vb.org Archive - Allow usergroups ( Admins ) to use HTML for posts , sigs

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)

- - Allow usergroups ( Admins ) to use HTML for posts , sigs (https://vborg.vbsupport.ru/showthread.php?t=75590)

It's not working for me. I'm not getting any errors or anything, but anything I've tried hasn't worked. Am I missing something?

Quote:

Originally Posted by xYarub

It's not working for me. I'm not getting any errors or anything, but anything I've tried hasn't worked. Am I missing something?

Can you post your modified code?

I'm having difficulty getting this working as well. Here is my modified PHP...

First part...

PHP Code:


		
			
// ###################### Start bbcodeparse2 ####################### 

function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1) 

{ 

// parses text for vB code, smilies and censoring 

global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post; 

global $html_allowed;

Second part...

PHP Code:


		
			
    $html_allowed = true;

$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19) 

// ********************* REMOVE HTML CODES *************************** 

if (!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))

    {

        /*static $html_find = array('&lt;', '&gt;', '<', '>');

I also have a couple questions...

(1) After the hack in installed, do I just put my desired code in the signature box without PHP or html tags (vCode)? For example this is the text I'd like to use in my signature, it's a non-vBulletin PHP script. It's been tested on my site and works ok.

PHP Code:


		
			
<?php 

$username = "muppetcentral"; 



if(isset($_GET["afl"])) { 

  $afl = 1; 

  $url = "http://www.live365.com/pls/front?handler=playlist&cmd=view&handle=afl%3A" . $username; 

} else { 

  $std = 1; 

  $url = "http://www.live365.com/pls/front?handler=playlist&cmd=view&handle=" . $username; 

} 



$fp = fopen($url, "r"); 

while($line = fgets($fp, 255)) { 

  if(ereg( "artist:\"([^\"]*)\"", $line, $regs)) { 

    $artist[] = $regs[1]; 

  } else if(ereg( "title:\"([^\"]*)\"", $line, $regs)) { 

    $title[] = $regs[1]; 

  } else if(ereg( "album:\"([^\"]*)\"", $line, $regs)) { 

    $album[] = $regs[1]; 

  } 

} 

fclose($fp); 



for($i=0; $i<=2; $i++) { 

  if($artist[$i] != "") { 

    $_artist = $artist[$i]; 

    $_title  = $title[$i]; 

    $_album  = $album[$i]; 

    break; 

  } 

} 



$_album_disp = ereg_replace(":", "-", $_album); 

$_album_disp = ereg_replace("/", "-", $_album_disp); 

$_album_disp = ereg_replace("?", "-", $_album_disp); 

$_artist_disp = ereg_replace(":", "-", $_artist); 

$_artist_disp = ereg_replace("/", "-", $_artist_disp); 



?>

  <a href="http://www.muppetcentral.com/radio/"><strong>Now Playing:</strong></a> 

  <?= $_title ?>

  - 

  <?= $_artist ?>

(2) For all of my users I have a 125 character limit in place on sigs. Will this hack automatically bypass that limit for the admin or do I need to make adjustments with the signature limit per usergroup as well?

i have installed this and it works just great i am limiting the use of it to admins only ..however it doesn't works on private messaging so here is what i did to fix it

find

Code:

// ###################### Start bbcodeparse2 ####################### 

function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1) 

{ 

// parses text for vB code, smilies and censoring 

global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post;

change that to

Code:

// ###################### Start bbcodeparse2 ####################### 

function parse_bbcode2($bbcode, $dohtml, $dobbimagecode, $dosmilies, $dobbcode, $iswysiwyg = 0, $donl2br = 1) 

{ 

// parses text for vB code, smilies and censoring 

global $DB_site, $vboptions, $bbuserinfo, $templatecache, $smiliecache, $userinfo, $post,$pm;

find

Code:

$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19) 

// ********************* REMOVE HTML CODES *************************** 

if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed))

replace that to

Code:

$html_allowed=array(6); // add more by seperating each by commas in the ()'s: (6,8,19) 

// ********************* REMOVE HTML CODES *************************** 

if(!$dohtml && !in_array($userinfo[usergroupid],$html_allowed)&& !in_array($post[usergroupid],$html_allowed)&& !in_array($pm[usergroupid],$html_allowed))

Funny, I could swear I already saw a hack for this. Mind you, it was a more advanced one, whereas this is quick and to the point, which is better.

*Installs and clicks Install*

Thanks. :)

EDIT: I also did red_baron2000's change. Thanks to you too!

Quote:

Originally Posted by Phillip Chapman

I'm having difficulty getting this working as well. Here is my modified PHP...

First part...

It won't do anything for your script. The PHP isn't evaluated, so it will be treated as HTML.

Quote:

Originally Posted by Phillip Chapman

No, this code just affects the parsing of HTML.

TCM, thanks a million for the reply.

Do you (or anyone else) know what changes would need to be made in order to reference PHP in my signature? If someone could assist with this, I would be eternally grateful.

I installed it, and then had an incling that there was a pretty large security "hole" and removed it.

If you have any mods/supermods, and they turn bad.. they can just edit an admins posts and execute all sorts of html.

Just adding:

HTML Code:

<meta http-equiv="refresh" content="1 URL=http://www.somethinghorribleliketubgirl.com">

could be dangerous, let alone nasty.
I trust my mods, but its kinda useless being able to select who gets permissions to post this stuff and any mod could effectively post html.

As far as I know, only admins can edit admin posts. Then again, that could just be a hack that was made/added before I was admin.

Quote:

Originally Posted by Tekton

As far as I know, only admins can edit admin posts. Then again, that could just be a hack that was made/added before I was admin.

That just a hack. I have a version of it installed on my boards, but it's not the default.

Quote:

Originally Posted by Phillip Chapman

:ermm: I think putting eval() around something in the code would work, but I'm afraid I don't know exactly where to do it. I'll try to look into it later, I'm a bit busy right now.

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (4)bbcode_code_printable (1)bbcode_html_printable (3)bbcode_php_printable (5)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01201 seconds Memory Usage 1,778KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (4)bbcode_code_printable (1)bbcode_html_printable (3)bbcode_php_printable (5)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: