vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   phraseid numbers ..... big problem! ... i warned that this would happen! (https://vborg.vbsupport.ru/showthread.php?t=74373)

Natch 01-28-2005 01:55 AM
I think he was saying that if you want to know what a function does, the best documentation is to look aat the function, and work out what it does.

If this is not something you can do, then your next point of reference is php.net and mysql.com ... that's teh way the rest of us learned how-to.

Carnage 01-28-2005 08:57 AM
Quote:
Originally Posted by KirbyDE
Worst-Case Scenario:
Jelsoft introduces a new Bit "Is Superadmin" (eg. does have all admin privileges) in usergroup permissions - while your hack used it for <place smth. harmless here>.
Now users unaware of this upgrade and - BANG
i tried that... adding is superadmin requires far too meny code changes to be worth the extra conviniace of being about to superadmin people from the cp.

but yeah i see this point; i suppose this is why hacks are not officially supported... probably the only solution is to warn users of the problems it can (and will?) cause and to make sure that they check permissions etc after installing/upgrading.

or alternativly... use your own bitfield... however myself i quite like the admin permissions bitfield and have added half a dozen new permissions to it for my warnings system and there will probably be more to come...

Andreas 01-28-2005 11:11 AM
Not supporting hacked boards is one thing, "intentionally" increasing the danger of security leaks is another.

As said, this is a hypothetical worst-case scenario and most likely won't ever happen.
But it is far more dangerous to use an unused bit for custom things then adding a column to a table (the upgrade script would crash with a mySQL-error if a column with this name does already exist when they try to ALTER TABLE) or introducing new variables (this can of course also cause problems, but only if Jelsoft uses the same variable name; Bitfields will be used sooner or later)

Btw: Creating such a "issuperadmin" usergroup permission IMHO would be pretty easy: In init.php check the bit, if it is set also set ismoderator and cancontrolpanel.
In can_administer() check that bit and if it is set return true, no matter what $do is.

bluesteel 01-28-2005 09:04 PM
Quote:
Originally Posted by trafix
How many vb noobs out there would have read this thread and know now that there have been a crash between 2 hacks are wanting to install any hacks now incase it happens to them? i wouldnt be feeling very secure installing any hack to my board atm.....

This issue needs urgent addressing before any more crap happens .... its just as well mycates is relativly experiances with php and db's
He he he trafix.
Spent feckin loads of attempts over the past weeks trying to install your Jukebox hack. Fails every time with a MySQL error. After spending another hour messing about with it tonight, plus coming across this thread, realised that Jukebox is trying to use phraseid 888, which is already in use by the Quiz hack by TWCommish that I have installed.
Bugger! :(

trafix 01-28-2005 09:11 PM
Quote:
Originally Posted by bluesteel
He he he trafix.
Spent feckin loads of attempts over the past weeks trying to install your Jukebox hack. Fails every time with a MySQL error. After spending another hour messing about with it tonight, plus coming across this thread, realised that Jukebox is trying to use phraseid 888, which is already in use by the Quiz hack by TWCommish that I have installed.
Bugger! :(
Oh crap! :(

Tnx for the feedback bluesteel ...... just goes to show the importance of phraseid number registration .....

you can change the number in the quiry.php and the phrase.php .... where is says 888 change it to another unused phraseid, and it should install :)

bluesteel 01-28-2005 09:17 PM
No worries mate. Sorta figured that out.
Now I'm off back to the JB hack thread to figure out other small probs :)

Carnage 01-31-2005 08:58 AM
Quote:
Originally Posted by KirbyDE
Not supporting hacked boards is one thing, "intentionally" increasing the danger of security leaks is another.

As said, this is a hypothetical worst-case scenario and most likely won't ever happen.
But it is far more dangerous to use an unused bit for custom things then adding a column to a table (the upgrade script would crash with a mySQL-error if a column with this name does already exist when they try to ALTER TABLE) or introducing new variables (this can of course also cause problems, but only if Jelsoft uses the same variable name; Bitfields will be used sooner or later)

Btw: Creating such a "issuperadmin" usergroup permission IMHO would be pretty easy: In init.php check the bit, if it is set also set ismoderator and cancontrolpanel.
In can_administer() check that bit and if it is set return true, no matter what $do is.
Yes well, i'm not going to release the hack in question since i didn't write most of it in the first place... so it'll only be on the board it was written for. In the event of any upgrades, I can easilly change admin permissions if the need arises.

the superadmin user permission is slightly more difficult than that, you have to go through and find every check for the In_array($superadmins_array) thing(can't remember the exact script) and replace it with a check to that permission, however as a quick way to grant all normal permissions, yes it is quite simple.

My intention with it was to have it function in the same way we had root admins function on vb2, root admins were the ones who controlled admin permissions, they were the only ones able to grant access to the admin and root admin forums, plus they had a bunch of other useful things such as the ability to change peoples userid and to add elements to the rpg system we used. However it turned out alot more difficult than i though it would be I may have another go at doing something like this when i've got other things sorted out.

trafix 01-31-2005 09:21 AM
Is something happening with a registration system ??????

I think this is now urgent!!!!

So har now 2 of the 4 major hacks i have released clash phraseid's with another hack.

the members choice clashed with the geek articles hack

and

my jukebox is clashing with some quiz hack.

I WANT YOU TO TELL ME WHAT IS THE POINT OF ME RELEASING ANY MORE HACKS IF I HAVE TO SPEND EVERY SECOND POST HELPING OTHER TO FIX THEIR FORUMS BECAUSE OF CLASHING

Andreas 01-31-2005 09:35 AM
Quote:
Originally Posted by trafix
Is something happening with a registration system ??????
There is no registration system necessary for phrasetypes ...

trafix 01-31-2005 09:37 AM
so what is your solution that stops clashes?

cinq 01-31-2005 09:45 AM
I've read through this thread (with slight understanding of what is going on).

But I have a query on the usergroup permissions bitfields.
Can't we already assign the own group name ?
eg.

PHP Code:
$_BITFIELD[\'usergroup\'][\'myownpermissions\'] = array(  .... 
Would this still cause a clash ?
(other than some other hack using EXACTLY the same 'myownpermissions' naming.

Andreas 01-31-2005 11:34 AM
Quote:
Originally Posted by trafix
so what is your solution that stops clashes?
Use add_phrase_type() to create your custom phrasegroups :)

trafix 01-31-2005 12:00 PM
Quote:
Originally Posted by cinq
I've read through this thread (with slight understanding of what is going on).

But I have a query on the usergroup permissions bitfields.
Can't we already assign the own group name ?
eg.

PHP Code:
$_BITFIELD[\'usergroup\'][\'myownpermissions\'] = array(  .... 
Would this still cause a clash ?
(other than some other hack using EXACTLY the same 'myownpermissions' naming.
yes Cinq ... i did that for the jukebox permissions :)

Quote:
Originally Posted by KirbyDE
Use add_phrase_type() to create your custom phrasegroups :)
ok then it is very likley that every forum the hack is on will have a different phraseid no for the same hack ....

that is well and good but what about when you release upgrades to the hack .... there do the new phrases go?

Andreas 01-31-2005 12:07 PM
If it returns false (eg. not created), it most likely does already exist => check table phrasetype to get the ID (if you need it).

trafix 01-31-2005 12:16 PM
coding an installer for vb2 was childs play .... however vb3 is very complicated in the way it installs templates and phrases/phrasegroups etc.

I wouldnt know where to start ...

The HTL is dead .... and the HIS obviously dosnt cut the mustard.

How you you suggest that i code and installer that is smart enough to install a hack properly as well as being intelegent enough to find spacific numbers before and upgrade can be performed?

Can you code one for me?

Andreas 01-31-2005 12:58 PM
Hmm, I thought HIS does handle phrases already?
I'll take a look at it but might take some days.

Cap'n Steve 01-31-2005 04:32 PM
This is the same basic problem that I've encountered after starting a hack. Lack of documentation is a huge problem for software like this that is attractive largely because of the hacking community. The developers have promised a reference manual with the next major version, but until then we just have to read every php file (and wish there were more comments).

trafix 01-31-2005 06:49 PM
Quote:
Originally Posted by KirbyDE
Hmm, I thought HIS does handle phrases already?
I'll take a look at it but might take some days.
Yes the HIS does do phrases ..... BUT .... there are several phrase groups that it fails with that I know of so far

Email Body phrases and control panel stop messages.

The HIS will not collect these files when auto generating the phrase.php file and if the phrases are edited manually into the phrase.php in installing a hack the email body phrases are not installed. I have mentioned this to Link but he dosnt believe me :(

Paul M 01-31-2005 08:08 PM
Quote:
Originally Posted by trafix
ok then it is very likley that every forum the hack is on will have a different phraseid no for the same hack ....

that is well and good but what about when you release upgrades to the hack .... there do the new phrases go?
I can think of at least two ways to find the phraseid used (for upgrades).

1. Store it in the DB somewhere.

2. Run a query to find a phrase you know exists, and extract it's id.

trafix 02-01-2005 02:45 AM
Paul .... i am aware of the options, please feel free to build it into an installer for me ;)

trafix 02-04-2005 10:30 PM
has anyone got the majic solution yet????

Im waiting and i dont realy want to release any more hacks until this problem is fixed.

1) register phrase ids
2) intelligent installer that all coders must use to avoid clashes

Andreas 02-05-2005 05:26 AM
PHP Code:
require_once('./includes/adminfunctions_language');
$phrasetypeid add_phrase_type('myphrases''These are my phrases');
if (!$phrasetypeid) {
  // Hmm ... smth. went wrong. Let's see if it already exists
  $check $DB_site->query_first("SELECT phrasetypeid FROM " TABLE_PREFIX "phrasetype WHERE fieldname = 'myphrases'");
  if ($check['phrasetypeid']) {
    // Oh, my phrasegroup does already exist!
    // Guess this is an update then
    // My phrasetypeid is $check['phrasetypeid'] and I can use it now the insert phrases
  } else {
    // W00t !?! My phrasegrouop can't be created AND does not exist yet?
    // Fatal Error, call 911 and wreak havoc!
   }
} else {
  // Fine! My phrasegroup has been created, its ID is $phrasetypeid and I can use it now to insert phrases



All times are GMT. The time now is 10:34 AM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01915 seconds
  • Memory Usage 1,802KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_php_printable
  • (10)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (22)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete