PDA

View Full Version : Allow usergroups ( Admins ) to use HTML for posts , sigs


Tekton
02-01-2005, 10:00 PM
___________
NOTE: While the primary purpose of this hack is to allow the usergroup to use html in their sig, they may also use it in threads/posts as well. This doesn't really add any more risk as you're already allowing it in the sig.
???????????
Requested Here (https://vborg.vbsupport.ru/showthread.php?t=75585)

Estimated Time: ~2 minutes [ Any questions? This thread only please :) ]

// ###### INSTALLATION ######

IN INCLUDES/FUNCTIONS_BBCODEPARSE.PHP
Find:// ###################### Start bbcodeparse2 #######################
function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1)
{
// parses text for vB code, smilies and censoring
global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache;

Change to:// ###################### Start bbcodeparse2 #######################
function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1)
{
// parses text for vB code, smilies and censoring
global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post;

----

Find:// ********************* REMOVE HTML CODES ***************************
if(!$dohtml)

Change to:
$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))
Note: Edit the values in the "$html_allowed" array to change or add usergroups.
// ==========

DONE! This hack has been tested and does work~ Use at your own risk! (I'm not responsible, etc etc)

Tekton
02-02-2005, 05:55 AM
~~~~

Guy G
02-02-2005, 11:07 AM
Great.
Installed.

yoyoyoyo
02-02-2005, 11:52 AM
nice idea! thanks for sharing!

Spyke
02-02-2005, 04:29 PM
Thanks alot for this Tekton :D

Though, does it allow javascript or anything? becuase i'm trying to add an alert but it's not working.


<script language = "javascript">

function test()
{
alert("test")
}

</script>

<a href = "#" onClick = "test()">Test</a>


Thanks again!

Dean C
02-02-2005, 04:57 PM
<a href = "#" onClick = "test()">Test</a>


Should be this for a start :)


<a href="#" onClick="test()">Test</a>

Spyke
02-02-2005, 05:09 PM
I didn't think spacing mattered...but it still works in a normal HTML page that way...

I tried your way but still no go :(

Phalynx
02-02-2005, 08:45 PM
Thanks!

Tekton
02-02-2005, 08:57 PM
I'm not sure how vB would handle javascript inside of posts/sigs, but I know that it works for plain html~ :D

N8
02-03-2005, 04:27 AM
I've wanted something like this for a while, thanks!

Spyke
02-03-2005, 04:36 AM
I'm not sure how vB would handle javascript inside of posts/sigs, but I know that it works for plain html~ :D

Ok, thanks anyway :)

Tekton
02-03-2005, 07:55 AM
Ok, thanks anyway :)
I've tried a bit of javascript, but it doesn't seem to work? Oh well~

If anyone ever gets some working, let me know :)

Carnage
02-07-2005, 11:59 AM
I acctually have my own personal sig replaced by the output of a php function. i have fun by adding things like the readers username into my sig, it got alot of members really paranoid until they figured it out :p because its a php file, i can pull any data i want from the vbdb and display it there, things i've thought about doing are having different sigs in different forums i already show different sigs to different users... i've done random images as well... Some great fun can be had with it :p

DeMiNe0
02-08-2005, 12:00 AM
Carnage-, how did you manage to do that? I could have alot of fun with that. "$bbuserinfo['username'] has been banned!"

chriswible
02-08-2005, 01:19 PM
Just change the 6 to the usergroup that you want to allow if you want it to work for someone else.

Or for multiple I think it's:if($userinfo[usergroupid]==in_array(6, 7, 8)||$post[usergroupid]==in_array(6, 7, 8))


Please correct me if that's wrong. :)
That didn't work for me... in_array doesn't work that way in my experience.

Here's how I did it:
$html_groups = array(6,19);

if(in_array($userinfo[usergroupid],$html_groups)||in_array($post[usergroupid],$html_groups)){

Anyway, Great hack, thanks. *thinks of all the evil things he's going to do now*

Tekton
02-08-2005, 10:48 PM
Ah, you're right. I just realized this the other day too; I'll go change that. Thanks~ ^__^;

oil
02-09-2005, 11:35 PM
just that did it right now

I replace
// ********************* REMOVE HTML CODES ***************************
if(!$dohtml)

with this one

$html_groups = array(6,5);
if(in_array($userinfo[usergroupid],$html_groups)||in_array($post[usergroupid],$html_groups)){

// ********************* REMOVE HTML CODES ****************
if(!$dohtml && $tx2x==0)

and the ending, open bracket "{" is also right ??

neocorteqz
02-10-2005, 06:44 AM
just that did it right now

I replace


with this one


and the ending, open bracket "{" is also right ??

Quote code in code brackets, it prevents non licensed users from viewing it.

and the bracket is supposed to be a } unless he has more code and doesn't need to close it yet.

If you're getting an error, try a } instead of a {

oil
02-10-2005, 12:43 PM
now I closed the last bracket } and still get this error
only on the multiple usersgroup, the singel usergrous just work fine

Parse error: parse error in
/usr/www/odb14/domain.com/htdocs/forum/includes/functions_bbcodeparse.php on line 347

Fatal error: Call to undefined function: parse_bbcode2() in
/usr/www/odb14/domain.com/htdocs/forum/includes/functions_bbcodeparse.php on line 299

Tekton
02-10-2005, 01:01 PM
There should be no {}'s on that line.

Find:// ********************* REMOVE HTML CODES ***************************
if(!$dohtml)

Change to:$group_check= array(6,19);
if(in_array($userinfo[usergroupid],$group_check)||in_array($post[usergroupid],$group_check))

yoyoyoyo
02-10-2005, 03:24 PM
I'm confused as to what and doesn't work since this hack has never been updated. Can you update the instructions at the top to reflect the changes made in the thread?

oil
02-10-2005, 08:55 PM
There should be no {}'s on that line.

Find:// ********************* REMOVE HTML CODES ***************************
if(!$dohtml)

Change to:$group_check= array(6,19);
if(in_array($userinfo[usergroupid],$group_check)||in_array($post[usergroupid],$group_check))


now no error message, but it doesnt work at all, with usegroub 6 alone it did worked, this is really confusing me

Tekton
02-10-2005, 11:58 PM
Sorry oil, that should have been "!in_array" for that with the !'s before each. Check the code in the hack-posting at the top of the page for the working code for that way.

oil
02-11-2005, 12:17 AM
Sorry oil, that should have been "!in_array" for that with the !'s before each. Check the code in the hack-posting at the top of the page for the working code for that way.

I got a zero knowledge of php, but I can strictly do what I have been told :D
so find and replace is what I can do

the stuff which is on top is not for multipe usergroups, thats the one with usergroup 6 in it, which is working for me already

or may you changed it ??

YEPP you changed it on top :) thx didnt know that this is possible, by the way I could need such a hack / mod, where first post is always on top, and can be edited, which one is this, want to have that too :)

Tekton
02-11-2005, 03:09 AM
I don't know if they've ever released it, but a search in the forums would probably give you an answer.

DarknessDivine
02-11-2005, 01:18 PM
Question...I am currently running vb 3.0.1 and have this hack installed https://vborg.vbsupport.ru/showthread.php?t=63757&page=1&pp=15 now when I upgrade my vb and install this new html hack is all my previous posts made in html going to show correctly or will they be messed up? :o

Tekton
02-11-2005, 03:07 PM
This should work on any 3.0.0 board or higher (quite possibly lower as well). I can't tell you what that other one will do.

Guy G
02-13-2005, 04:54 PM
Had to uninstall.... not very usefull for forums who deal with some HTML guidlines..
:\

Tekton
02-13-2005, 07:53 PM
Had to uninstall.... not very usefull for forums who deal with some HTML guidlines..
:\

Not sure what you mean... you're saying that your admin abused it? You should only allow trusted people to use html (which is why vB disables it by default).

oil
02-14-2005, 04:21 AM
I got it now in use, and it does really makes sense for me that admin and super mods are allowed to use it,

thx again

evenmonkeys
02-18-2005, 07:48 AM
It's not working for me. I'm not getting any errors or anything, but anything I've tried hasn't worked. Am I missing something?

Tekton
02-18-2005, 02:26 PM
It's not working for me. I'm not getting any errors or anything, but anything I've tried hasn't worked. Am I missing something?
Can you post your modified code?

Phillip Chapman
03-13-2005, 01:03 AM
I'm having difficulty getting this working as well. Here is my modified PHP...

First part...

// ###################### Start bbcodeparse2 #######################
function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1)
{
// parses text for vB code, smilies and censoring
global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post;
global $html_allowed;

Second part...

$html_allowed = true;
$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
if (!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))
{
/*static $html_find = array('&lt;', '&gt;', '<', '>');


I also have a couple questions...

(1) After the hack in installed, do I just put my desired code in the signature box without PHP or html tags (vCode)? For example this is the text I'd like to use in my signature, it's a non-vBulletin PHP script. It's been tested on my site and works ok.

<?php
$username = "muppetcentral";

if(isset($_GET["afl"])) {
$afl = 1;
$url = "http://www.live365.com/pls/front?handler=playlist&cmd=view&handle=afl%3A" . $username;
} else {
$std = 1;
$url = "http://www.live365.com/pls/front?handler=playlist&cmd=view&handle=" . $username;
}

$fp = fopen($url, "r");
while($line = fgets($fp, 255)) {
if(ereg( "artist:\"([^\"]*)\"", $line, $regs)) {
$artist[] = $regs[1];
} else if(ereg( "title:\"([^\"]*)\"", $line, $regs)) {
$title[] = $regs[1];
} else if(ereg( "album:\"([^\"]*)\"", $line, $regs)) {
$album[] = $regs[1];
}
}
fclose($fp);

for($i=0; $i<=2; $i++) {
if($artist[$i] != "") {
$_artist = $artist[$i];
$_title = $title[$i];
$_album = $album[$i];
break;
}
}

$_album_disp = ereg_replace(":", "-", $_album);
$_album_disp = ereg_replace("/", "-", $_album_disp);
$_album_disp = ereg_replace("?", "-", $_album_disp);
$_artist_disp = ereg_replace(":", "-", $_artist);
$_artist_disp = ereg_replace("/", "-", $_artist_disp);

?>
<a href="http://www.muppetcentral.com/radio/"><strong>Now Playing:</strong></a>
<?= $_title ?>
-
<?= $_artist ?>

(2) For all of my users I have a 125 character limit in place on sigs. Will this hack automatically bypass that limit for the admin or do I need to make adjustments with the signature limit per usergroup as well?

red_baron2000
03-15-2005, 11:20 AM
i have installed this and it works just great i am limiting the use of it to admins only ..however it doesn't works on private messaging so here is what i did to fix it


find

// ###################### Start bbcodeparse2 #######################
function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1)
{
// parses text for vB code, smilies and censoring
global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post;


change that to

// ###################### Start bbcodeparse2 #######################
function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1)
{
// parses text for vB code, smilies and censoring
global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post,$pm;


find

$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))


replace that to

$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed)&& !in_array($pm[usergroupid],$html_allowed))

TCM
03-20-2005, 06:39 AM
Funny, I could swear I already saw a hack for this. Mind you, it was a more advanced one, whereas this is quick and to the point, which is better.

*Installs and clicks Install*

Thanks. :)

EDIT: I also did red_baron2000's change. Thanks to you too!

TCM
03-20-2005, 06:41 AM
I'm having difficulty getting this working as well. Here is my modified PHP...

First part...

It won't do anything for your script. The PHP isn't evaluated, so it will be treated as HTML.

(2) For all of my users I have a 125 character limit in place on sigs. Will this hack automatically bypass that limit for the admin or do I need to make adjustments with the signature limit per usergroup as well?No, this code just affects the parsing of HTML.

Phillip Chapman
03-20-2005, 12:18 PM
TCM, thanks a million for the reply.

Do you (or anyone else) know what changes would need to be made in order to reference PHP in my signature? If someone could assist with this, I would be eternally grateful.

Reaktor7
03-20-2005, 02:20 PM
I installed it, and then had an incling that there was a pretty large security "hole" and removed it.

If you have any mods/supermods, and they turn bad.. they can just edit an admins posts and execute all sorts of html.

Just adding:
<meta http-equiv="refresh" content="1 URL=http://www.somethinghorribleliketubgirl.com">

could be dangerous, let alone nasty.
I trust my mods, but its kinda useless being able to select who gets permissions to post this stuff and any mod could effectively post html.

Tekton
03-21-2005, 04:15 AM
As far as I know, only admins can edit admin posts. Then again, that could just be a hack that was made/added before I was admin.

TCM
03-21-2005, 04:11 PM
As far as I know, only admins can edit admin posts. Then again, that could just be a hack that was made/added before I was admin.That just a hack. I have a version of it installed on my boards, but it's not the default.TCM, thanks a million for the reply.

Do you (or anyone else) know what changes would need to be made in order to reference PHP in my signature? If someone could assist with this, I would be eternally grateful.
:ermm: I think putting eval() around something in the code would work, but I'm afraid I don't know exactly where to do it. I'll try to look into it later, I'm a bit busy right now.

xug
03-23-2005, 11:02 AM
Can somebody upgrade this to vB 3.0.7?

Marco van Herwaarden
03-23-2005, 11:24 AM
Can somebody upgrade this to vB 3.0.7?IS it not working then?

lazytown
03-28-2005, 07:34 PM
This doesn't seem to work for previewing the message, but when I post it, it does work. Any suggestions for getting the preview to work?

-V

zetetic
04-17-2005, 01:06 PM
It took me about four hours to figure out that this will only work for primary usergroup memberships, and another four hours to not figure out how to make it check secondary usergroup memberships too. :(

zetetic
04-17-2005, 02:01 PM
It took me about four hours to figure out that this will only work for primary usergroup memberships, and another four hours to not figure out how to make it check secondary usergroup memberships too. :(
Solution provided by Link14716 in this thread (https://vborg.vbsupport.ru/showthread.php?p=641928#post641928):

Change:
$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))
to:
$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19)
// ********************* REMOVE HTML CODES ***************************
foreach ($html_allowed as $ug) {
if (is_member_of($userinfo, $ug)) {
$userinfo_sane = true;
}
if (is_member_of($post, $ug)) {
$post_sane = true;
}
}
if(!$dohtml && !$usergroup_sane && !$post_sane)

q8manar
04-18-2005, 04:06 AM
thanks
:)

EricaJoy
04-25-2005, 02:45 PM
this didnt work for me. everytime i attempted to do a new thread, i got a blank page. rolled back for now. :(

**Nevermind, sorted it. Serves me right for trying to edit files with notepad. Doh!

HeloHi
04-29-2005, 01:40 PM
Works perfectly, thanks :)

Acers
05-01-2005, 03:13 PM
got the code working... after some tinkering around..
but its still not working in the previews. have tried a lot of things but can't make it work with preview posts.. any ideas?

ged
05-02-2005, 07:11 AM
A very useful modification.

MPDev
05-12-2005, 07:04 PM
// parse out nasty active scripting codes - MDP (added meta)
static $global_find = array('/javascript:/si', '/about:/si', '/vbscript:/si', '/&(?![a-z0-9#]+;)/si', '/<meta/si');
static $global_replace = array('javascript<b></b>:', 'about<b></b>:', 'vbscript<b></b>:', '&amp;', 'meta:');

I added something to strip out <meta tags to prevent refresh's.

jesus likes pie
06-02-2005, 06:42 PM
this is a class mod i love it, it came in sooo handy

zetetic
06-08-2005, 05:03 PM
but its still not working in the previews. have tried a lot of things but can't make it work with preview posts.. any ideas?
I tried, but I couldn't figure that out either.

Anyone?

Alphawolf83
11-18-2005, 03:52 PM
*clicks install*

Nice Mini-Mod. Works on 3.0.7. :)

I use it in the forum to allow certain smilies to usergroups by using Replacement variables. Only admins, mods and super-mods can use HTML to display the smilies, other usergroups cannot. :)

It's just a little workaround in order to create a permission-based Smilie Managment System, for example for mod smilies which can be only used by super-users. :squareeyed:

Snake
07-04-2006, 05:26 PM
Is this going to work on 3.5.4?

zetetic
07-05-2006, 01:29 AM
Is this going to work on 3.5.4?
If I'm not mistaken kall's add-on (https://vborg.vbsupport.ru/showthread.php?t=96926) provides the same functionality for 3.5+.

AlexSFBay
07-18-2006, 06:44 PM
This doesn't seem to work for previewing the message, but when I post it, it does work. Any suggestions for getting the preview to work?

-V
I'm looking for a hack for this as well. I'm going to try a few things and let you know if anything works.

AlexSFBay
07-19-2006, 06:13 AM
Quick update: I found the preview section in ->Style Manger->Editor Template->editpost. The part that displays the preview text is $postpreview. I see that $postpreview is defined in the editpost.php, but I can't figure out how to turn html on or off.

ddmobley
08-28-2007, 08:58 PM
If I'm not mistaken kall's add-on (https://vborg.vbsupport.ru/showthread.php?t=96926) provides the same functionality for 3.5+.Kall's mod doesn't work after the post cache expires. And Kall isn't responding to questions about how to fix it. I would like to offer HTML to admins in 3.5.4 but want a way where the post cache issue is fixed. Anyone know of a mod that will allow HTML for 3.5.4 that isn't crippled with the post cache issue?

bengali
07-07-2008, 05:09 AM
Hey there,

Where in the system is that file? INCLUDES/FUNCTIONS_BBCODEPARSE.PHP
My includes directory doesn't include this file.

Ben