vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=252)
-   -   Bug in hack mod but author is not responding (https://vborg.vbsupport.ru/showthread.php?t=324832)

kevius 03-29-2017 01:08 PM
Bug in hack mod but author is not responding
 
Hello,

I'm French. I have a big problem with a vBulletin 4.2 mod :

https://vborg.vbsupport.ru/showthread.php?t=232556

The author is not here since march 2016...

The bug is : if a subject have " or ' character the hack make a SQL error when using it !

" and ' are typicaly french characters and i need a bug fix for this hack.

Is there anybody for this bug fix ?

Here it is the source code of the hack :


Code:
<?xml version="1.0" encoding="ISO-8859-1"?>

<product productid="wog_captit" active="1">
    <title>WoG - Change All Post Title In Thread</title>
    <description />
    <version>1.1.0</version>
    <url><![CDATA[https://vborg.vbsupport.ru/misc.php?do=producthelp&pid=wog_captit]]></url>
    <versioncheckurl><![CDATA[https://vborg.vbsupport.ru/misc.php?do=productcheck&pid=wog_captit]]></versioncheckurl>
    <dependencies>
        <dependency dependencytype="vbulletin" minversion="4.0.0" maxversion="" />
    </dependencies>
    <codes>
    </codes>
    <templates>
    </templates>
    <stylevardfns>
    </stylevardfns>
    <stylevars>
    </stylevars>
    <plugins>
        <plugin active="1" executionorder="5">
            <title>WoG - CAPTIT - Threadmanage Display</title>
            <hookname>threadmanage_complete</hookname>
            <phpcode><![CDATA[if ($vbulletin->options['wog_captit_enable'] AND $_REQUEST['do'] == 'editthread')
{
    $wog_input = array('<label for="cb_open">');
    $wog_output = array('
                    <label for="wog_setall">
                        <input type="checkbox" name="wog_setall" value="yes" id="wog_setall" /> ' . $vbphrase['wog_setall'] . '
                    </label>
                </li>
                <li>
                    <label for="wog_prefixadd">
                        &nbsp;&nbsp;&nbsp;<input type="checkbox" name="wog_prefixadd" value="yes" id="wog_prefixadd" /> ' . construct_phrase($vbphrase['wog_prefixadd'], $vbulletin->options['wog_captit_prefix']) . '
                    </label>
                </li>
                <li>
                    <label for="cb_open">');
    $vbulletin->templatecache['threadadmin_editthread'] = str_replace($wog_input, $wog_output, $vbulletin->templatecache['threadadmin_editthread']);
}]]></phpcode>
        </plugin>
        <plugin active="1" executionorder="5">
            <title>WoG - CAPTIT - Threadmanage Init</title>
            <hookname>threadmanage_update</hookname>
            <phpcode><![CDATA[if ($vbulletin->options['wog_captit_enable'])
{
    $vbulletin->input->clean_array_gpc('p', array(
            'wog_setall'        => TYPE_BOOL,
            'wog_prefixadd'        => TYPE_BOOL,
    ));
    if ($vbulletin->GPC['wog_setall'])
    {
        if ($vbulletin->GPC['wog_prefixadd'])
        {
            $db->query_write("
                UPDATE `" . TABLE_PREFIX . "post` AS `post`
                SET `post`.`title` = '" . $vbulletin->options['wog_captit_prefix'] . $vbulletin->GPC['title'] . "'
                WHERE `post`.`threadid` = '" . $threadinfo['threadid'] . "'
                AND `post`.`postid` != '" . $threadinfo['firstpostid'] . "'
            ");
        }
        else
        {
            $db->query_write("
                UPDATE `" . TABLE_PREFIX . "post` AS `post`
                SET `post`.`title` = '" . $vbulletin->GPC['title'] . "'
                WHERE `post`.`threadid` = '" . $threadinfo['threadid'] . "'
            ");
        }
    }
}]]></phpcode>
        </plugin>
    </plugins>
    <phrases>
        <phrasetype name="Thread Management" fieldname="threadmanage">
            <phrase name="wog_setall" date="1262972458" username="WoG" version="1.0.0"><![CDATA[Set the title of this thread as the title of all posts in this thread]]></phrase>
            <phrase name="wog_prefixadd" date="0" username="WoG" version="1.1.0"><![CDATA[Add predefined prefix ({1}) to all posttitles excepting first post]]></phrase>
        </phrasetype>
        <phrasetype name="vBulletin Settings" fieldname="vbsettings">
            <phrase name="setting_wog_captit_enable_desc" date="0" username="WoG" version="1.0.0"><![CDATA[If 'Yes' - the modification is on.<br /> If 'No'- despite the setting - the modification is turned off.]]></phrase>
            <phrase name="setting_wog_captit_enable_title" date="0" username="WoG" version="1.0.0"><![CDATA[Hack Enabled?]]></phrase>
            <phrase name="setting_wog_captit_prefix_desc" date="0" username="WoG" version="1.1.0"><![CDATA[Please define a prefix, which will be placed before <i>posttitle</i>.<br />HTML is allowed.]]></phrase>
            <phrase name="setting_wog_captit_prefix_title" date="0" username="WoG" version="1.1.0"><![CDATA[Prefix]]></phrase>
            <phrase name="settinggroup_wog_captit_group" date="0" username="WoG" version="1.0.0"><![CDATA[WoG - Change All Post Title In Thread]]></phrase>
        </phrasetype>
    </phrases>
    <options>
        <settinggroup name="wog_captit_group" displayorder="65538">
            <setting varname="wog_captit_enable" displayorder="5">
                <datatype>boolean</datatype>
                <optioncode>yesno</optioncode>
                <defaultvalue>1</defaultvalue>
            </setting>
            <setting varname="wog_captit_prefix" displayorder="10">
                <datatype>free</datatype>
                <defaultvalue><![CDATA[Re:&nbsp;]]></defaultvalue>
            </setting>
        </settinggroup>
    </options>
    <helptopics>
    </helptopics>
    <cronentries>
    </cronentries>
    <faqentries>
    </faqentries>
</product>
Help will be very appreciated !

Thanks a lot

Fred

Dave 03-29-2017 01:12 PM
In that XML file, replace
PHP Code:
        if ($vbulletin->GPC['wog_prefixadd'])
        {
            $db->query_write("
                UPDATE `" TABLE_PREFIX "post` AS `post`
                SET `post`.`title` = '" $vbulletin->options['wog_captit_prefix'] . $vbulletin->GPC['title'] . "'
                WHERE `post`.`threadid` = '" $threadinfo['threadid'] . "'
                AND `post`.`postid` != '" $threadinfo['firstpostid'] . "'
            ");
        }
        else
        {
            $db->query_write("
                UPDATE `" TABLE_PREFIX "post` AS `post`
                SET `post`.`title` = '" $vbulletin->GPC['title'] . "'
                WHERE `post`.`threadid` = '" $threadinfo['threadid'] . "'
            ");
        } 
with
PHP Code:
        if ($vbulletin->GPC['wog_prefixadd'])
        {
            $db->query_write("
                UPDATE `" TABLE_PREFIX "post` AS `post`
                SET `post`.`title` = '" $vbulletin->db->escape_string($vbulletin->options['wog_captit_prefix'] . $vbulletin->GPC['title']) . "'
                WHERE `post`.`threadid` = '" $threadinfo['threadid'] . "'
                AND `post`.`postid` != '" $threadinfo['firstpostid'] . "'
            ");
        }
        else
        {
            $db->query_write("
                UPDATE `" TABLE_PREFIX "post` AS `post`
                SET `post`.`title` = '" $vbulletin->db->escape_string($vbulletin->GPC['title']) . "'
                WHERE `post`.`threadid` = '" $threadinfo['threadid'] . "'
            ");
        } 

kevius 03-29-2017 01:18 PM
wouawou !

THANK YOU VERY VERY MUCH !!!!


All times are GMT. The time now is 10:23 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01726 seconds
  • Memory Usage 1,761KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (2)bbcode_php_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete