vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   HTML Always Enabled for Admins+Etc. (https://vborg.vbsupport.ru/showthread.php?t=32015)

Palmer ofShinra 11-01-2001 10:00 PM

This one is by request from here (http://vbulletin.org/forum/showthrea...&postid=197531), and really quite simple...

No matter what the forum rules say, Admins and Super Mods should always be able to post in HTML.

Tested on my board and works fine.

RobAC 11-02-2001 09:37 AM

I think this is an awesome idea and I've been wanting to see something like this for a long time. However, before I add it, I'd like to get ideas from the Admins. and Mods of this board.....what does this hack do for potential security threats to the board?? Anyone?

Mr. X 11-02-2001 02:51 PM

This hack is exactly what I was looking for. I was gonna request it yesterday too infact :)

But I too would like to know if there are any security issues. If not, Im definetly going to install it :)

Palmer ofShinra 11-02-2001 05:24 PM

Security Issues:

Withing the vB itself, none. They can't do anything that would screw up your database or swipe passwords or get admin access with HTML.

The security issues with HTML are in the code itself.

With it enabled, posters can use any tags, including JavaScript, where the real hazard is.

They can **** with the layout pretty bad... redefine colors on the fly using a <style tag to change the css...

They can add Flash movies and images, embed sound and movie files...

It comes down to how much you trust your mods.

Right now it's based off usergroups... and is set for Admins and Super Mods. You can add more usergroups or remove group 5 to restrict it to just admins.

I didn't add the code to determine if a user is a mod of a certain forum... because if they're just a single forum mod, would they need HTML posting rights? And just in that forum?

Mr. X 11-02-2001 07:42 PM

So as long as its with ppl you trust to have it (and I do trust my mods), there is no issue right? Just common sense? sounds good to me :)

cyrus 11-06-2001 11:18 AM

sweeeet

tried with 2.2.0, works 100% fine !

thanks !!!

FWC 11-18-2001 08:40 AM

Thanks, Palmer. This allows me to embed sound files in an occasional post. If I just make a custom vB code the users will get carried away. The high speed connection folks will embed massive files that take minutes for the dial-up people to download. At least that's what happened on my old board with HTML allowed. :)

Admin 11-18-2001 08:49 AM

Let's see...
<center>;)</center>

FWC 11-18-2001 09:01 AM

LOL!! I would say it worked.

FWC 11-18-2001 09:03 AM

Quote:

Originally posted by FireFly
Let's see...
<center>;)</center>

Let's see what happens when a regular user quotes it.

Very cool!


All times are GMT. The time now is 01:41 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01048 seconds
  • Memory Usage 1,727KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 

Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete