vb.org Archive
Page 5 of 34 « First 34 5 6715 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.6 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=194)
-   -   Miscellaneous Hacks - CES Parser Permissions (https://vborg.vbsupport.ru/showthread.php?t=138476)

YabbaDabba 04-10-2007 09:24 AM
I think the Preview window not parsing tags per the user's new permissions is the biggest problem we are seeing.

YabbaDabba 04-15-2007 09:24 AM
Since this hack essentially disables the Preview window for everybody, will you be fixing that problem anytime soon?

Right now, I can't really use this because it causes more problems than it fixes.

thincom2000 04-15-2007 04:05 PM
Fixed the preview window by adding a query when the user clicks the Preview button and combining 2 plugins.

Hopefully these changes fix the PM issues you were having, although I have not been able to test this extensively.

YabbaDabba 04-17-2007 01:36 PM
Wow!

I'll give it a test.

YabbaDabba 04-17-2007 01:45 PM
Quote:
Originally Posted by thincom2000 (Post 1228402)
Fixed the preview window by adding a query when the user clicks the Preview button and combining 2 plugins.

Hopefully these changes fix the PM issues you were having, although I have not been able to test this extensively.
In your new ver 1.2.4 zip, the readme states:
Quote:
INSTALLATION
In forum/
-----------------------------
- upload: product-ces_html_profile.xml
Still not sure what you are after here. Do you actually want this in the forum root?
Do I have to install from the forum root on the server, or can I just install from a local copy on my personal computer?

Sorry for being so thick here. :D

YabbaDabba 04-17-2007 02:18 PM
And in
admincp > vB Options > CES Profile Fields
the section for the Global Variables for the "anything" tag are no longer there.
I assume that is by design.

YabbaDabba 04-17-2007 03:12 PM
Preview is much, much more consistent now.

Preliminary results:

1 - Preview seemed to function normally for those with all CES tag permissions - like my admin account.

2 - Still some odd behavior for those with no IMG permissions.
A - they can't see any images in any posts by any poster. I think this is too much. I would allow them to see images added to a thread by those posters with image permissions. Those wiith no IMG permissions just can't add images themselves.
B - Inconsistent treatment between WYSIWYG and Preview. This is very, very close, but...
The IMG tag is not parsed at all in the WYSIWYG editor and is parsed in the Preview (as a url tag). I suppose there are arguments for doing it that way, but it seems more consistent to have the WYSIWYG editor parse the IMG tags as a URL, just like Preview.
C - This may be related to "B", but I see some behavior in Preview that seems inconsistent with IMG tags inside URL tags. If there is just an IMG tag, Preview displays the image url as a hot link to the image. If the IMG tag set is sandwiched between a URL tag set, Preview still displays it as a hot link to the image. But the WYSIWYG editor seems to parse just the URL tag. That is, the editor displays the image url inside unparsed IMG tags, but hot linked to the url inside the url tag. After being submitted, the URL/IMG combo is displayed as an image url hotlinked to the image. The URL tag is ignored completely.

============

Some thoughts about the general approach to handling tag permissions:

As is, this current scheme doesn't really solve the porn spammer problem. Anybody with IMG tag permissions ON can see the images. I'd have to deny access to IMG tags for practically all members and guests to stop the spammers and this doesn't make sense to me. Also, even if you can successfully hide the images from members with "tag permissions = ON", there is the situation where a problem member successfully sprinkles his posts with inappropriate images. The images will appear as images once they get promoted to a group with greater image permissions.

Wouldn't it be more sensible to just force the IMG tags to be URL tags forever?

Or even better, I'd much rather FULLY deny access to the IMG tag for all members of that group. That is, just strip (delete) the IMG tag from the post completely. No permission = no use = not in post = not in database. The image url appears as unparsed text.

Same for html, smilies, and BB codes. If they don't have permission, the tags are stripped completely from the post when they use Preview or Submit or Save.

=============

Thanks again for your continuing efforts.

thincom2000 04-18-2007 05:19 AM
Quote:
Originally Posted by YabbaDabba (Post 1229753)
2 - Still some odd behavior for those with no IMG permissions.
A - they can't see any images in any posts by any poster. I think this is too much. I would allow them to see images added to a thread by those posters with image permissions. Those wiith no IMG permissions just can't add images themselves.
This is indeed odd behavior. Are you positive this is only happening with the IMG tag? I didn't modify the way in which any permissions were determined, just the spelling errors from before.

Quote:
Originally Posted by YabbaDabba
B - Inconsistent treatment between WYSIWYG and Preview. This is very, very close, but...
The IMG tag is not parsed at all in the WYSIWYG editor and is parsed in the Preview (as a url tag). I suppose there are arguments for doing it that way, but it seems more consistent to have the WYSIWYG editor parse the IMG tags as a URL, just like Preview.
Not exactly sure why there are differences here. It may have something to do with the overall problems with the IMG tag you seem to be having.

Quote:
Originally Posted by YabbaDabba
If the IMG tag set is sandwiched between a URL tag set, Preview still displays it as a hot link to the image. But the WYSIWYG editor seems to parse just the URL tag. That is, the editor displays the image url inside unparsed IMG tags, but hot linked to the url inside the url tag. After being submitted, the URL/IMG combo is displayed as an image url hotlinked to the image. The URL tag is ignored completely.
This is not an issue related to this mod. I have read elsewhere that vBulletin has this strange behavior when combining URL and IMG tags, because vBulletin automatically converts unparsed IMGs to URLs (this was not functionality I added). I have also read about strange behavior when using [noparse] and [font]. These are what we may consider bugs but more often than not Jelsoft claims is "Working as Designed."

Quote:
Originally Posted by YabbaDabba
As is, this current scheme doesn't really solve the porn spammer problem. Anybody with IMG tag permissions ON can see the images. I'd have to deny access to IMG tags for practically all members and guests to stop the spammers and this doesn't make sense to me. Also, even if you can successfully hide the images from members with "tag permissions = ON", there is the situation where a problem member successfully sprinkles his posts with inappropriate images. The images will appear as images once they get promoted to a group with greater image permissions.

Wouldn't it be more sensible to just force the IMG tags to be URL tags forever?
What you are describing is the inverse of what this mod was designed to do. I spent many hours getting around this before the original release, so again I really hope this is only occurring with IMG tags.

YabbaDabba 04-18-2007 05:57 AM
Does this uninstall cleanly?

What I'll do is uninstall and do a fresh install and check with more browsers.

Above problems noted in IE7.

thincom2000 04-18-2007 05:04 PM
Try replacing your bbcode_parse_start plugin with this:

PHP Code:
if (THIS_SCRIPT != 'member')
{
    global $newpost$userinfo;

    $postusername = (($newpost['username'] != '') AND ($newpost['username'] != $this->registry->userinfo['username'])) ? $newpost['username'] : '';

    if (!$this->post['usergroupid'] AND $postusername)
    {
        $userinfo $this->registry->db->query_first("
            SELECT usergroupid, membergroupids 
            FROM " TABLE_PREFIX "user
            WHERE userid = $newpost[username]
        ");
    }
    else if (!$this->post['usergroupid'] AND isset($newpost))
    {
        $userinfo['usergroupid'] = $this->registry->userinfo['usergroupid'];
        $userinfo['membergroupids'] = $this->registry->userinfo['membergroupids'];
    }
    else if (!isset($newpost) AND ($this->post['usergroupid'] OR $newpost['usergroupid']))
    {
        $userinfo['usergroupid'] = $newpost $newpost['usergroupid'] : $this->post['usergroupid'];
        $userinfo['membergroupids'] = $newpost $newpost['membergroupids'] : $this->post['membergroupids'];
    }

    $userinfo['permissions'] = cache_permissions($userinfo);
}

$this->set_parse_userinfo($userinfo$userinfo['permissions']);

$check_ugp convert_bits_to_array($this->parse_userinfo['permissions']['ces_parser_permissions'], $this->registry->bf_ugp['ces_parser_permissions']);
$bad_tags explode(','$this->registry->options['bad_tags']);

$dobbcode = ($check_ugp['can_bbcode_post'] AND $dobbcode) ? true false;
$dosmilies = ($check_ugp['can_smilies_post'] AND $dosmilies) ? true false;
$dobbimagecode = ($check_ugp['can_imgcode_post'] AND $dobbimagecode) ? true false;

if ($check_ugp['can_html_post'] AND $dohtml)
{
    $dohtml true;
    foreach ($bad_tags AS $badtag)
    {
        $badtag html_entity_decode($badtag);
        $text str_replace'<' trim($badtag), htmlspecialchars('<' trim($badtag)), $text);
        $text str_replace'</' trim($badtag), htmlspecialchars('</' trim($badtag)), $text);
    }
    unset($badtag$badtags);
}
else
{
    $dohtml false;



All times are GMT. The time now is 03:56 PM.
Page 5 of 34 « First 34 5 6715 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01263 seconds
  • Memory Usage 1,790KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php_printable
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete