Alright, I've finally finished working on this darn thing and ready for a beta release!

This hack impliments the Style, Template, and Replacement hack into one hack since it was the best way to work on it and easy to setup.

Please read the readme file before you install it.

For the style part, view this thread for screenshots (https://vborg.vbsupport.ru/showthread.php?s=&threadid=43599)

For the template part, view this thread for screenshots (https://vborg.vbsupport.ru/showthread.php?s=&threadid=43520)

For the replacement part, view this thread for screenshots (https://vborg.vbsupport.ru/showthread.php?s=&threadid=43566)

Also remember: It's a beta. There will probably be bugs I haven't found.

--------------------------
SECURITY FIX IF YOU USE XENON'S "MODS CAN EDIT USERS"
(https://vborg.vbsupport.ru/showthread.php?s=&threadid=42096)
Security fix by me, thanks to Xenon for pointing out where to edit the code
--------------------------
1. Open user.php in your forums/mod/ folder

2. Find the following:
--------------------------
if($canedit[profilefields]) {
maketableheader("Custom Profile Fields");
$userfield=$DB_site->query_first("SELECT * FROM userfield WHERE userid=$userid");

$profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
while ($profilefield=$DB_site->fetch_array($profilefields)) {
$varname="field$profilefield[profilefieldid]";
makeinputcode($profilefield[title],"field".$profilefield[profilefieldid],$userfield[$varname]);
}
}
---------------------------

Replace it with:
---------------------------
if($canedit[profilefields]) {
maketableheader("Custom Profile Fields");
$userfield=$DB_site->query_first("SELECT * FROM userfield WHERE userid=$userid");

$profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
while ($profilefield=$DB_site->fetch_array($profilefields)) {
$varname="field$profilefield[profilefieldid]";
if ($varname != "field999")
if ($varname != "field998")
if ($varname != "field997")
makeinputcode($profilefield[title],"field".$profilefield[profilefieldid],$userfield[$varname]);
}
}
-----------------------------

Find:
---------------------------
if($canedit[profilefields]) {
$profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
while ($profilefield=$DB_site->fetch_array($profilefields)) {
$varname="field$profilefield[profilefieldid]";
$sql.=",field$profilefield[profilefieldid]='".addslashes($$varname)."'";
}
$DB_site->query("UPDATE userfield SET userid=$userid$sql WHERE userid=$userid");
}
---------------------------
Replace it with:
if($canedit[profilefields]) {
$profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
while ($profilefield=$DB_site->fetch_array($profilefields)) {
$varname="field$profilefield[profilefieldid]";
if ($varname != "field999")
if ($varname != "field998")
if ($varname != "field997")
$sql.=",field$profilefield[profilefieldid]='".addslashes($$varname)."'";
}
$DB_site->query("UPDATE userfield SET userid=$userid$sql WHERE userid=$userid");
}

Save and upload.

That's it, your forums are now secure from moderators breaking your security!
-----------------------------

Now...onto the download...

Oh, and if you use it, please click install! (https://vborg.vbsupport.ru/misc.php?s=&action=install&threadid=43781) :)

nice to see these coming together... good work :D

You have a PM from me btw ;)

- miSt

Thanks :)

And I replied to your PM

I posted a link to this thread in all the others, just in case they go to those instead of this one

heh, I had already posted an edit in those threads about this one :p

Darn =(

rofl, very very useless for me, but nice for some ppl, if i wanted mods to edit templates, why wouldn't I make them admins? lol

Because you wouldn't want them to be able to mass delete parts of your database or let them edit forums and users - obviously. Before you try belittling the hard work of a hacker, try rubbing those two brain cells together and think for a moment. Great work on this hack, this is exactly what my hosted forums on GamerForums need.

OK, first bug... Once installed, clicking "Edit Forum Style" causes the browser to attempt to connect to a secure area of stardust-one.net.

haha crap sorry about that, I forgot to change the redirect crap

*goes to update*

Ok if you already have it installed, open up style.php in your mod folder and find:

location.replace(\"http://www.stardust-one.net/forums/mod/style.php?s=$session[sessionhash]&action=styles&dostyleid=$bbuserinfo[field998]\");

And replace it with:

location.replace(\"style.php?s=$session[sessionhash]&action=styles&dostyleid=$bbuserinfo[field998]\");

Still in that file, find:


alert(\"You are not authorized to view this area\")
location.replace(\"http://www.stardust-one.net/forums/mod/\");

And replace it with:

alert(\"You are not authorized to view this area\")
location.replace(\"index.php?s=&action=home\");

And still in that file, find:

alert(\"You are not authorized to view this area\")
location.replace(\"http://www.stardust-one.net/forums/mod/index.php?s=&action=home\");

Replace it with:

alert(\"You are not authorized to view this area\")
location.replace(\"index.php?s=&action=home\");

heh, I totally forgot to fix those. Going to update zip file now.

Zip file updated. Removed vbHacker file because that takes a little longer to update

I found another flaw. If you use Xenon's "Mods Can Edit Users" hack and then use my fix above, when a Mod edits his or her profile through the system, it erases the information in the fields that were hidden. I guess Xenon was correct about the fix and I think he posted his ideas in another thread so I'll go look and see what I can do.

If you don't use that hack, then no changes for you. :)

Flaw fixed, main post updated. Thanks Xenon for pointing out what code should be edited.

Good work dude, I can't see any other problems in the hack so far!

Well I found a security flaw, so I need to go in and fix it. It's a really really small flaw but might as well fix it. :)

Of course you need to fix it =P

Go away little man :p litte Tyro Hacker

Have you fixed the flaw? I'd like to update my install.

That's it. I'm going to release a hack just to spite you.

Originally posted by GamerForums
Have you fixed the flaw? I'd like to update my install.

Oops, ha I forgot to upload it. My bad, I'll do it after school today.

Originally posted by SZ|TalonKarrde
That's it. I'm going to release a hack just to spite you.

Big words little man :D

Originally posted by blackice912

Big words little man :D

I alreeady posted the idea in the SD1 exec forums...now I just have to learn how to do all of that =P./me decides to go for intergration instead of a completely new system.

Hey everyone,

I've been freakin busy so I haven't had time to finish the patch. I hope to have it out this week but I have SO much to do it's insane.

DISCLAIMER

This is a personal disclaimer to everyone that intends or has installed this hack... I would advise you to remove this hack from your forum until all security fixes have been made... I personally don't test many hacks out... but this was as just extremely provoking in this case... again this is a disclaimer... if you don't trust your mods enough to be Administrators then don't use this hack... I tested it and it can be maliciously used to de admin all administrators or even drop your entire forum database... again this is not advice... this is a warning...

I will attempt to work on a fix for the security holes shortly... until then i would advise not using this hack...

g-force2k2

How the heck could my hack do that? :-/ Seems I missed something...

Originally posted by blackice912
How the heck could my hack do that? :-/ Seems I missed something...

blackice912 don't get me wrong seems you did a good job... if you want i can pm you what i think... regards... again nothing against your hack ;)

g-force2k2

Please, that would be very helpful :)

g-force...I'm looking over the code...I can't find any place that would allow you to do this. All I can think of is that it is a vB sewcurity issue...not one exclusive to this hack.

Don't get me wrong SZ|TalonKarrde i never stated that his code was in any way shape or form wrong... but allowing for the template edit of a template set is a major security issue... for main reason concerning the phpinclude template and also for minor security issues using variabes to extract information about a user... (using postbit template) there's a lot to remember whne creating a hack like this... the major security issue is the phpinclude template... just add a simply query...

DROP TABLE user

will destroy your user table... any user can enter an...

UPDATE user SET usergroupid=6 WHERE userid=$bbuserinfo[userid]

and that will update all users browsing to admins status...

as for the postbit tempate you can get information not necessarily wanted... including hidden profilefields as well as ips and more...

again... that is just what i see... nothing against blackice's hard work... regards... and hope that you see my points as valid and important as a major security issue...

g-force2k2

Hmm, I was looking in the code for security issues, so of course I missed that. Any idea on a way myself and Brad can fix this?

SZ|TalonKarrde with the mysql select query of all the templates you can include a statement not to select the phpinclude template

ie:

find the 'WHERE templatesetid' statement

above it add to that:

AND template != 'phpinclude'

i don't currently have any vbulletin files available at the time... but if it doesn't work i'll take a look at it when i get home from college... regards...

g-force2k2

Thank you, I'll get Brad to fix it ASAP

Ah, I think I can fix that.

I didn't even think of that as a risk but thanks for the insight :)

Any updates to the code status?

I have had no time to update it...hopefully soon.

Good man, I'm waiting for this one, it'll come in handy! :)

Was the major security risk fixed in this hack yet? I notice this thread is almost a year old.

Also is there a way to not allow members to edit templates? Just allow them to edit colors, fonts and image paths only?
Thanks