The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Flashchat Integration for vB 3.6 Details »» | |||||||||||||||||||||||||
This modification is no longer available or supported. Flashchat integration with vBulletin 3.6 Note: Standard Flashchat includes a version of my vBulletin integration as part of the Tufat supplied files - including a working vBulletin 3.6 CMS file. However, the standard files do not include Direct Usergroup Integration or other extra's like the WOL Display & Flashchat on a vBulletin page. This Integration Mod adds those features Standard vB 3.6 integration features * Authorised members are automatically logged in. * Automatic login works even if a member has not ticked "remember me". * All non authorised members are locked out (this and the above are based on usergroup membership). * If enabled, Flashchat updates the users session location (displayed in various vBulletin online location displays such as WOL). * Real ip detection when a proxy server is used (only if the proxy server passes on the details). * Permanant, Private Rooms are loaded by Admins and Moderators (allows for Staff Rooms). Extra's added by this modification * Direct login to a room. * The WOL will correctly display Flashchat as the location (not 'Unknown Location') * Flashchat can be displayed embedded inside a 'standard' vBulletin Page (i.e. not full screen). * Direct Usergroup Integration - a section is added to each usergroup in the ACP Usergroup Manager to set the Flashchat permissions for that group. * The plugin will try to automatically add a link to Flashchat in your Quick Links or Navbar - this feature can be disabled if you wish. * The automatic link can have a prefix path defined - useful if you use something like CMPS. More notes: * This integration is for Flashchat versions 4.7.x and above. * The automatic link feature may fail if you have customised templates. * For Flashchat inside a vBulletin page you need to link to .../misc.php?do=flashchat * This modification does not add any links to Flashchat Administration in the ACP. * You can set all members to login direct to particular room via the ACP. * You can also add a room parameter to the url - i.e. .../misc.php?do=flashchat&room=3 * 3.56 onwards has extra code to cope with VBs CSRF protection, which interferes with profile linking (vb 3.6.10+). The CMS file assumes that you are installing Flashchat in your forum root folder - this is the same folder as your usercp.php file and includes folder. Installation will fail if you do not do this. Support: Please check the instructions, and make sure you have uploaded any files to the correct location - the vast majority of problems reported are due to an error made in editing or uploading files. If you are still stuck and want me to take a look then feel free to PM me your site address, an admin user, and ftp access details, without these I cannot help you. I will look when I have time. Finally, I am not Tufat.com or Flashchat Support - if you have questions about Flashchat, their forums are here. To use the this upgraded integration simply download and unzip the file, then follow the instructions in the text file. Once installed, the Flashchat userlevel options for each usergroup will appear in the ACP usergroup edit screens - editing of the CMS file will no longer be required. History: v3.01 : First version for vb 3.6 (not released). v3.02 : Various code changes, first public release. v3.02A : Minor bug fixes to WOL Display. v3.02B : Dependancies updated for 3.6.0 Gold. v3.03 : Minor fix to Get User for membergroupids, some SQL changes. v3.03A : Updated for Version Checking. v3.04 : Security (anti-hacking) code added (as supplied by Darren). v3.05 : Usergroup settings moved to top of CMS file. v3.06 : Fixed error message when accessing chat admin area. v3.07 : Default role changed. v3.08 : Minor bug fix to Avatar detection, login code changes, tidy up. v3.50 : Beta release with direct usergroup integration. v3.51 : First full release with direct usergroup integration. v3.52 : No Access and Banned split into separate permissions. v3.53 : Minor changes - includes disabling the utf8 functions if the F/C config option is false. v3.53A : Internal updates, not released. v3.53B : Internal updates, not released. v3.53C : Add ability for member to do direct to a room (other than the Flashchat default). v3.53D : Defaults on first install updated. v3.54 : Option for link path prefix added. v3.55 : Minor changes to install code only. v3.56 : Code added to allow profile views when CSRF protection is active. v3.57 : CSRF Code changed. Show Your Support
|
Comments |
#92
|
||||
|
||||
Quote:
Quote:
Quote:
Quote:
I do wonder if you will uninstall vbulletin next time a security hole is found in it |
#93
|
||||
|
||||
Quote:
..and yes, if vBulletin was so insecure that something like this happened, i would indeed review my choice of forum software. That has never happened though, partly due to the extremely vigilant and speedy security alerts which drop into my mailbox from time to time. BTW, just FYI - the hackers came again tonight, it would seem that they have left something on the server, some shell script or something, which still gives them access even after flashchat has been completely removed. My host is trying to figure out what/where. |
#94
|
||||
|
||||
Quote:
If you don't understand what files you're installing, you should get someone who does to install the program you want installed for you. |
#95
|
||||
|
||||
Quote:
|
#96
|
||||
|
||||
@trilOByte, I have edited the inaccuracy from your previous post, despite it being made clear that this mod in no way contributed, your post inferred it was.
@everyone, I'm not prepared to allow this to flare up into a series of personal arguments, everyone please move on, any further off topic/argumentative posts are liable to be removed. Thanks. |
#97
|
||||
|
||||
Quote:
That's not my point. From my point of view, they come as a package. Like many others, I installed tufats script because of your excellent mod but your mod does need tufat's script to work. I'm not blaming anyone and I'm not looking for someone to moan at. But the fact remains that the package on offer here (your totally blameless mod + tufats flawed script), had or has a stinking great security hole in it. Now I'm not sure if simply removing one file from the CMS's is going to plug the hole - I hope it does. But having spent the last 2 days running round chasing hackers off my server, I'm not inclined to place too much faith in that. I hope the newer package from tufat is secure. If it proves to be in time, I will probably put you excellent mod back on my site, but for now, it (tufats script) consitutes too much of a risk. There are mixed messages on the forums. I've read in one thread that the kiddies were logged running a search for other files in the tufat installation. I dont know why, or if they are vulnerable, but the possibility that they might be, seems to exist. |
#98
|
||||
|
||||
Let me put it another way.
Can you guarantee that tufat's script is now secure? If not, is it prudent to endorse it's use? |
#99
|
||||
|
||||
Quote:
aedating4CMS.php aedatingCMS2.php aedatingCMS.php And you may as well remove all the other cms files (they are unnecesary) except the vBulletin cms for your vBulletin version. The hole was plugged in 4.6.2. |
#100
|
||||
|
||||
Quote:
http://www.zone-h.org/component/opti...berLord/page,2 |
#101
|
||||
|
||||
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|