vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   Show Thread Enhancements - Thread Passwords (Updated to VB4 by BOP5) (https://vborg.vbsupport.ru/showthread.php?t=281649)

BirdOPrey5 04-15-2012 10:00 PM
Thread Passwords (Updated to VB4 by BOP5)
 
1 Attachment(s)
Updated by BirdOPrey5

This is a quick update of the vBulletin 3.6 mod by netwind: Thread Passwords (VB 3.6)

It is marked Re-Usable Code.

NOTE: Confirmed bug affecting all attachments. See post #20.

By request I have updated this to work on the latest vBulletin, VB 4.1.12. It should work on all 4.x versions.

There are NO new features, it is a simple update so it works with 4.x

I will not be providing official support for this mod- truth be told I'm not sure how it works, only that it does in my quick tests.

This is the original description:

Quote:
This hack allow protect thread by password same way as forums.
Administrator and moderators can change password, can appoint thread masters.
Thread masters can only change password.

All thread content are protected by password : attachments,printable version, archive,
search results. Instant subscription letters will not contain message.
Please "Mark as Installed" if you use it. :)

BirdOPrey5 04-16-2012 09:16 PM
Reserved.

Mr_Running 04-17-2012 12:33 AM
Okay, Is there an On and Off Switch? I am having trouble finding it. LOL

Settings? as far as settings I am guessing no...


Edit: Tagged. :)

BirdOPrey5 04-17-2012 01:04 AM
No settings, just install the mod and it's enabled. Once you make the template edits it will be ready to go.

drchinh 04-19-2012 10:01 AM
@BirdOPrey5:
Thank you very much, I will install this mod as soon as possible

thunderclap82 04-25-2012 11:25 PM
When someone enters a password (right or wrong) I'm getting a Security Token error. Any ideas?

BirdOPrey5 04-26-2012 11:54 AM
Are cookies enabled? Cookies must be enabled on the browser for the mod to work.

If they are can you give me a link to a password tread? I will see if I can see anything obvious. (Assuming it is guest accessible).

thunderclap82 04-26-2012 01:02 PM
Cookies are enabled, and I've had several users attempt it.

In setting up a post for you I did narrow down the problem. Unregistered users can access the thread after entering the password, however if a registered user tries that's when the security token error pops up.

BirdOPrey5 04-26-2012 03:24 PM
I do confirm the bug with non-logged-in users. Unfortunately still trying to get a new laptop setup so I don't have access to any of my mod source files right now. Will look into it in a few days when I'm back online.

EDIT-

You could try editing the threadpassword.php file.

Change this line near the top:

From:
PHP Code:
define('CSRF_PROTECTION'true); 
to:

PHP Code:
define('CSRF_PROTECTION'false); 

thunderclap82 04-26-2012 03:25 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2323755)
I do confirm the bug with non-logged-in users. Unfortunately still trying to get a new laptop setup so I don't have access to any of my mod source files right now. Will look into it in a few days when I'm back online.
Whew! Okay. Thanks! I'm happy its not just me. I appreciate your helping to try and resolve the issue.

BirdOPrey5 04-26-2012 03:38 PM
You're welcome. I made an edit to the post above with something you can try if you feel like manually editing a file- otherwise wait until I get a chance and I will try it myself.

thunderclap82 04-26-2012 03:47 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2323767)
You're welcome. I made an edit to the post above with something you can try if you feel like manually editing a file- otherwise wait until I get a chance and I will try it myself.
That fixed it! Is it safe to have the CSRF Protection off though?

BirdOPrey5 04-26-2012 10:04 PM
For a mod like this I don't see a problem. When I get my system back I'll go through the code thoroughly and see why it isn't working to begin with. It's not like anyone can post to the forum via this script- there would be no benefit sending a thread password from an outside domain- nothing to be gained.

BirdOPrey5 04-28-2012 06:18 PM
Updated to 0.91- fixes the security token error and keeps cross-site scripting protection enabled.

You must re-upload all files and re-import the product xml file.

New Joe 05-09-2012 07:12 AM
Installed
But they only thing is it shows a preview of what is in the Thread on the CMS page and the sidblock on New Forum Posts

Also on the mouse hover over the Thread title.

BirdOPrey5 05-09-2012 10:36 AM
Yeah, I can imagine that would probably happen. Keep sensitive info out of the preview area. ;)

TinCow1 05-09-2012 06:53 PM
Great module! One question: is there a way to add the password and Thread Master fields on thread creation, instead of having to post the thread, then go back and edit it?

BirdOPrey5 05-09-2012 11:45 PM
Probably and I encourage people to try adding this feature. It is "Re-usable code" so anyone can make additions or changes to it.

TinCow1 05-10-2012 01:08 AM
Thanks, I'll give it a try in a bit. Unfortunately, I've run into a more significant problem. With the module enabled, all attachments on my entire forum break. They appear to upload properly, but they do not display at all. No thumbnail shows, all that is visible is the mouseover text with a link. Clicking the link opens the window where the attachment image is usually shown, but it never loads and eventually returns an error. I have tested the module with and without the template edit, and the error is there even without the template edit, so it appears to be something within the module files themselves. Do you have any idea which section could be causing the conflict?

BirdOPrey5 05-10-2012 10:30 AM
Confirmed.

Immediate work-around is to disable the "thread password" plugin on the attachment_display hook.

Disabling this will allow users who do not have the password to the thread to see attachments in that thread if someone gave them the URL of the attachment- this may or may not be a problem for you.

I don't see an immediate long-term solution, I will try to work on it when I get a chance.

TinCow1 05-10-2012 11:02 AM
Excellent, that did indeed fix the problem. I feel a bit silly for not checking the plugin list, that one was rather obvious once I saw it. :P

That feature really isn't much of an issue for how I plan on using the system, so I'm perfectly happy to run it without it. If it can be fixed later, that's great, but if not it's still a great module without it.

New Joe 05-11-2012 04:55 AM
I had to take this out.
Reason being, that with this installed it made all posts with images, even Threads without having a password, showing as 'broken' images (you know the images which show a little broken icon instead of the picture).

As soon as I took this modification out the images within posts were showing fine again.

Update to my post
I just read the above 3 posts so I see you know about it.
I will leave it not installed for the time being though.

Tiksa 06-15-2012 10:46 AM
I have installed it but i can't find where i can set the password for thread? What do i need rot do?
I cand find the code in template show thread.
What to do.

BirdOPrey5 06-15-2012 06:08 PM
if you can't find this code in your SHOWTHREAD template:

Code:
<li><a href="{vb:raw $vboptions.vbforum_url}{vb:if "$vboptions['vbforum_url']", '/', ''}printthread.php?{vb:raw session.sessionurl}t={vb:raw threadid}<vb:if condition="$perpage">&amp;pp={vb:raw perpage}</vb:if><vb:if condition="$pagenumber">&amp;page={vb:raw pagenumber}</vb:if>" accesskey="3" rel="nofollow">{vb:rawphrase show_printable_version}</a></li>
You probably have a custom style- you will need to look for code like it...

earch for "show_printable_version"

ArsMagnum 08-26-2012 08:00 PM
Question, what usergroups can access the password threads without having to give the password... Admins of course, but, what about mods and supermods?... Is there a way to edit this?...

Thank you...

By the way, the mod has been very useful =P...

BirdOPrey5 08-26-2012 10:29 PM
Admins, super-mods, and mods of the forum the thread is posted in should have access.

I don't use this mod and have uninstalled it so I don't have any more info.

Mikhael_ 01-16-2014 03:24 PM
I just install it on my test forum (4.2.1).
I uploaded the file, imported the xml and change the template but when I click on
Setup thread password appear this message:
Code:
Fatal error: Call to undefined function threadpassword_atos() in C:\xampp\htdocs\test\threadpassword.php on line 74
Any idea? Thanks in advance!

tme_power 01-20-2014 04:23 AM
Mark as Installed. Finally someone did this!

nano_9219 01-24-2014 11:44 AM
Thanks for this MOD.

GPOClan 03-30-2014 10:30 AM
Great mod, thanks!

Is it possible that every user, including super-mods etc., has to enter the password? This would be great!

Thank you.

IggyP 01-19-2018 01:26 PM
i like the idea of this....one other basic thing you would sort of think would already be there but isnt....didnt work for us on 4.2.5 tho....installed ok, template edit no problem...but when clicking to setup the pw its this mess

Quote:
userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) OR ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) OR can_moderate($threadinfo['forumid']) OR isset($masters[$vbulletin->userinfo['userid']]) ) { return true; } if ($temp = fetch_bbarray_cookie('threadpwd', $threadid) AND $temp === md5($vbulletin->userinfo['userid'] . $password)) { return true; } if ($showerror) { require_once(DIR . '/includes/functions_misc.php'); // thread password is bad - show error eval(standard_error(fetch_error('threadpasswordmis sing', $vbulletin->session->vars['sessionhash'], $vbulletin->scriptpath, $threadid, construct_post_vars_html(), $stylevar['cellpadding'], $stylevar['cellspacing'], $vbulletin->userinfo['securitytoken'] ))); } else { // forum password is bad - return false return false; } } function threadpassword_atos($idarray){ global $vbulletin; if (!is_array($idarray)) { return array('','');}; if (count($idarray)==0) { return array('','');}; $idstr=join(',',array_keys($idarray)); $nameq = $vbulletin->db->query_read(" SELECT userid,username FROM " . TABLE_PREFIX . "user WHERE userid in ($idstr) order by username"); $userstr='';$userstrh=''; $delim=''; while ($usr= $vbulletin->db->fetch_array($nameq)) { $userstr .= $delim . $usr['username']; $userstrh .= "$delim$usr[username]"; $delim = ','; } return array($userstr,$userstrh); } function threadpassword_stoa($nickstring){ global $vbulletin; $a=explode(',',$nickstring); $namesa=array(); foreach ($a as $key) { $namesa[] = "'" . $vbulletin->db->escape_string(trim($key)) . "'"; } $sqlfetch=join(',',$namesa); $useridsq=$vbulletin->db->query_read("select userid from " . TABLE_PREFIX . "user where username in ($sqlfetch) order by userid"); if ( $vbulletin->db->num_rows($useridsq) < 0 ) { return array(); } $result=array(); while ($row=$vbulletin->db->fetch_array($useridsq)) { $result[$row[userid]]=1; } return $result; } ?>

that make sense to anyone? that attachment workaround worked too, thought it was home free till that last bit..

thanks

BirdOPrey5 01-20-2018 03:02 PM
It looks like you uploaded a PHP file to your site in binary mode which didn't preserve the line endings. PHP (as well as HTML, TXT and other text based files) need to be uploaded in ASCII mode by your FTP client. By default Filezilla will usually do this for you but if for some reason something went wrong or you're using a different app you may need to set it manually,

Images would need to upload in binary or they break, so you can't always stay in ASCII mode.

IggyP 01-21-2018 01:44 AM
hmm i havent had any issues with that before...i have it set to auto in filezilla...

you think something in this product is making it transfer the incorrect way?

i guess i will compare the php files just sounds like an odd issue i never saw before, got me curious some..

thank you

IggyP 01-21-2018 02:19 AM
i tried again just now, with a default vb4.2.5 install...the domain was setup with php 7.1 but the first part of the result was similar..

Quote:
userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) OR ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) OR can_moderate($threadinfo['forumid']) OR isset($masters[$vbulletin->userinfo['userid']]) ) { return true; } if ($temp = fetch_bbarray_cookie('threadpwd', $threadid) AND $temp === md5($vbulletin->userinfo['userid'] . $password)) { return true; } if ($showerror) { require_once(DIR . '/includes/functions_misc.php'); // thread password is bad - show error eval(standard_error(fetch_error('threadpasswordmis sing', $vbulletin->session->vars['sessionhash'], $vbulletin->scriptpath, $threadid, construct_post_vars_html(), $stylevar['cellpadding'], $stylevar['cellspacing'], $vbulletin->userinfo['securitytoken'] ))); } else { // forum password is bad - return false return false; } } function threadpassword_atos($idarray){ global $vbulletin; if (!is_array($idarray)) { return array('','');}; if (count($idarray)==0) { return array('','');}; $idstr=join(',',array_keys($idarray)); $nameq = $vbulletin->db->query_read(" SELECT userid,username FROM " . TABLE_PREFIX . "user WHERE userid in ($idstr) order by username"); $userstr='';$userstrh=''; $delim=''; while ($usr= $vbulletin->db->fetch_array($nameq)) { $userstr .= $delim . $usr['username']; $userstrh .= "$delim$usr[username]"; $delim = ','; } return array($userstr,$userstrh); } function threadpassword_stoa($nickstring){ global $vbulletin; $a=explode(',',$nickstring); $namesa=array(); foreach ($a as $key) { $namesa[] = "'" . $vbulletin->db->escape_string(trim($key)) . "'"; } $sqlfetch=join(',',$namesa); $useridsq=$vbulletin->db->query_read("select userid from " . TABLE_PREFIX . "user where username in ($sqlfetch) order by userid"); if ( $vbulletin->db->num_rows($useridsq) < 0 ) { return array(); } $result=array(); while ($row=$vbulletin->db->fetch_array($useridsq)) { $result[$row[userid]]=1; } return $result; } ?> Call to undefined function threadpassword_atos() on line 74 in /public_html/threadpassword.php
#0 {main}
that call to undefined function at the end help at all?

the rest of the errors follow..

Quote:
Fatal User Error: Call to undefined function threadpassword_atos() on line 74 in ..../threadpassword.php in ..../vb/vb.php on line 286
Trace Data:

#1 : vbstop() called in ..../includes/class_core.php on line 6089
#2 : vbulletin_error_handler() called in on line
#3 : trigger_error() called in ..../vb/vb.php on line 286
#4 : vB::handleException() called in on line
i dont know really how to even try troubleshooting farther....i know its marked unsupported but could be a good thing to see working...

thanks joe

chudvs 09-06-2019 09:10 AM
pity i could really do with this right now


All times are GMT. The time now is 07:13 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01292 seconds
  • Memory Usage 1,821KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (2)bbcode_php_printable
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (35)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete