vb.org Archive - hack: active cookie

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- Member Archives (https://vborg.vbsupport.ru/forumdisplay.php?f=202)

- - hack: active cookie (https://vborg.vbsupport.ru/showthread.php?t=52315)

hack: active cookie

hello every one
as all of you know this command and what it's do in sql

Code:

update user SET cookieuser='1'

but there is a problem with this command..
it's not do it for all users we have

so i make up a hack from my own but i need a help from you to finish it ( file name is cookies.php in admin folder )

PHP Code:


		
			
<?php

error_reporting(7);



if (function_exists("set_time_limit")==1 and get_cfg_var("safe_mode")==0) {

  @set_time_limit(1200);

}



//suppress gzipping

$nozip=1;



require("./global.php");

require("./config.php");



adminlog();



cpheader();



//

######################################################



if ($action=="updatecookie") {

  if (isset($perpage)==0 or $perpage=="") {

    $perpage=50;

  }

  if (isset($startat)==0 or $startat=="") {

    $startat=0;

  }



  echo "<p>User

ids:</p>";



  $updatecookieuserquery=$DB_site->query("SELECT *

         

;         

  FROM user

         

;         

  WHERE user.userid>=$startat

         

;         

  AND user.userid<$finishat

         

;         

  AND user.open<>10

         

;         

  GROUP BY user.userid

         

;         

  ORDER BY userid DESC"

);

  while ($updatecookieuser=$DB_site->fetch_array($updatecookieuserquery)) {



    $userid=$updatecookieuser[userid];



    echo "Processing user <b>$us

erid</b><br>\n";

    flush();

    $getpost=$DB_site->query_first("SELECT * FROM user 

;WHERE userid='$updatecookieuser[userid]' ORDER BY userid A

SC LIMIT 1");

    $DB_site->query("UPDATE user SET cookieu

ser='1' WHERE userid='$updatecookieuser[userid]'");

  }

  if ($checkmore=$DB_site->query_first("SELECT userid FROM user

 WHERE userid>=$finishat")) {

    cpredirect("cookies.php?s=$session[sessionhash]&action=updatecookie&startat=$f

inishat&perpage=$perpage");

    echo "<p><a href=\"cookies.php?s=$session[sessionhash]&action=updatecookie&startat=$f

inishat&perpage=$perpage\">Click here to contin

ue updating users cookies</a></

p>";

  } else {

    echo "<p>cookies updated in user

table!</p>";

    cpredirect("cookies.php",1);

  }

}



cpfooter();

?>

what do you think ?

Quote:

Today at 12:35 PM Sun Boy said this in Post #1
hello every one
as all of you know this command and what it's do in sql

Code:

update user SET cookieuser='1'

but there is a problem with this command..
it's not do it for all users we have

What do you mean? This SQL command will overwrite everyone's cookieuser settings and will set it as 1.

Your problem is probably not the SQL command itself but what happens afterwards. Even if you run the command, your users will be able to reset it to 0 in their user cp or while registering if you don't modify relevant templates.

So there is nothing wrong with the SQL command and you don't need a hack to run this command in the db.

so what sholud i do to make it '1' for all the users ?

run the query update user SET cookieuser=1 then edit your register and usercp templates and remove relevant sections so that your users can not edit them back. (make them hidden form fields)

how about this ?

Code:

<?php

error_reporting(7);



if (function_exists("set_time_limit")==1 and get_cfg_var("safe_mode")==0) {

  @set_time_limit(1200);

}



//suppress gzipping

$nozip=1;



require("./global.php");

require("./config.php");



adminlog();



cpheader();



// ##################################################################



  if (isset($perpage)==0 or $perpage=="") {

    $perpage=1000;

  }

  if (isset($startat)==0 or $startat=="") {

    $startat=0;

  }

  $finishat=$startat+$perpage;



  echo "<p>User ids:</p>";



  $users=$DB_site->query("SELECT userid,usertitle,usergroupid,customtitle,posts FROM user WHERE userid>=$startat AND userid<$finishat ORDER BY userid DESC");

  while ($user=$DB_site->fetch_array($users)) {

    unset($sql);

    $userid=$user[userid];



    // update user stuff

    if ($user[cookieuser]==0)

    $DB_site->query("UPDATE user SET cookieuser='1' WHERE userid='$user[userid]'");



    echo "Processing user <b>$user[userid]</b><br>\n";

    flush();

  }

  if ($checkmore=$DB_site->query_first("SELECT userid FROM user WHERE userid>=$finishat")) {

    cpredirect("cookies.php?s=$session[sessionhash]&startat=$finishat&perpage=$perpage");

    echo "<p><a href=\"cookies.php?s=$session[sessionhash]&startat=$finishat&perpage=$perpage\">Click here to continue updating users</a></p>";

  } else {

    echo "<p>User cookies updated!</p>";

  }





cpfooter();

?>

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_code_printable (1)bbcode_php_printable (1)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (5)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.00990 seconds Memory Usage 1,749KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (3)bbcode_code_printable (1)bbcode_php_printable (1)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (5)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: