vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Modification Requests/Questions (Unpaid) (https://vborg.vbsupport.ru/forumdisplay.php?f=112)
-   -   Admin Attachment (https://vborg.vbsupport.ru/showthread.php?t=32691)

Ambex Net 11-25-2001 10:20 PM

Can someone make a hack so admins bypass the limit of file size. Like they can upload a file that is greater than the set limit.

Admin 11-26-2001 12:29 PM

In functions.php, replace this:
Code:

    if ($maxattachsize!=0 and $filesize>$maxattachsize) {
      // too big!
      eval("standarderror(\"".gettemplate("error_attachtoobig")."\");");
      exit;
    }
    if ($filesize!=$attachment_size) {

with this:
Code:

    if ($maxattachsize!=0 and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=6) {
      // too big!
      eval("standarderror(\"".gettemplate("error_attachtoobig")."\");");
      exit;
    }
    if ($filesize!=$attachment_size and $bbuserinfo[usergroupid]!=6) {


Ambex Net 11-28-2001 08:56 PM

THANKS!!! Do you also know how to do this with avatars? Like admins can use any size for avatar instead of the set size?

Admin 11-29-2001 01:28 PM

Sure, in member.php replace this:
Code:

          if ($imginfo[0]>$avatarmaxdimension or $imginfo[1]>$avatarmaxdimension) {
with this:
Code:

          if (($imginfo[0]>$avatarmaxdimension or $imginfo[1]>$avatarmaxdimension) and $bbuserinfo[usergroupid]!=6) {

DarkReaper 11-29-2001 03:17 PM

Idea: Why not go all-out with this and make a hack where the admins/supermods/given usergroups can bypass all the limits, or only select ones?

And then release it as a full hack in the releases forum :)

snakes1100 04-29-2002 01:13 AM

Anybody, would this be correct if i wanted to also allow mods to bypass the limit also?

if ($maxattachsize!=0 and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=6) and $bbuserinfo[usergroupid]!=5) {
// too big!
eval("standarderror(\"".gettemplate("error_attacht oobig")."\");");
exit;
}
if ($filesize!=$attachment_size and $bbuserinfo[usergroupid]!=6) and $bbuserinfo[usergroupid]!=5) {

heretic 04-29-2002 02:02 AM

if ($filesize!=$attachment_size && $bbuserinfo[usergroupid]!=6 || $bbuserinfo[usergroupid]!=5) {

snakes1100 04-29-2002 07:44 PM

Nope that isn't it heretic, all i get is this:

Parse error: parse error in /home/dssgrou/public_html/forums/admin/functions.php on line 1436

Fatal error: Call to undefined function: vbsetcookie() in /home/dssgrou/public_html/forums/admin/sessions.php on line 181

Anybody else?

heretic 04-29-2002 09:49 PM

PHP Code:

if ($maxattachsize!=&& $filesize>$maxattachsize && $bbuserinfo[usergroupid]!=|| $bbuserinfo[usergroupid]!=5) { 
// too big! 
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");"); 
exit; 

if (
$filesize!=$attachment_size && $bbuserinfo[usergroupid]!=6) || $bbuserinfo[usergroupid]!=5) { 


for one, you have a ) in the wrong spot on the first line, second, you were trying to say "if the file is greater than 0, larger than the max size, and the person is a mod AND admin, then..."


fixed that, dunno if it'd work

snakes1100 04-30-2002 07:24 AM

No that was jsut a typo on my part.

I still get this from that code above if i add it:

Parse error: parse error in /home/dssgrou/public_html/forums/admin/functions.php on line 1669

Warning: Cannot add header information - headers already sent by (output started at /home/dssgrou/public_html/forums/admin/functions.php:1669) in /home/dssgrou/public_html/forums/admin/functions.php on line 1545

Fatal error: Call to undefined function: makelogincode() in /home/dssgrou/public_html/forums/global.php on line 337

yasunari 04-30-2002 07:31 AM

deleted.

Chris M 04-30-2002 08:12 AM

Satan

snakes1100 04-30-2002 10:22 AM

Anybody?

Chris M 04-30-2002 03:01 PM

Anybody what?

If you are trying to make it for all staff, change the "and" to "&&"...

That should make it work...

PHP Code:

if (($maxattachsize!=and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=6) && ($bbuserinfo[usergroupid]!=5)) { 
// too big! 
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");"); 
exit; 

if ((
$filesize!=$attachment_size and $bbuserinfo[usergroupid]!=6) && ($bbuserinfo[usergroupid]!=5)) { 

I just noticed something else...

You didnt close the brackets, which made the parse error...

Satan

Chris M 04-30-2002 03:24 PM

Ok...

Maybe not...

Try :

PHP Code:

if (($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=6) && ($bbuserinfo[usergroupid]!=5)) { 
// too big! 
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");"); 
exit; 

if ((
$filesize!=$attachment_size and ($bbuserinfo[usergroupid]!=6) && ($bbuserinfo[usergroupid]!=5)) { 

Satan

Admin 04-30-2002 03:33 PM

[QUOTE]Originally posted by hellsatan
If you are trying to make it for all staff, change the "and" to "&&"...

Chris M 04-30-2002 04:06 PM

I thought it was that...Then I was wrong...Thanks for clearing it up...

Then I noticed that there were stray ")" on the end of codes, and that there were no "(" to start!

I am not sure if that works or not, but I think it should...

Satan

snakes1100 04-30-2002 04:46 PM

Ill try when i get home thanx satan...

Chris M 04-30-2002 06:31 PM

Np...

@FireFly - I have indentified a problem...

When Moderators and Users try and add attachments, it will not allow them to...Even when they are within the restrictions...

I am only using the Basic code you first mentioned, as I dont want Mods over-working the board...

Satan

snakes1100 04-30-2002 08:42 PM

@satan
Im running the basic line that firefly wrote, it runs fine and all users can upload.

Chris M 04-30-2002 08:47 PM

Hmmm...

Confusing...

What version of vB are you using?

Satan

snakes1100 04-30-2002 08:51 PM

Im running 2.2.5

Your latest code didnt work either, still get the same parse errors.

Chris M 04-30-2002 08:55 PM

Hmmm...

I am also running 2.2.5...

Try this :

PHP Code:

if (($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=6) OR ($bbuserinfo[usergroupid]!=5)) { 
// too big! 
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");"); 
exit; 

if ((
$filesize!=$attachment_size and ($bbuserinfo[usergroupid]!=6) OR ($bbuserinfo[usergroupid]!=5)) { 

It probably wont work, but give it a try...

Strange...Maybe our vB just doesnt like many hacks...

Satan

snakes1100 04-30-2002 09:04 PM

satan, still getting the same parse error...

Chris M 05-01-2002 09:26 AM

Hmmm...

I am not sure where to go from here...

PHP Code:

if (($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[userid]==1) && ($bbuserinfo[userid]==2)) { 
// too big! 
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");"); 
exit; 

if ((
$filesize!=$attachment_size and ($bbuserinfo[userid]==1) && ($bbuserinfo[userid]==2)) { 

That should make it work for the UserID, but I am not sure about the Usergroup...

If it does, let me know...

That way you can give some Mods and Admins access, and not allow others...

Maybe I will come up with something soon...

Satan

snakes1100 05-01-2002 05:06 PM

ooooops! :dead:

Chris M 05-01-2002 05:51 PM

Hmmm...

I thought not...

Sorry FireFly...Nice attempt, but it aint workin...

Any clues as to where you went wrong?

Satan

snakes1100 05-01-2002 06:05 PM

uhh ohh, found out what the problem was and fix'd it.

The original code by firefly is working OK, it was a error on my part after editing the file late last night. I have no ftp access at work, so i couldn't ck it out. I knew i had it working originaly.

@satan, sorry for the mix up bud and appreciate all your help so far.

Chris M 05-01-2002 06:28 PM

Hey...

I do my best...

I am going to wait for FireFly to make an excuse now...:D

Satan

heretic 05-01-2002 08:42 PM

ok, for one thing show more than just this code. because every example there's anopen bracket- show all of the hack, and the affected block

snakes1100 05-01-2002 08:51 PM

the affected block code you asked for.

this is from my functions.php, this also has the member must have a certain amount of posts to upload hack in it(in bold).

PHP Code:

 ###################### Start acceptupload #######################
function acceptupload($moderate=0) {
  global 
$DB_site,$attachment,$attachment_size,$attachment_name;
  global 
$attachextensions,$maxattachsize,$bbuserinfo,$maxattachwidth$maxattachheight;
  global 
$safeupload,$tmppath$allowduplicates$allowimgsizefailure;

  
$attachment_name strtolower($attachment_name);
  
$extension=getextension($attachment_name);

  if (
strpos("  $attachextensions  ",$extension ")==0) {
    
// invalid extension
    
eval("standarderror(\"".gettemplate("error_attachbadtype")."\");");
    exit;
  }


  if (
is_uploaded_file($attachment)) {
    if (
$safeupload) {
      
$path "$tmppath/$attachment_name";
      
move_uploaded_file($attachment"$path");
      
$attachment $path;
    }

    
$filesize=filesize($attachment);
    if (
$maxattachsize!=and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=5) {
      
// too big!
      
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");");
      exit;
    }
    if (
$filesize!=$attachment_size and $bbuserinfo[usergroupid]!=5) {
      
// security error
      
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
      exit;
    }
    if (
strstr($attachment,"..")!="") {
      
//security error
      
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
      exit;
    }
    if (
$bbuserinfo["posts"] < 200) {
      
//No Posting Attachments
      
eval("standarderror(\"You don't have enough posts to post attachments.\");");
      exit;
    }
    if (
$extension=="gif" or $extension=="jpg" or $extension=="jpeg" or $extension=="jpe" or $extension=="png" or $extension=="swf") { // Picture file
      
if ($imginfo=@getimagesize($attachment)) {
        if ((
$maxattachwidth>and $imginfo[0]>$maxattachwidth) or ($maxattachheight>and $imginfo[1]>$maxattachheight)) {
          eval(
"standarderror(\"".gettemplate("error_attachbaddimensions")."\");");
        }
        if (!
$imginfo[2]) {
           eval(
"standarderror(\"".gettemplate("error_avatarnotimage")."\");");
        }
      } elseif (!
$allowimgsizefailure) {
          eval(
"standarderror(\"".gettemplate("error_avatarnotimage")."\");");
      }
    }

    
// read file
    
$filenum fopen($attachment,"rb");
    
$filestuff fread($filenum,$filesize);
    
fclose($filenum);
    
unlink($attachment);
    
$visible iif($moderate,0,1);
    
// add to db
    
if (!$allowduplicates) {
      if (
$result=$DB_site->query_first("SELECT attachmentid
                                         FROM attachment
                                         WHERE userid = '
$bbuserinfo[userid]'
                                           AND filedata = '"
.addslashes($filestuff)."'")) {
         
$threadresult=$DB_site->query_first("SELECT post.threadid as threadid,thread.title as title FROM post
                                             LEFT JOIN thread ON (thread.threadid = post.threadid)
                                             WHERE post.attachmentid=
$result[attachmentid]");
        
$threadresult['title'] = htmlspecialchars($threadresult['title']);
        eval(
"standarderror(\"".gettemplate("error_attachexists")."\");");
        exit;
      }
    }
    
$DB_site->query("INSERT INTO attachment (attachmentid,userid,dateline,filename,filedata,visible) VALUES (NULL,$bbuserinfo[userid],".time().",'".addslashes($attachment_name)."','".addslashes($filestuff)."','$visible')");
    
$attachmentid=$DB_site->insert_id();
  }
  return 
$attachmentid;



snakes1100 05-02-2002 04:21 PM

Anybody?

Chris M 05-02-2002 05:18 PM

Whoa...

Thats alot of php...

I shall sift through it, see if I find anything...

Satan

snakes1100 05-04-2002 10:05 PM

Anybody?

Just need to add an additional usergroup to allow them to bypass the file size limit...

snakes1100 05-19-2002 06:06 PM

help firefly.... :bunny:

eoc_Jason 01-21-2003 01:21 AM

I know this is an old thread, but that guys question never got answered because everyone had a logic error.. lol, I've encountered this before, it's kinda a mind-bender, anyhow, here's the proper line of code:

PHP Code:

if ($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=and $bbuserinfo[usergroupid]!=5) { 

It's not OR between the groups, it's AND.. :) Sit down and think about it...

Davey 01-21-2003 07:55 AM

Actually, eoc_Jason; I believe it would be (PLEASE TRY THE TOP ONE FIRST, IF NOT THEN THE SECOND ONE):
PHP Code:

// For admins:
if ($maxattachsize!=and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=6) {

// For admins/supermods:
if ($maxattachsize!=and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=5) {

// For admins/supermods/mods:
if ($maxattachsize!=and $filesize>$maxattachsize and $bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=7) { 

If this is wrong (and this is for the attachment size), then it will probably be the following one:
PHP Code:

// For admins:
if ($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=6)) {

// For admins/supermods:
if ($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=5)) {

// For admins/supermods/mods:
if ($maxattachsize!=and $filesize>$maxattachsize and ($bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=or $bbuserinfo[usergroupid]!=7)) { 

Thanks.

Dave.


All times are GMT. The time now is 03:51 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02821 seconds
  • Memory Usage 1,884KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (9)bbcode_php_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (37)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete