vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.7 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=228)
-   -   End-User Options - Personal Sticky Threads (https://vborg.vbsupport.ru/showthread.php?t=189444)

DPtheGod 11-09-2008 04:04 PM
This is definitely an interesting hack. I'm going to give it a shot at home tonight. Thanks! :)

BigDog56 11-15-2008 01:13 PM
If the thread drops a page, the sticky does not show up, unless you go to that page. It is also showing up twice on that page. Once above the regular stickies and the again below the stickies.

iNRoC 11-15-2008 02:47 PM
Amazing. I love it. Installed.

AA_ 12-25-2008 10:04 AM
bugtraq at securityfocus dot com:

Quote:
Personal Sticky Threads is an addon for vbulletin that allows users to create personal stickies. There appears to be a small problem when toggling the personal sticky on a thread you do not have persmission to access.

If I am denied persmission to:

http://forums.somesite.com/showthread.php?t=7

Toggling personal stickies for the thread to on I am able to view the thread title, author, and pages:

http://forums.somesite.com/misc.php?...tick&thread=47

This does not allow me access to the thread but does display information not intended to be viewed by me :)

Rene Kriest 12-27-2008 02:46 AM
Quote:
Originally Posted by AA_ (Post 1693386)
bugtraq at securityfocus dot com:
Uah, scarry. I think I gonna wait with installing the addon until the security issue has been resolved.

mystikmedia 02-18-2009 07:59 AM
Does anyone know if this works with 3.8.1?

Kaelon 02-18-2009 06:20 PM
Quote:
Originally Posted by mystikmedia (Post 1747663)
Does anyone know if this works with 3.8.1?
This does. However, be advised, that I discovered a minor security flaw in this code that would enable any user to gain unauthorized access to the name/title of threads in private forums (but not their content). Since I did not originally code this, and merely ported it, I believe there are a series of missing checks in the plugins themselves. However, I am not actively supporting this mod due to time constraints.

mystikmedia 02-18-2009 07:51 PM
Quote:
Originally Posted by Kaelon (Post 1748271)
This does. However, be advised, that I discovered a minor security flaw in this code that would enable any user to gain unauthorized access to the name/title of threads in private forums (but not their content). Since I did not originally code this, and merely ported it, I believe there are a series of missing checks in the plugins themselves. However, I am not actively supporting this mod due to time constraints.
Darn. I tried it, but got a message about invalid SQL with this change:

Code:
===========================================================================
==== Find in forumdisplay.php
                $stickies = $db->query_read_slave("
                        SELECT thread.threadid, lastpost, open
                        FROM " . TABLE_PREFIX . "thread AS thread
                        WHERE forumid = $foruminfo[forumid]
                                AND sticky = 1
                                $prefix_filter
                                $visiblethreads
                                $limitothers
                                $globalignore
==== Replace with
                $stickies = $db->query_read_slave("
                        SELECT thread.threadid, lastpost, open
                        FROM " . TABLE_PREFIX . "thread AS thread
                        WHERE forumid = $foruminfo[forumid]
                                AND (sticky = 1
                                OR threadid IN ($personalstickysq))
                                $prefix_filter
                                $visiblethreads
                                $limitothers
                                $globalignore
===========================================================================
This is the exact error if you're interested:

Database error in vBulletin 3.8.1:

Invalid SQL:

SELECT thread.threadid, lastpost, open
FROM thread AS thread
WHERE forumid = 12
AND (sticky = 1
OR threadid IN ())

AND visible IN (0,1,2);

MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '))

AND visible IN (0,1,2)' at line 5
Error Number : 1064
Request Date : Wednesday, February 18th 2009 @ 03:52:55 PM
Error Date : Wednesday, February 18th 2009 @ 03:52:55 PM
Script : http://www.gadgetadvisor.com/hammerf...splay.php?f=12
Referrer :
IP Address : 71.11.83.89
Username : Gadget Advisor
Classname : vB_Database
MySQL Version : 5.0.67-community

Too bad about you not having time to support, but I can certainly understand. Good luck!

dbirosel 04-22-2009 02:24 PM
Awwww that sucks. This was a real good idea too.

FeatheredFriend 06-24-2009 11:08 PM
So i am going to ask what do I do if I don't have anything in the show thread.php folder? I have all the other edits done but this one. Thanks.

down.low 06-28-2009 10:12 PM
In case no one has asked or answered this question- it works on vB 3.8.1 with no problems. Thanks for the hack- works great.

down.low 06-28-2009 10:24 PM
Quote:
Originally Posted by FeatheredFriend (Post 1836739)
So i am going to ask what do I do if I don't have anything in the show thread.php folder? I have all the other edits done but this one. Thanks.
Umm, since you said .php- it would only be the forumdisplay.php file on your server that you would have to edit.

Then you have to edit the said templates- which your showthread template would not possibly be empty.

FeatheredFriend 06-30-2009 02:51 PM
Thanks down.low I am going to come up with the thought that the templet i am to edit is in my admin cp.

Fangs404 07-13-2009 12:05 AM
I just installed this on a 3.8.3 install, and it worked without any problems.

RobbieZ 07-26-2010 12:40 PM
Works on a 3.8.4 PL 1 board, but I want it to work on a Vb 4 :D

inciarco 07-29-2010 05:28 AM
Quote:
Originally Posted by mystikmedia (Post 1748383)
Darn. I tried it, but got a message about invalid SQL with this change:

Code:
===========================================================================
==== Find in forumdisplay.php
                $stickies = $db->query_read_slave("
                        SELECT thread.threadid, lastpost, open
                        FROM " . TABLE_PREFIX . "thread AS thread
                        WHERE forumid = $foruminfo[forumid]
                                AND sticky = 1
                                $prefix_filter
                                $visiblethreads
                                $limitothers
                                $globalignore
==== Replace with
                $stickies = $db->query_read_slave("
                        SELECT thread.threadid, lastpost, open
                        FROM " . TABLE_PREFIX . "thread AS thread
                        WHERE forumid = $foruminfo[forumid]
                                AND (sticky = 1
                                OR threadid IN ($personalstickysq))
                                $prefix_filter
                                $visiblethreads
                                $limitothers
                                $globalignore
===========================================================================
This is the exact error if you're interested:

Database error in vBulletin 3.8.1:

Invalid SQL:

SELECT thread.threadid, lastpost, open
FROM thread AS thread
WHERE forumid = 12
AND (sticky = 1
OR threadid IN ())

AND visible IN (0,1,2);

MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '))

AND visible IN (0,1,2)' at line 5
Error Number : 1064
Request Date : Wednesday, February 18th 2009 @ 03:52:55 PM
Error Date : Wednesday, February 18th 2009 @ 03:52:55 PM
Script : http://www.gadgetadvisor.com/hammerf...splay.php?f=12
Referrer :
IP Address : 71.11.83.89
Username : Gadget Advisor
Classname : vB_Database
MySQL Version : 5.0.67-community

Too bad about you not having time to support, but I can certainly understand. Good luck!
The Error is in this Line:

Code:
OR threadid IN ($personalstickysq))
It should be:

Code:
OR threadid IN ($personalstickysq)
Without the Second ")".

My Best Regards.

:)

john1744 08-08-2010 01:13 PM
Has anyone attempted this with vB 4.0?

Kaelon 01-27-2011 02:28 AM
Quote:
Originally Posted by john1744 (Post 2080846)
Has anyone attempted this with vB 4.0?
This won't work with vBulletin 4.x, nor do I plan to port this to vB 4.x. This mod is intended only for vB 3.7.x or vB 3.8.x.


All times are GMT. The time now is 05:08 AM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01400 seconds
  • Memory Usage 1,775KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (18)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete