vb.org Archive - Very bad things happen to people who use Mass PM

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - Very bad things happen to people who use Mass PM (https://vborg.vbsupport.ru/showthread.php?t=8845)

ender

02-16-2001 03:19 AM

I did this message:
This is your name: $username
This is your password: $password

And I sent that to every single member of my message board.

Guess what?

This is what it gave to everyone:
This is your name: Ender
This is your password: **** [accually it was the password displayed]

As you all can imagine I was overjoyed my pass was released to the public for about 20 mins before I realized it.

THIS IS A VERY BAD THING! AHHH!

02-16-2001 04:59 AM

Are you sure it sent YOUR username/password to them?

02-16-2001 07:42 AM

The MASS PM feature is a hack and you will have to take this up with them.

Can Someone move this to the Hacking forum?

02-16-2001 07:59 AM

neither of the hacks ever said that you could give out user variables, in fact mine explicitly states in a discussion with Me2Be i think that you can't. What you have done is just sent your variables which are in your cookie/session tag. It would not be hard to be able to do what you want but it was not something I added into the hack.

02-18-2001 05:06 AM

No no, I'm not like pissed. I realized that it was a hack when I d/led it. I'm just stating this so it could possibly be fixed, and so that no one else has this happen. Is it now a bad thing to post bugs within hacks?

02-18-2001 11:07 AM

no of course not but it is not really a bug, you were trying to use a feature you assumed was there but is not and by doing so had unforseen consequences. Nethertheless i can see how the mistake can happen and the next version (which is going to be PMTools) will ensure it does not.

02-19-2001 02:58 PM

Quote:

Originally posted by ender
I did this message:
This is your name: $username
This is your password: $password

This is what it gave to everyone:
This is your name: Ender
This is your password: **** [accually it was the password displayed]

I modified the hack by chris and added the \$username, \$password, \$email function to the MassPM and it will send each user THEIR OWN username,password,email NOT yours...

HACK found at http://www.vbulletin.com/forum/showt...?threadid=8742

02-28-2001 12:52 PM

you know I had only one question when reading this

If you are sending a user their password through PM then they have already used their password to sign on so I would hope they have a clue what they typed in to get on the forum to check the PM that will tell them what their password is that they just entered to get there

:)

All times are GMT. The time now is 07:10 AM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01055 seconds Memory Usage 1,723KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (8)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: