Thread: Some code modifications I am trying to figure out
View Single Post
  #8  
Old 11-15-2010, 06:30 PM
NovoCiv NovoCiv is offline
 
Join Date: Aug 2010
Posts: 80
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Sorry for the delayed response. I've been away on personal business. Unfortunately the development administrator has not looked into this yet (I'm nowhere near as proficient as him, I focus more on running the site and PR type stuff).

I still feel completely lost on allowing blankposting. I looked into BBEdit and it looks to be mac only. I'm on a PC, are there any alternatives?

Quote:
Originally Posted by Retal View Post
Apart from using an editor or IDE as Lynne is suggesting you're preparing a hell of work and mistakes for yourself when you want to upgrade vBulletin.

Instead of editing the files directly find the hook nearest to the place you want to do damage and use it to create a plugin (= a PHP code that's run on the hook line).
I don't really understand any of your post. I have already changed around so much in my files that I don't intend to upgrade vBulletin. Upgrading would no doubt break a lot of things that we've done.


Edit: One more slight issue we've run into. For certain things (such as hide tags and QR images) we have noticed that hidden content can be found by quoting a post. I've narrowed it down to the newpost_quote template, and in styles where I remove the {vb:raw pagetext} from the template the vulnerability is removed (at the cost of quoting). I think the best solution would just be to add some command in the code to parse all BB code. I just don't know enough PHP to know what command to use. Here's an example of what I mean (I know parsebbcode() isn't real).
Code:
ORIGINAL:
[QUOTE={vb:raw originalposter}]{vb:raw pagetext}[/QUOTE]
FIX:
[QUOTE={vb:raw originalposter}]parsebbcode({vb:raw pagetext})[/QUOTE]
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01205 seconds
  • Memory Usage 1,766KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete