vb.org Archive
Page 3 of 11 12 3 45 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.7 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=228)
-   -   Add-On Releases - vBTube 1.2.9 (CSRF protection added) (https://vborg.vbsupport.ru/showthread.php?t=173083)

DJ Matt4684 03-20-2008 09:57 PM
I installed this after the XSS issue. Can you clarify if I still need to add the code you posted above to the .htaccess file or am I good?

connkid25 03-20-2008 10:03 PM
Quote:
Originally Posted by DJ Matt4684 (Post 1470149)
I installed this after the XSS issue. Can you clarify if I still need to add the code you posted above to the .htaccess file or am I good?
You still need to add that to your htaccess.

DJ Matt4684 03-20-2008 10:06 PM
^ Thanks. I haven't checked, but I assume for the vbtube template, I already have the same info in there thats in the 'Template vBTube - Should be changed in the vbulletin templates.txt' file.

Magnumutz 03-21-2008 03:51 AM
Great... i upgraded right now. Good job !

connkid25 03-21-2008 05:24 AM
Quote:
Originally Posted by DJ Matt4684 (Post 1470165)
^ Thanks. I haven't checked, but I assume for the vbtube template, I already have the same info in there thats in the 'Template vBTube - Should be changed in the vbulletin templates.txt' file.
I didnt realize that playa left the txt file in the zip. The product xml was changed so you will not have to edit that template. The txt file only changes the search button so its not a text field. If your search button shows and works, you do not need to edit that template.

lonelime 03-21-2008 06:10 AM
hallo,

thanks for great work ....

why version 1.2.6 inside the 1.2.9 zip file ?

DJ Matt4684 03-21-2008 06:27 AM
Thanks connkid25. I have one more question. I put vbtube on my Navbar, but I don't want unregistered users to be able to click and be able to use this feature. Is there anyway I can prevent this from happening to where it takes them to a registration page? I would assume some extra code would need to be added in the navbar or something.

connkid25 03-21-2008 07:29 AM
Quote:
Originally Posted by DJ Matt4684 (Post 1470468)
Thanks connkid25. I have one more question. I put vbtube on my Navbar, but I don't want unregistered users to be able to click and be able to use this feature. Is there anyway I can prevent this from happening to where it takes them to a registration page? I would assume some extra code would need to be added in the navbar or something.
I added the proper code to the main vBTube.php file for you. Just overwrite this file in your forum root directory. Once you overwrite this file, guests will need to register or login. No template changes are needed. :)

Playa82 03-21-2008 07:34 AM
New Files added

DJ Matt4684 03-21-2008 08:06 AM
Quote:
Originally Posted by connkid25 (Post 1470496)
I added the proper code to the main vBTube.php file for you. Just overwrite this file in your forum root directory. Once you overwrite this file, guests will need to register or login. No template changes are needed. :)
Genius! Hey, thanks for doing that! I appreciate it!

connkid25 03-21-2008 09:12 AM
Quote:
Originally Posted by DJ Matt4684 (Post 1470517)
Genius! Hey, thanks for doing that! I appreciate it!
No problem. Happy to help!

Magz 03-21-2008 01:22 PM
Sorry if this is a dumb question, but in the .htaccess file instructions, it says to enter your URL here. What URL do i put there, my sites index /root url, or the sites /root/forum url?

Also my site has an .htaccess file file in root, and also in the root/forums folder. Which one do i need to edit ?

connkid25 03-21-2008 01:55 PM
Quote:
Originally Posted by Magz (Post 1470735)
Sorry if this is a dumb question, but in the .htaccess file instructions, it says to enter your URL here. What URL do i put there, my sites index /root url, or the sites /root/forum url?

Also my site has an .htaccess file file in root, and also in the root/forums folder. Which one do i need to edit ?
You put your site URL. Such as example.com. Nothing else goes there.

You need to edit the htaccess in the root directory so it can be set for the entire site.

Magz 03-21-2008 02:18 PM
Thanks for quick reply, all now implemented, and working :)

DJ Matt4684 03-21-2008 10:01 PM
This mod is epic. I nominated it for MOTM. This hack will be even better if things are added to it such as a login somehow to where people can login with their Youtube ID, ability to leave comments under the vid, rating videos, upload videos, etc.

tmiland 03-21-2008 10:39 PM
How come the video's still show after i uninstalled this script?

connkid25 03-22-2008 01:37 AM
Quote:
Originally Posted by DJ Matt4684 (Post 1471114)
This mod is epic. I nominated it for MOTM. This hack will be even better if things are added to it such as a login somehow to where people can login with their Youtube ID, ability to leave comments under the vid, rating videos, upload videos, etc.
I would love to see these options available too. Youtube code allows it so maybe the next update will include these options?

Quote:
Originally Posted by tmiland (Post 1471135)
How come the video's still show after i uninstalled this script?
You should check and see if the custom bbcode is still present.

seangworld 03-22-2008 02:58 AM
works great. it's actually better than your previous versions, thanks.
what do you have in the works in the future involving this hack? i would like to curb youtube altogether and just upload/comment videos thru my own site without going to youtube, add favorites, etc.

Playa82 03-22-2008 03:32 AM
^^^i try to add comments

Gostemilov 03-22-2008 03:56 AM
Terrible. No admin page. No category adding or deleting without changing the code. Lot of other problems. Users can't add video. No approving system. Nothing at all.

Uninstalled.

Playa82 03-22-2008 05:50 AM
Quote:
Originally Posted by Gostemilov (Post 1471316)
Terrible. No admin page. No category adding or deleting without changing the code. Lot of other problems. Users can't add video. No approving system. Nothing at all.

Uninstalled.
just read the description...

connkid25 03-22-2008 07:50 AM
Quote:
Originally Posted by Gostemilov (Post 1471316)
Terrible. No admin page. No category adding or deleting without changing the code. Lot of other problems. Users can't add video. No approving system. Nothing at all.

Uninstalled.
If you'd like to see things added, you should act like an adult instead of acting like a child. I'm sure the developer spent many hours on this and the least you could do is be respectful and nicely request additional options. This can only work with what youtube allows. Patience is a virtue!

beishe8 03-22-2008 08:21 AM
I would like to install this mod but this is stopping me:

Quote:
Add the following to your .htaccess file:
I cannot use .htaccess file with my host. :(

DJ Matt4684 03-22-2008 08:43 AM
Quote:
Originally Posted by Gostemilov (Post 1471316)
Terrible. No admin page. No category adding or deleting without changing the code. Lot of other problems. Users can't add video. No approving system. Nothing at all.

Uninstalled.
Thats not even right. You pretty much blasted him for no apparent reason. At least be courteous. This is actually a very nice hack. This is a brand new hack so give the developer some time and I'm sure he will add a lot of cool different features as time goes on.

seangworld 03-22-2008 09:34 AM
Quote:
Originally Posted by beishe8 (Post 1471431)
I would like to install this mod but this is stopping me:



I cannot use .htaccess file with my host. :(

it's not a requirement. it'll work without doing this.

seangworld 03-22-2008 09:35 AM
Quote:
Originally Posted by Playa82 (Post 1471359)
just read the description...
hey man...
i also noticed that the hack automatically pulls crappy foreign videos instead of what is actually the most popular, featured, etc. that is on youtube. is there a way to fix this? i dont want all the foreign crap as a default.

funkmeister 03-22-2008 04:01 PM
How do you sort by "Date Added"? In other words, how YouTube parses results with:

http://www.youtube.com/results?searc..._date_uploaded

Aside from this - it's perfect, thank you.

jasculs 03-22-2008 04:21 PM
Anyway I can create a playlist as a category?

beishe8 03-22-2008 06:33 PM
Quote:
Originally Posted by seangworld (Post 1471446)
it's not a requirement. it'll work without doing this.
Thanks,I'll give it a try! :)

Playa82 03-22-2008 06:48 PM
Quote:
Originally Posted by seangworld (Post 1471446)
it's not a requirement. it'll work without doing this.
but if u don't add the code to your .htaccess, vbtube and your whole site is open for:

Cross-site scripting (XSS)

bigtime 03-22-2008 08:11 PM
Hi,

Here are some other security issues I think should be corrected:


On line 13 of cat.php, change:

PHP Code:
$pages $_GET[page]; 
To:

PHP Code:
$pages intval($_GET['page']); 

Same change to playlist.php on line 13, user.php on line 49.

On line 43 of vBTube.php, find this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages $_GET[page]; }
$pages intval($_GET['page']); 
Change it to this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages intval($_GET['page']); } 
Hope I caught them all.


BTW, Playa82, thanks again for the great addon! Don't let anyone's rude comments discourage you!

Tim

DoB Rhapsody 03-22-2008 11:26 PM
Question!

How do i change the default videos that are displayed when someone goes to "vBTube.php"? I want to display gaming related content. I don't just want to link to a search result though. I also don't mind if it displays "results: xxx xxx" in the video area, as long as it's not a dynamic link.

bigtime 03-23-2008 04:06 AM
Quote:
Originally Posted by DoB Rhapsody (Post 1472071)
Question!

How do i change the default videos that are displayed when someone goes to "vBTube.php"? I want to display gaming related content. I don't just want to link to a search result though. I also don't mind if it displays "results: xxx xxx" in the video area, as long as it's not a dynamic link.
Is there an existing gaming category at youtube? If not, the only way I know to do it would be the edit I posted earlier in this thread.

Tim

DoB Rhapsody 03-23-2008 05:34 AM
Quote:
Originally Posted by bigtime (Post 1472234)
Is there an existing gaming category at youtube? If not, the only way I know to do it would be the edit I posted earlier in this thread.

Tim

Found it, thanks for that. One thing still bugs me though, why are all the videos in the categories foreign!!

Playa82 03-23-2008 11:25 AM
Quote:
Originally Posted by bigtime (Post 1471928)
Hi,

Here are some other security issues I think should be corrected:


On line 13 of cat.php, change:

PHP Code:
$pages $_GET[page]; 
To:

PHP Code:
$pages intval($_GET['page']); 

Same change to playlist.php on line 13, user.php on line 49.

On line 43 of vBTube.php, find this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages $_GET[page]; }
$pages intval($_GET['page']); 
Change it to this:

PHP Code:
if (!$_GET[page]) { $pages 1; }
else { $pages intval($_GET['page']); } 
Hope I caught them all.


BTW, Playa82, thanks again for the great addon! Don't let anyone's rude comments discourage you!

Tim

thanks, i already noticed the codes above. but it's still a xss error when u don't edit your .htaccess file...

arco 03-23-2008 04:14 PM
Here's some stars I made you can use with dark styles.

kall 03-24-2008 11:24 PM
Quote:
Originally Posted by connkid25 (Post 1470764)
You put your site URL. Such as example.com. Nothing else goes there.

You need to edit the htaccess in the root directory so it can be set for the entire site.
He said that he has a .htaccess in the forum root.

Telling him that setting one up "in the root directory so it can be set for the entire site" is both incorrect and misleading. The one in /forum/ will NOT inherit the values in the /root/ one. It will OVERRIDE them entirely.

connkid25 03-24-2008 11:50 PM
Quote:
Originally Posted by kall (Post 1473717)
He said that he has a .htaccess in the forum root.

Telling him that setting one up "in the root directory so it can be set for the entire site" is both incorrect and misleading. The one in /forum/ will NOT inherit the values in the /root/ one. It will OVERRIDE them entirely.
It should be enabled globally on the server. Instead of being rude about it, you could have then told him to edit both. Simple and fixed! ;)

Magnumutz 03-25-2008 05:10 PM
Okay, what does the new update contain?

Playa82 03-25-2008 06:21 PM
Quote:
Originally Posted by Magnumutz (Post 1474340)
Okay, what does the new update contain?
XSS Protection


All times are GMT. The time now is 09:49 PM.
Page 3 of 11 12 3 45 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01536 seconds
  • Memory Usage 1,846KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (8)bbcode_php_printable
  • (22)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete