admin access with HTML.

The security issues with HTML are in the code itself.

With it enabled, posters can use any tags, including JavaScript, where the real hazard is.

They can **** with the layout pretty bad... redefine colors on the fly using a <style tag to change the css...

They can add Flash movies and images, embed sound and movie files...

It comes down to how much you trust your mods.

Right now it's based off usergroups... and is set for Admins and Super Mods. You can add more usergroups or remove group 5 to restrict it to just admins.

I didn't add the code to determine if a user is a mod of a certain forum... because if they're just a single forum mod, would they need HTML posting rights? And just in that forum?

So as long as its with ppl you trust to have it (and I do trust my mods), there is no issue right? Just common sense? sounds good to me :)

sweeeet

tried with 2.2.0, works 100% fine !

thanks !!!

Thanks, Palmer. This allows me to embed sound files in an occasional post. If I just make a custom vB code the users will get carried away. The high speed connection folks will embed massive files that take minutes for the dial-up people to download. At least that's what happened on my old board with HTML allowed. :)

Let's see...
<center>;)</center>

LOL!! I would say it worked.

Originally posted by FireFly
Let's see...
<center>;)</center> Let's see what happens when a regular user quotes it.

Very cool!

I did notice one problem with this hack. When you try and add a table using html code, it inserts a TON of break tags and places the table all the way at the bottom of the post leaving a ton of clear space within the post.

What would it take to get this to work with signatures also?

Originally posted by RobAC
I did notice one problem with this hack. When you try and add a table using html code, it inserts a TON of break tags and places the table all the way at the bottom of the post leaving a ton of clear space within the post.

any fix for this above, I have the same problem?

anyone?

[QUOTE]Originally posted by LuBi
What would it take to get this to work with signatures also?

Palmer ofShinra ... Thanks for this. Clicking Installed.

Destee

I have an error:
Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/zoanthid/public_html/forum/admin/functions.php on line 867

Fatal error: Call to undefined function: vbsetcookie() in /home/zoanthid/public_html/forum/admin/sessions.php on line 241


Here is the ONLY part I have modified in my admin/functions.php:

// do ip addresses
if ($post[ip]!="") {
if ($logip==2) {
eval("\$post[iplogged] .= \"".gettemplate("postbit_ip_show")."\";");
}
if ($logip==1) {
eval("\$post[iplogged] .= \"".gettemplate("postbit_ip_hidden")."\";");
}
if ($logip==0) {
$post[iplogged]="";
}
} else {
$post[iplogged]="";
}
if ($post[usergroupid]==6 OR $post[usergroupid]==5) {
$post[message]=bbcodeparse2($post[pagetext],1,1,1,1);
} else {
$post[message]=bbcodeparse($post[pagetext],$forum[forumid],$post[allowsmilie]);
}

//highlight words for search engine

if (isset($highlight) && $highlight != '') {
if ((isset($postid) and $postid==$post[postid]) or !isset($postid)) {
reset($replacewords);
while (list($key,$val)=each($replacewords)) {
$post['message']=preg_replace("#(^| |\n|\r|\t|\]|>|\")(".$val.")(([\.,]+[ $\n\r\t])|$|\"|<|\[| |\n|\r|\t)#si", "\\1<highlight>\\2</highlight>\\3", $post['message']);
}
}
}
// do posts from ignored users
if (($ignore[$post[userid]] and $post[userid] != 0)) {
eval("\$retval = \"".gettemplate("postbit_ignore")."\";");
} else {
eval("\$retval = \"".gettemplate("postbit")."\";");
}
return $retval;
}

// ###################### Start gettextareawidth #######################

Please Help ASAP.

Ryan

Oh and i am running 2.3.0, no other hacks installed.

Hi,

Admins and Supermoderator can post in Html and only Moderator's???

Who can i do, please, Iam a Newbie

greetz subu1