A phpMyChat integration Hack

Hi.... it is my first hack - phpProbe
here is it... it was tested under vbb2x RC2 and phpMyChat 0.14.4

News:
Updated on 19.07.01
- FAQ has been add

Updated on 18.07.01
The hack is compatible with version 0.14.5 of phpMyChat
- there is some javaScript code there, so the hack will not work with browsers without JS support (phpMyChat will not work with these browsers too )
- the Exit link in chat works ok now

Hack:
Step 1:
open /lib/index.lib.php3 in yours phpMyChat Derictory
find:

PHP Code:

// Fix some security holes 


replace it with

PHP Code:

//a VBB integration hack by Stasik (stasik@t-online.de)
//v0.1
//(C)2001

$exiturl = "http://www.blabla.com"; // the url the user will be redirected exiting the chat

if($Ver == ""){print "
<HTML>
<SCRIPT TYPE=\"text/javascript\" LANGUAGE=\"javascript\">
    <!--
    var NS4 = (document.layers) ? 1 : 0;
    var IE4 = ((document.all) && (parseInt(navigator.appVersion)>=4)) ? 1 : 0;
    var ver4 = (NS4 || IE4) ? \"H\" : \"L\";
function defineVerField()
    {
        if (document.images && ver4 == 'L')
            document.forms['Params'].elements['Ver'].value = 'M';    // js1.1 enabled browser
        else document.forms['Params'].elements['Ver'].value = ver4;
    }
 -->
</SCRIPT>
<FORM ACTION=\"index.php3\" METHOD=\"POST\" AUTOCOMPLETE=\"OFF\" NAME=\"Params\">
<INPUT TYPE=\"hidden\" NAME=\"Ver\" VALUE=\"L\">
</FORM>
<SCRIPT TYPE=\"text/javascript\" LANGUAGE=\"javascript\">
defineVerField();
document.forms.Params.submit();
</SCRIPT>
</HTML>
"; exit;}

chdir("/path/to/board/");
require("./global.php");
chdir("/path/to/chat/");

if ($bbuserid == 0) 
{ 
print "no"; //Message if the user has no cookie
exit; 
}
else
{
if ($bbusername == "" || (isset($bbusername))==0) 
{ 
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid"); 
$username=$getusername[username]; 
$bbusername = $username; 
}
else 
{ 
$username = $bbusername; 
} }

$U = $username;

$pat = "[[:space:]]"; 
$repl = ""; 
$U = ereg_replace($pat,$repl,$U); 
$pat = ','; 
$U = ereg_replace($pat,$repl,$U); 
stripslashes($U); 

$N = 20; 
$D = 10; 
$Form_Send = 1; 

//Replace admin with your administration nick
if($U != "Admin")
{
$PASSWORD="1";
}

// Fix some security holes 


Step 2:
open /lib/index.lib.php3 in yours phpMyChat Derictory
find:

PHP Code:

$DbLink->query("INSERT INTO ".C_MSG_TBL." VALUES ($EN, '$E', 'SYS exit', '', ".time().", '', 'sprintf(L_EXIT_ROM, \"".special_char($U,$Latin1)."\")')");
        }
    } 


replace it with:

PHP Code:

$DbLink->query("INSERT INTO ".C_MSG_TBL." VALUES ($EN, '$E', 'SYS exit', '', ".time().", '', 'sprintf(L_EXIT_ROM, \"".special_char($U,$Latin1)."\")')");
        }
    }
if($exit == "1"){header ("Location: $exiturl"); exit;} 


Step 3:
open /exit.php3 in yours phpMyChat Derictory
find:

PHP Code:

<A HREF="<?php echo("$From?Ver=$Ver&L=$L&U=".urlencode(stripslashes($U))."&E=".urlencode(stripslashes($R))."&EN=$T"); ?>" TARGET="_parent"><?php echo(L_EXIT); ?></A>

replace it with:

PHP Code:

<A HREF="<?php echo("$From?exit=1&Ver=$Ver&L=$L&U=".urlencode(stripslashes($U))."&E=".urlencode(stripslashes($R))."&EN=$T"); ?>" TARGET="_parent"><?php echo(L_EXIT); ?></A>

ENJOY

FAQ:
Q: I`m getting "no" every time.
A: You need to upgrade a cookie option in your VB control panel. Write under: Options->Change Options->[HTTP Headers and output]->Cookie Domain your domainname ONLY (blabla.com).

Q: I`m getting "you need to register" error.
A: Enable chat using for not registered users in your phpMyChat config (/config/config.lib.php3).

Q: I`m getting "wrong password" error.
A: Make shure you have deleted all user accounts in your chat and have only administrative one. If you are logging is as administrator note that you have to enter your password EVERY time you are logging in.

Questions or Bug reports?
Post it here I`ll answer ASAP.

[Dakota]

Is there a demo of it? I would like to see it in action before installing it.

[Stasik]

there was a local demo of it, i`m searching a demo forum... IT WORKS REALLY

Your hack works fine for me, but i have a quastion:

Ho are users able to open a private room? They are not listed in the phpmychat user database i guess, so they can "only" chat, right?

Is there a chance to use the vbulletin database for all other actions (like open a private room)?

Best wishes, polizist

[MarkB]

Is phpMyChat hard on a server? I'm running on a virtual account, and would love to have this hack, but I'd like to know whether the chat script would have my host howling for my blood (or shutting down my account) first

well, we have it on our own server with a gig of memory. just try what happens

is there a php4 version of phpmychat because i cant use php3 on my site

[Stasik]

I think there is no php4 version

[Stasik]

Quote:

Originally posted by polizist
Your hack works fine for me, but i have a quastion:

Ho are users able to open a private room? They are not listed in the phpmychat user database i guess, so they can "only" chat, right?

Is there a chance to use the vbulletin database for all other actions (like open a private room)?

Best wishes, polizist

Hi....

this things with other actions are not so easy to do...... i know theoretically how to do it, but i have no time and lust to do it

bye...

P.S. Nickname "Polizist" ist geil

[snyx]

I installed this hack, but it dont work? It just keeps saying "invalid password" no matter who trys?