|
I'll have to check into the code. I'll check it out when I start on the vbmail handling for the cron job.
|
Thanks -- side note.....
in the cron script, you may want to change: $fromaddress = $letter->sender[0]->mailbox ."@".$letter->sender[0]->host; to: $fromaddress = $letter->reply_to[0]->mailbox ."@".$letter->reply_to[0]->host; if(strlen($fromaddress) == 0) $letter->sender[0]->mailbox ."@".$letter->sender[0]->host; the script fails for gmail sent as another user ... such as when I send from my company profile in gmail, the script still sees me as host=gmail.com |
Quote:
That's what keeps people from pretending they are someone else :) If I didn't have that check in there, you could set your reply to address in gmail or yahoo as the admins email address and you would show to the forums as posting as the admin :) To avoid that security loop hole, it checks who the actual domain is that is sending the email :) Just use your true gmail address for your account and you will be fine. |
Quote:
The only issue is, that if I really want to post as the ADMIN, I could just set up a whole profile in thunderbird or outlook and truly send as that person. Then the script will still pass the tests and post as a fake author. So, putting that test in limits people who use services like gmail but have multiple profiles. |
Quote:
With yahoo I can go to the options, type whatever email name I want, and that would show up as me. I wouldn't need any passwords. With outlook and thunderbird you have to have the password. This is also why the error email that gets sent to you for the incorrect email address shows you the address that the modification sees you as having and has a link to update your email address :) Your solution, doesn't require that people have a password or any access to the mailbox. I'm not saying the method I'm using is perfect security... but it at least requires that you are on sending from the same domain as the email your trying to fabricate. I'm sorry but I will not remove this feature for anything less then a more secure method. Removing the prime security feature to me, is just not wise even if it's not the perfect method. |
Quote:
That is why I am saying it is not a security feature, it is reducing the usability actually more so than any security feature. |
If you add this code (in all spots cron and product xml) right after text_subject is defined, the EmailIntegration script will handle the custom prefixes _and_ use a default one if none is found - it seemed to already take into account the original prefixing anyhow [\$foruminfo[title_clean]-t-\$threadinfo[threadid]]:
Code:
// prefix code - cgmckeever |
Quote:
Good luck! :) Quote:
I'll get this into the next live version! :) Thank you! |
Remember all, I am looking for beta testers!! be sure to PM me if you would like to help test the next version because I'll be rewriting the regexs in the upcoming version!
|
OK - although the THREAD PREFIX script has its place, I didn't like the need for it to be installed to get the EI prefix to work.
You need to add a DB field ei_prefix: Code:
ALTER TABLE forum ADD ei_prefix VARCHAR( 50 ) NULL;The below snippet needs to be added to the EI cron and product files right after: Code:
$text_subject = replace_template_variables($text_subject);Code:
// prefix code - cgmckeever |
| All times are GMT. The time now is 04:36 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|