Read Your Members Private Messages (v1.2)
 

First of all, I take no credit for this hack as its original coding and design is product of Scott And Xiphoid as shown in:

https://vborg.vbsupport.ru/showthread.php?t=59617

This hack is merely a bug fix and feature fix, as when I originally used the script I noticed a lot of small visual problems as well as misc other things.

Lots of the linking was a bit messed up, when you read peoples PM's you couldnt tell who they were from, it only shown who they were to etc.. Just a lot of stuff, I added who they were sent from, and sent to and clicking on the names take your to Their inbox instead of their userinfo section in the Admin Panel etc..

So yes, they get all the credit, I just thought people would want the bug fixed version. If scott or xiphoids wants to take this thread down, and stick the script in their original thread - fine by me.

Enjoy, and thanks you for making it first, lol.

Did you get permission off floris/scott? Also if this is his code just touched up it shouldn't really be a new release :)

Nah I didnt get his permission, but his release was quite buggy and personally I dont think you should release something if its got obvious bugs in it, im just doing a service for people that want something thats clean.

All I did was clean up what was there and add a few more features, all of the code in that script is generic functions used by Vbulletin to handle PM's anyway so no worries. :)

Trigunflame... the point is not the work you've done on the script, but the rules...

if you want to play on the OpenSource playground, you have to follow the rules.
1- ask the originate coder to have the right to release a new version of his work
2- wait for the answer, not just ask.
3- release if you have the right, or make your own version not based on the originate work...

Well

1. I didnt ask because this is not an altogether new thing, its just a bug fix
2. If he doesnt like it, he can get it removed.
3. Most of the code is based solely on vbulletins built in queries that it uses to handle fetching pm's so the only real code modification is that of allowing you to view a particular list of them via an id variable. Technically "making" my own version, would not be feasible as there is really only 1 way as to which to get pm's from a db in the manner in which is needed..
4. Seeing as your a relatively new member, I really dont need to be getting rules from you, thanks.

i will not argue anymore, as it's not my role here, but ...

if it's just a bugfix, why didn't you released it in the originate thread instead ?!.. this is the usual thing we all do here... anyway, good luck with the rules you don't want to follow!

1. The moment you modified one character in the original code, it becomes updated or new.
2. Do the honorable thing, remove it yourself until you obtain permission.
3. Regardless of your incorporation of built-in vBulletin queries, you are doing it on a hack that you did not create. End of story.

Thumbsdown for this hack. I will not be installing it.

lol, jezuz. lol.... i think... if you ask they wouldn't mind... but you should ask... mod please take it off or something, then put it back... :ermm:

I frankly dont care if you install it or not, the release of this was not to present something new, it was to fix something released. So w/e.

Sorry, that doesn't matter. Your thread and others like it are not appreciated. Members who take the time to create a hack are being undermined by people such as yourself who have no respect for another person's work.

I strongly urge you, remove your content and attachment in the first place. If you wait until a moderator or administrator does it, you might come out a little worse off than if you do it now.

Yep, thumbs down. :ermm:

Ok guys calm down :) This guy is sharing his work so lets thank him for that. The point is you need to ask permission for things like this and installers install mods at their own risk :) I'll get back to you...

Here's an addon:

In admincp/user.php

find:
and put this underneath that:
and then add a new phrase, 'view_user_pm' that says "View Private Messages".

This will add the VIEW PRIVATE MESSAGES option to the pulldown at the top when viewing a user in the admincp.

Good addition :)

Sorry if I caused any of you some sort of mental breakdown, lol.. I hardly think Scott or Xiphoid cares as this category is....very bare with not many hacks, so I didnt think it would be that big of a deal to populate it with a new thread of a bugfix and feature addition.

Generally I would certainly do that before modifying a popular and well used hack, IF i was using the code to make something of my own. In this case Im not doing this as crediting the script to me, Im just making a bugfix to their current script because they havent done them, and as I stated before it can be taken down if it offends either of the two.

Thats all I have to say about this, no hard feelings anyone.

i am getting a couple of errors at the top

You guys are a bunch of retards. Calm down.

Great additions Trigunflame !! Definately needed an update . . .

/me clicks install.

Jesus, the guy did say in his post he is not taking credits for that. He is merely contributing to the community.

There is nothing wrong if someone wants to improve.

No offense to the original coders or to the bug fixer here (all of whom I'm sure did a fine job), but I have to give this hack thumbs down just on principle. Why would anyone be reading their member's private messages? :paranoid:

You may want to read the 10+ pages discussing it on the original release in the 2.2 section or the 3.0 release in this section....I originally requested it a long time ago and many people find it useful for MANY different reasons.

Okay I just read the 17 page thread in the 2.2 section and the 7 page thread in this section. I'm disappointed by what I saw, but not at all surprised. It is sadly typical in such situations that only a small handful of people will take a stand against undermining civil liberties such as protection of personal privacy while many others will eagerly trample others rights in favor of maximizing their personal power and control.

Ethical arguments aside, there was no reasonable challenge to Bira's legal points, either. And no, I don't consider your "phpMyAdmin does the same thing" argument effective. As Bira pointed out, you install this hack to read PM's, period. The odds are slim that you install phpMyAdmin for that sole purpose. I strongly encourage anyone who reads this to heed Bira's advice and forewarn their users that their PM's are not private if this hack is installed.

And lastly, the only somewhat reasonable arguments I read in either of those threads (i.e. prevention of spam, porn, warez, and threats) can now be easily handled by simply requesting that your users forward any such PM's to the administration, given the fact that "forward" is now a built in feature that wasn't available when these points were first made.

So with all this in mind, do you have any other justification for enabling easy access to your user's PM's?

The only thing sadly typical is that you read through all that and still decided your opinion was special enough to make another post about it in another thread AGAIN.

The major point all of you guys are missing is that NO ONE CARES. All this hypothetical debate does is demonstrate the absolute height of internet nerdism. Jesus but this stuff gets old.

In short, please take your arguments to one of the other threads. Thanks.

I don't think it is a good idea to criticize any hack and question its morality as everyone has his own needs.

Someone ought to be crazy to sit and go to its members PM. But there will be situations sometimes where you need to access records (that's how I view those PM), not necessarily to snoop around. Then what do you do? Go to mysql? I'll be silly to deny yourselves with fast access to those records.

Someone who is sick enough to snoop on people can do so by accessing the database. He'll be compelled to do it with or without this hack.

As administrators, you have some responsibilities. The same way that you will not be snooping your mysql, I don't see why you will have to do so because of a hack.

I think that if the author renames this hack to "quick access to all pm" instead of "read your members pm" it would have caused less roar.

What you are saying is correct tmhall :) However, as long as you let you users know then it's perfectly legal

shouldn't users also know that you can easily access them thru mysql?

It's not a case of what the user should know. I hardly think that a 10 year old new to the internet who just found a UnrealTournemant forum via a search would know anything about MySQL :)

It's your legal responsibility as site owner to have a privacy policy to cover yourself and explain the usage of data on your site :)

This is a despicable hack and I cannot understand why vb.org administrators can allow it.

There is a reason why "private messages" are called "private". And it's NOT valid to say that the admin can read them easily with phpMyAdmin - this is so because it cannot be avoided. But the hack even encourages an admin to read PNs!

I doubt that this is even legal in most countries ...

awesome, this hack will be good for security measures :)

Personally, I couldn't ethically justify ever installing or using this hack, however there have already been pages and pages of debate on this subject.

It is the individual admin's choice to install it or not, and the debate just circles and circles.

If this is a bug fix, why didn't you contact me or scott about it so we can release an update and credit you for the bug fix? Now we have 2 threads, nothing but confusion.

If you'd have asked me, I would have said 'yeah sure, go ahead', now I just shrug and leave it to the site staff to process.

Ya, they are called private because they are private from OTHER members and not PUBLICLY posted. Most privacy policies say what you will use the info for...not that you don't have access or won't access the info at all. People who think this encourages admins to read their user pms need help. Most of us have enough of a life to not just have some desire to read user pms unless a need or problem occurs. We don't have the time or the will to just go crazy and read pms, especially if you run a busy site. I currently don't have this installed on my new board simply because there is NO problem currently and its still very small so no need. I WOULD NOT count on other users, nor place the burden of them having to forward me certain pms that should not be floating around. The legal aspect was covered in the other thread too and as the wording of the law goes it wouldn't even seem to apply to this....

I guess the "absolute height of internet nerdism" is a relative speculation. To me, that label is more appropriately applied to someone who takes time out of their day to post on a thread they have no interest in only to whine about the fact that other people are discussing something he disapproves of, while contributing nothing of actual substance to it.

So you don't care about respecting the privacy of your board users. So what? That doesn't make you special, it makes you ordinary. That's why organizations like the ACLU exist. To protect us all from the erosion of our civil liberties that results from ordinary people making ordinary decisions. And yes, we're only talking about an Internet discussion board here. You're right. That's the worst part of this. If you can't be bothered to stand up for the rights of your discussion board users, what are the odds you'll stand up for anyone's rights in real life? Slim to none, I'd guess.

All that aside, as I said and as Dean and others have pointed out repeatedly, the ethical argument isn't even relevant to whether you should warn your board users that this hack is installed and that private messages are not private to protect yourself from litigation. Bira said it best here. Even if you don't have the slightest respect for your users privacy, you should at least have the sense to protect yourself.

Yes but Bira also said this:

"However, once you take measures that actively violate the privacy of a user -- for example, install software that will allow you to read their personal communication - you are no longer within the bounds of "reasonable violation".

Guess nobody is allowed to install PHPMyAdmin because that would allow them to read your personal info...I also used Bira post OF the law and believe I referenced the points on how this hack does NOT even fall under that law....

BTW..you may be interested to know that it would seem a privacy policy does NOT constitute a contract between your users and yourself. Northwestern airlines outright VIOLATED their stated policy and the judge threw the case against them out...and those people SHARED their data with OTHER COMPANIES.....read more here:

http://news.com.com/Judge+tosses+onl...l?tag=nefd.top

And as Bira explained to you then (which is the reason I already told you on the last page that I don't think your phpMyAdmin argument is effective):

That is interesting, thanks. It illuminates a pretty serious failing of American privacy law IMO. However, where in that article does it say "a privacy policy does NOT constitute a contract between your users and yourself"? All I found is that the judge deemed the case had no merit "in part because the privacy policy posted on the airline's Web site was unenforceable unless plaintiffs claimed to have read it. " Obviously that doesn't apply to vBulletin, since in order to register people have to click a box that indicates that they have read the policies.

Bira didn't explain anything then, you are not referencing the post I am talking about...I don't even think you looked in the right thread actually. He posted the law...I quoted his post and showed which parts of the law seem to render this moot. Maybe find that post and check again...

It also still applies to vbulletin because you are making the assumption that ever vb owner leaves that checkbox and message working the default way which is not a good thing to assume...still applies here. Whether you think my argument is effective really isn't the point...it's up to whatever judge looks at it and with the wording you guys have used it would still stand...not every host has PHPMyAdmin installed...installing it would still be an active motion to get into the database....at any rate.

Its funny how half or more of these arguements don't even apply when you are on private property or attending say a school....where'd the privacy go there? It's private property, both the software/forums and the server they are on. I didn't get any notice when I went to school that my freedom of speech rights were limited but they were, and are legally limited. I'll wait for the first court case to test this as I'd love to see some personal user try and sue a non commercial personal website owner over this.....I would LOVE it!

I referenced the post you quoted her from. If you want to discuss something else she said you should've quoted it.

I never made that assumption, but that is the default configuration of the software. The possible outcome of a case against a hypothetical board with a hypothetical non-default configuration is a little too ambiguous of a discussion for me. Why don't we stick to the subject.

Whether your argument is effective is exactly the point. You keep comparing a piece of software that's used for database administration and happens to allow admins to read PM's with a piece of software designed for reading people's PM's. How do you not see the difference there?

And of course bira destroyed that argument too, when she said:
This isn't rocket science, JTMON. As you pointed out yourself, it all depends on how the specific laws are interpreted by the judge if someone decides to sue you for violating their privacy. It's up to you whether you want to err on the side of caution or stand firm by your "right" to do whatever you want with your board. I'm just pointing out that the smart thing to do is the former.

You did NOT reference the post I made or am talking about. For your info she never even responded to the post I am talking about. You are the one rehashing an old old old argument and making the EXACT same points as others so you should go digging I think. I replied to the actual law, which she posted, you are replying to replies..

Since this whole forum is about changing the default configuration of your board I wouldn't think that coversation would be that far fetched. As for the differences in the software...the software is not illegal by iteself..it may or may not be depending on how you use it. The same should/would go for PhPMyAdmin....if the sole reason someone installed PHPMA was to read user PMs then I believe it would fall under that same law....You can't tell me you wouldn't still be arguing your point if this hack was just part of some bigger hack with more features which would then make it more like PHPMA soley because it also has OTHER uses.....at any rate I'm done arguing the same arguement for the third time I think it is during the life of this hack...As for the checkbox saying you read the privacy agreement, it's about as binding as software EULAs....

What are you talking about? You said:

This is the post where she said that, the same post I referenced where she defeated your argument 3 years ago. If you are now talking about some other post or thread find it and quote it, and I'll respond to that.

I already went digging at your suggestion, and yes I am making the EXACT same points you didn't get three years ago, with the hope that you will get it now. I am commenting in this thread in case anyone comes across this hack in this thread and isn't aware of the serious liability it incurs and/or thinks you have made anything resembling a valid point that there is nothing to worry about.

And you have been arguing for what all this time? That people shouldn't take a simple precaution against the possibility of litigation? What do you hope to gain? What is the benefit of convincing a single person that they shouldn't worry about the possibility of losing a lawsuit compared to the benefit of convincing people to be cautious?

I don't know if you're just being stubborn or if you really don't get it, but rest assured that you are wrong. It's a matter of logic, not opinion. You have made arguments and they have been defeated. The fact is that installing this hack increases your liability as a forum administrator and anyone who intends to install it would be wise to forewarn their forum users that their "private" messages aren't private.

this doesn't work for me, just times out

i agree with Dean,
and i am thankful for the bug fixes
as already it was requested from a couple of people, abt the bugs in the earlier release.

thnx for sharing.

Regards,