|
Updated
Tapatalk 4.8.0 Version For VBulletin 4.x.x http://tapatalk.com/files/plugin/mobiquo_vb40_4_8_0.zip |
Updated
Tapatalk Version 4.8.1 For VBulletin 4.x.x http://tapatalk.com/files/plugin/mobiquo_vb40_4_8_1.zip |
Updated
Tapatalk Version 4.9.0 For VBulletin 4.x.x http://tapatalk.com/files/plugin/mobiquo_vb40_4_9_0.zip |
Folks..... be very careful with this product... :down:
For weeks I've been trying to figure out how all these spammers and weird posters were getting through to our site... Tapatalk let's people simply register and circumvent the entire vBulletin web site registration process. They just need a name, email address and password.. no other information required at all ... Even after threads of complaints, Tapatalk have done nothing to fix this glaring security issue, except offer the vBulletin site owner a PAID version which has the ability to turn OFF registrations when using the paid version of Tapatalk, which is not available in the FREE version. Quite simply, you have to pay "blackmail" money to change to their BYO version, in order to get a simple switch to stop hackers and spammers from registering directly using Tapatalk, circumventing all of the safety measures that have to be gone through when they do this through our web site. :erm: In response to complaints, Tapatalk support is now claiming they use a spam detection method, which is nonsense as it hasn't done anything to stop spammers from accessing a lot of vBulletin sites offering support for their product. We've sent out a posting to all our Tapatalk users to start searching for an alternative app ... Regards, Doug |
Quote:
For you to come on here and blast a great App that many people use without problems is pretty immature of you. Tapatalk has done nothing about this because there is nothing "to do". What you should of done is asked if people where having problems with Tapatalk in regards to spammers and registration issues like you are on your site. There is an easy fix on your side which I just posted and I believe you owe these guys an apology for coming on here and saying that they are blackmailing people to turn this off ... Spam will happen on any site if you don't stay on top of it, there are many ways people can combat spamming and it is ultimately each forum's owner and or staff to do their job to prevent it and or completely eliminate it. Like I said, I have almost zero problems/issues with spam on our forums, they are one of the most active in the gaming genre and none of the spam is coming through this App. In fact, I have had zero spammer accounts come in through the Tapatalk app since installing it. .... |
Quote:
The fix they provided (and others), doesn't work.... ;) https://support.tapatalk.com/threads...rations.20426/ .. and, why would it be necessary to start patching code that simply needs to have a switch added (like Forum Runner and other products have ...), to simply require vBulletin registrants to use the vBulletin proper registration system? Anyway, your situation is unique and not indicative of what a lot of vBulletin sites have experienced with this security flaw... To Tapatalk's credit, they have indicated they're going to address the issue in a future version, but that statement has been going on for about 6 months now. :D Regards, Doug ps: no apology owed... I made the same comments in their support forum and if there's an apology owed, it should come from Tapatalk permitting this back-door to registrations to be left open with so minimal requirements in order to be able to post to any vBulletin site offering support for their add-on product. ;) Doesn't it seem odd to anyone that they offer that switch, but only if you PAY a monthly fee to use their product? |
Again, it is up to you to make sure that any app you install in your forums is safe and or you take any extra measures to stop spam.
I have installed Tapatalk on several forums which I have set up for friends and family and none of them have this problem. You can't expect an app that is free to do everything for you. You say this is a security flaw, but any forum or site can experience huge amounts of spam accounts without having this app installed, but how is that a security flaw? What is it putting at risk that forums or sites that don't have this app installed isn't? The problem is not a security flaw but a spam issue, two very different things ... |
Quote:
You can be a Tapatalk booster all you want, but we are also entitled to our opinion... :) With all of the vBulletin add-on measures we've installed, we've had virtually no spam for many many years, because registrants have to go through vBulletin process... It was only after installing Tapatalk, did we start to see spammers using Tapatalk's weak registration system (except of course if you pay the monthly fee), start posting spam again to our site. We know it's from Tapatalk's registration process circumventing around vBulletin's, because every spammer who does this ends up with the phrase Using Tapatalk added to their signature field. :eek: Nothing like building in free advertising for their product without telling either the web site admin or the user signing up. :D Pretty funny in a bizarre sort of way .. :D Anyway, enough said and my point here was to warn vBulletin admins that when they install this product (unless they use the paid version), they are automatically agreeing to let Tapatalk permit registrations outside of their current VBulletin installed method. We raise it here, because Tapalk does not mention that fact when you install it or in their documentation... perhaps they should? Thanks for your feedback and counterpoint ... :up: Regards, Doug |
Lol, I am not being a tapatalk booster "My friend", I haven't had any problems with the app and you have ...tough luck right? Ultimately it comes down to how much time you spend to make sure these things don't happen.
Too me it seems like you don't like to take those extra steps to make sure things run how you want them to, instead you want everything to be free. I am sure others will be grateful that you came on here to "warn" them about this "security flaw", but again, you still did not explain how this is a "security flaw" other than it allowing the registration without other required fields that you may have. And in your initial post you never said regarding this " Anyway, enough said and my point here was to warn vBulletin admins that when they install this product (unless they use the paid version), they are automatically agreeing to let Tapatalk permit registrations outside of their current VBulletin installed method." You just simply make it look like tapatalk doesn't care, that the app is a security flaw and they are blackmailing people into paying for the BYO version which is completely false. Yes my situation might be different but that is because I take those extra measures to ensure that my site is free of spam and registration is done correctly if i install and app that allows their registration process to have an effect on my forums. |
Quote:
Really? :D 1. Tapatalk permits completely unencumbered registration to any site that adds it and opens up their access to the forums. Tapatalk's registration process circumvents around vBulletin's, and anyone using it to register in this manner ends up automatically with the phrase Using Tapatalk added to their signature field. That's how we've been finding and banning spammers. ;) 2. Our site, using vBulletin's native built-in registration process uses vBulletin's inherent banning methods, add-ons such as IP and country banning, plus add-ons like Akismet, Glow Host Spam-o-Matic, StopForumSpam database, SpamBot Stopper, etc etc... Spamming is virtually extinct using this method of registering. 3. Tapatalk's registration processes uses none of those methods. Their software simply takes their name, email address and password desired, then pushes them into a vBulletin site so they can start posting. No other fields and no other checking. Heck, we require Location to be mandatory on registration through vBulletin. Tapatalk simply ignores that requirement so we also end up with registered users who that field is empty. The good news is that it's another way we can "search" in AdminCP and locate these back door sign ups. :D It's simple and I find it odd you seem to take exception that we (and lot of other sites) are requesting the same switch they have in the paid monthly version, or minimally, if that don't want to do that, Tapatalk should advise any admin who's thinking about adding Tapatalk to their vBulletin site that this is how the free software operates, unless they subscribe to the paid monthly version. It has the switch built in that lets the admins turn OFF Tapatalk direct registrations. By the way, we are providing Tapatalk free access to potentially 25,000+ users who may buy their tablet/phone client through the iTunes ($5/copy for HD version) or Android store, so I don't think it's an unreasonable quid-pro-quo request that they simply let vBulletin admins block direct registrations to protect our sites. If anyone takes the time to read the Tapatalk forum link I posted earlier, you'll see that this is not just a case of our site taking issue with this security flaw, but it's many sites. Thanks CAG CheechDogg, for the interactive banter. I'm sure it's helped get enough attention in this thread, so that any potential vBulletin admins who might think about adding this mod and just skimmed the comments, will now take the time to query Tapatalk support about this issue and perhaps follow the thread dialog in their support forums, as to when this will be plugged in the free version, as in their paid version. Regards, Doug ps: I have no interest in getting into a "my dog's bigger then your dog" pi$$ng match. We are not newbies to Tapatalk. We've been using it since the day it was released and I think we're now into 4 1/2 years of supporting it from our site for our members. The issue isn't about its functionality for mobile devices, it's about it's back door registration code. That never existed for the longest time, as they were only interested in being a forum reading and posting adjunct for vBulletin, and now other products as well. The issue we (and other vBulletin sites) started to experience occurred when Tapatalk expanded their code into permitting direct registrations through their code to vBulletin sites, circumventing vBulletin native code. |
I fully understand what your concerned is Badge and I did take the time to read that thread and saw your comments there as well. But for you to come on here just completely blasting them was really not necessary.
Like I said, you could of just said, "hey if you guys use this app, please be aware of this bug with the registration process" then explained what is going on, posted a link to that thread and thats it. But you decided to say that they are forcing people to play "blackmail" money ..lol..come on man. I haven't had "one" single spam account through tapatalk because I took the time myself to make sure that it doesn't happen. If I was able to do that, why can't you or others?, that is my question. It is a free version you are using and you have to understand and realize and also accept the fact that you are "probably" going to get something you don't like or something is going to not work how you would want it to. Like I said, I am sure others will appreciate the fact you brought this up here on vb.org but the way you did it was just not cool. Have a good one. |
Quote:
During the intervening 6 months, they've release no less than 4 updated versions, after having been made aware of the seriousness of this problem to vBulletin sites. I don't know what else to call that behaviour, other than "revenue blackmail". Other vBulletin admins posting were perhaps more polite and said that Tapatalk should be ashamed of themselves for not dealing with this simple exploit. Perhaps I was more outspoken, but if it walks like a duck, well... you know the rest of the phrase .. :D To be honest, I'm less concerned by spammers exploiting their wide open "back door" registration process, as I am about a hacker getting registered easily this way. They've once again promised a fix in the next release, which we've all heard several times before... for months and months and months ... :erm: So, let's wait and see. If they fix it, I'll be the first here to say to members, now it's safe to install and it will follow your secure vBulletin registration rules and process. I do recognize and appreciate you're happy (and secure) letting your members use their direct un-moderated registration process for your forums, but there are a lot of other vBulletin sites who are not, so, let each one decide themselves after reading the facts presented ... At least now, they've heard both sides of the story ... Regards, Doug |
Doug,
I hope you don't mind calling you Doug lol.. No I honestly understand your concern Doug, but what I don't see is how this is a real security threat, you still have not explained to me why you feel that it's a security threat, you don't need to be registered on any site or forum if their intentions are to hack you. If someone wants to hack you they will do it. One more thing, I personally believe that all of you guys who use these mods to combat spammers are actually inviting them to keep trying it by using them on your forums and sites. I don't use one single mod like Akismet, Glow Host Spam-o-Matic, StopForumSpam database, SpamBot Stopper, because when i did use a couple on that list I noticed even more spam attacks that before I used them. Again, it takes a lot of hard work to run a website especially a forum and the use of these addons to combat spamm is like telling a kid they can't do something and they go ahead and do it just because you are telling them they can't. And on our forums I don't have "un-moderated" registration like you say I do. Not one single registration has come from tapatalk .... |
I just upgraded my 'tapatalk' to mobiquo_vb40_4_9_1; have been using tapatalk since it first came out. As soon as I upgraded it I started getting this error message at the top of every page load on web version of my forum:
Quote:
|
anyone? I've asked at the Tapatalk support forum as well with no response =S
|
i read your error message and i think not follow something is not correct?
Warning: include_once(..../forum/mobiquo/smartbanner.php) [function.include-once]: failed to open stream: No such file or directory in ..../includes/class_bootstrap.php(561) : eval()'d code on line 13 Warning: include_once() [function.include]: Failed opening '..../forum/mobiquo/smartbanner.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in ..../includes/class_bootstrap.php(561) : eval()'d code on line 13 check this? (..../forum/mobiquo/smartbanner.php this is NOT ROOT FOLDER (..../mobiquo/smartbanner.php this is ROOT FOLDER. you follow this instructions? source: http://tapatalk.com/activate_tapatal...ugin=vbulletin Install 1. Download the zip package of Tapatalk Plugin for vBulletin to your computer. 2. Unzip the package. You should see a folder named 'mobiquo'. 3. Upload the entire 'mobiquo' folder and only this folder to your forum system root directory. For example, if your forum URL is http://www.mysite.com/forum, it should be placed at http://www.mysite.com/forum/mobiquo/. 4. Login to Administration Control Panel, go to 'Plugin & Products' -> 'Manage Products'. 5. Choose 'Import the XML file from your server', enter './mobiquo/product-tapatalk.xml', click the "Import" button. Update Tapatalk Plugin 1. Login to Administration Control Panel, go to 'Plugin & Products' -> 'Manage Products' 2. Find out 'Tapatalk' product, click drop-down menu on the right hand side, select 'Uninstall'. 3. In Deletion Confirm window, click 'Yes' 4. Delete "mobiquo" folder from the root path of your forum. 5. Redo the Installation steps. (Make sure plugin folder 'mobiquo' was replaced with the new one, and product xml file was imported.) Uninstall Tapatalk 1. Login to Administration Control Panel, go to 'Plugin & Products' -> 'Manage Products'. 2. Find out 'Tapatalk' product, click drop-down menu on the right hand side, select 'Uninstall'. 3. In Deletion Confirm window, click 'Yes' 4. Delete "mobiquo" folder from the root path of your forum. |
Yes I followed the instructions just like I have through each and every update.
My 'forum root' IS http://xxxxxxx.com/xxx/forum (as it is on a SUBdomain of my site) so my structure is http://xxxxxxx.com/xxx/forum/mobiquo . I've had it installed like this for at least two years and never had a problem prior to this upgrade. It works fine on the 'ipad/iphone' user end, it just screwed up my web version. |
you have try to uninstall (complete) tapatalk
and install again? i check .xml file to upload other friend (tapatalk support forum) and find all commands search this path .../mobiquo/ or MOBIQUO_PATH you have check ADMIN CP => SETTINGS => OPTIONS => TAPATALK Tapatalk Plugin Directory Advanced Use Only. Change it only if you did rename the Tapatalk plugin directory. And the default value is 'mobiquo'. If you have installed Tapatalk plugin in different directory, you will also need to apply the same settings in Tapatalk Forum Owner Area at http://tapatalk.com/forum_owner.php in my case and works fine all plug ins install whole VB package to root /public_html/ or /www/ and not have any problem. |
so I gave up. totally uninstalled and reinstalled. guess it's like my phone and ipad and computers: reboot cures all.
|
vBulletin 4.x
Stable Release 3/16/2014 Version 4.9.2 Download : http://tapatalk.com/files/plugin/mobiquo_vb40_4_9_2.zip |
After installing Taptalk on 4.2.2 PL1, my mobile theme is not "detected" and displayed. Instead, my "Full site" theme is displayed by default with a tapatalk banner.
Does anyone know how I can make my mobile theme detected for mobile users and displayed by default, and remove the Taptalk banner (I already disabled the welcome message). Thank you |
not using mobile theme by vbulletin (i have installed vbadvanced CMS and not success to working with mobile theme)
|
Wow, so my API won't update no matter what I do. Not getting much help here from Tapatalk either:
https://support.tapatalk.com/threads...-update.24465/ Anybody else run into this issue? |
Todays email from Tapatalk since they do not keep this updated here:
Dear vBulletin 4 Forum Owners, We were recently made aware of a security issue with the plugin used on vBulletin 4 forums. We have released an updated version of the plugin which fixes this security problem but also addresses a couple of other issues. We recommend that all vBulletin 4 forums update the plugin to version 5.2.2 as a matter of urgency. The following fixes are included:
You can download the update at our plugin page by clicking the link below and downloading the Tapatalk Plugin for vBulletin 4 version 5.2.2. Tapatalk vBulletin Plugin Downloads How do I update the Tapatalk Plugin? Redo the Installation steps making sure the plugin folder 'mobiquo' was replaced with the new one, and the product.xml file has been imported. What Happened? Although we try our best to keep forums as secure as possible, something slipped through testing and the vBulletin 4 plugin was released with a bug that allows for an attacker unauthorized access the database. We urge you to update the plugin as a matter or urgency. While we are constantly on the lookout for security exploits ourselves,if you come across any security issues, we urge you to report them privately to us here via our Security Incident Response Team form. We appreciate any tips you may have that will aid us in improving everyone's security on Tapatalk! Thank You, The Tapatalk Team |
I got a database error,when i try moderate in Tapatalk :(
|
Quote:
|
Quote:
|
Thank you ;)
|
Is this thread still alive?
I have custom age requirements for my forum (by editing register.php) but Tapatalk defaults back to the standard 13+ coppa restrictions thus allowing new members to bypass my rules. Has anyone else been able to get around this problem as they seem to have done away with off-app sign ups? (trying to create a BYO app) |
| All times are GMT. The time now is 01:33 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|