Someone requested this on vBulletin.com real quick hack not really a major thing but I'll do it anyway.

open global.php and find
// check that board is active - if not admin, then display error
if (!$bbactive) {
if (!$permissions['cancontrolpanel']) {
eval("standarderror(\"".str_replace("\'", "'", addslashes($bbclosedreason))."\");");
exit;
}
}

change to

unset($board_closed);
// check that board is active - if not admin, then display error
if (!$bbactive) {
if (!$permissions['cancontrolpanel']) {
eval("standarderror(\"".str_replace("\'", "'", addslashes($bbclosedreason))."\");");
exit;
}
else {
$board_closed = "<center><b>The board is currently closed to non admins</b></center>";
}
}

then in whatever template you want add $board_closed, i just added it to the header template at the very top.

cool hack...once my site gets up and i get it all modded again ill add this one :)

Nice, but should be standard, I hope a lot of these hacks make it to VB 3. Hacks are not desirable in themselves.

Thanks! Another simple but handy hack! I don't take the board down yet, but good to have if I ever have to. :)

Do you really FORGET to turn the board back on? :D

Originally posted by FireFly
Do you really FORGET to turn the board back on? :D LOL, I did for about an hour once. :)

I like it, great hack PPN, this will be useful for me, because last night when I was writing a hack (for my site), I kinda forgot I closed it, and it was down for about 10 hours ^^;;

I followed the instuctions and it didn't work...
:angry:

did you close your bored to test and place the $board_closed in a header template viewable on every page.

Yup.

First it also doesn't work on my board, but then I add the $board_closed after:

<title>$bbtitle - powered by vBulletin</title>
$headinclude
</head>
<body>
$header

in forumhome template.

Now it works. Thanx for the hack.

oops that would be my bad
you can't add it to
header, footer or headerinclude as their loaded before the permissions are checked, you'd have to add
eval("\$header = \"".gettemplate('header')."\";");

after $board_closed in the global.php file to get it to work in the header.

Doing your fix it made the Header appear twice... So literally, I had two headers.

eval('$header = "' . gettemplate('header') . '";');

What?

there is a dot before the equals sign, remove it.

Originally posted by PPN
oops that would be my bad
you can't add it to
header, footer or headerinclude as their loaded before the permissions are checked, you'd have to add
eval("\$header = \"".gettemplate('header')."\";");

after $board_closed in the global.php file to get it to work in the header.

If you add that, will it still work any where else or does it HAVE to go in the header, footer or headerinclude then?

BTW: I used Firefly's update to this already.

and yes this is a good hack since vbb is very explotable and if someone got admin on your board while you were on and closed it down itd tell you...so yes it is VERY useful for forums that get hacked alot. lol

If you boards get hacked a lot there's a problem.

ive been hacked so many [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth]ing times due to vbbs unsecurity..i even have htaccess passs on my mod/admin panels and also they are ******* user names and multi numbers/letters passes also my ftp nobody knows about and in the admin logs it leaves no logs due to they dont even have to use the control panel to get admin/unban ppl/ban i do now know exactly how this is done but yet if you dont realize it VBB isnt secure at all. So far ive been hacked 3 times. 1 time from a rival forum and 2 times from some gay hacking forum. which i got the guy from the hacking forum in deep [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth]...

oh and one more thing...ive started out with a new db 2 times...and sorry ppn for getting off topic

If what you say is true than you shouldn't be getting hacked...
You probably have a trojan or keylogger on your computer.

no i dont...
and yes it is true im not a stupid newb that would run around with a keylogger/trojan on my computer and i kinda run a big gaming site that used to have to do with hacking games.
and this guy is just using a exploit in the php i believe he says he doesnt even have to use the admin panel and he doesnt use it. He leaves no logs in the admin panel and no admin can prune the admin panel and we have no hacks that allow you to edit thephp files within the panel. its just one of vbb's many bugs...the first time this happened it was with the cookie hack...which they supposely fixed with the new db_sql.php file but from what i hear you can still access the accounts threw the usercp..i havent done any testing. But i still do notunderstand how he could admin hisself....unban people and even deadmin everyone and demod everyone without being admin. but today he took a bold step and admined himself thats how i figured out who it was and then i had a long talk with his isp....he shouldnt be online much longer.
and one more thing vbb is a bad ass forum way better then phpbb2...but has a few security issues that need to be delt with...but i guess any forum will have htem no mater what....it just takes some time to find them.
edit:spelling

oh and one more thing ian...i had a look at your forums and how you say i got a problems and yes i do...with big forums you get more problems...lemme tell you how many members weve had...5k from phpbb2 2.5k from first version of vbb we ran..then we decided to get a new db and have a hole new outlook on the forums and so far since sunday night 700 members

finally got around to installing the hack....nice job

Yes, our forum is still small because we havn't got the mainpage up yet...

What's your php version? If it''s lower than 4.12 you should consider upgrading to patch that security hole. Also, are you sure he doesn't have direct access to the database? This is most likely because than he wouldn't have to go through the control panel... You really post this problem at the vBulletin.com (http://www.vbulletin.com/forum/index.php) forums, they could probably help you more.

its 4.0.6 php and no he has no access to the phpmyadmin i change the directory a few times a day to make sure and it has .htaccess on it they are once again threating me to take my site down but i have no plans on retaliating on them...im just going to report them and leave it at that...this [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth] is getting old mad fast im thinking about closing down my site completely....im tired of this [better wash my mouth][better wash my mouth][better wash my mouth][better wash my mouth].

work's fine on 2.2.6.

Simple but great Hack!

thx!