Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
[AJAX] vBShout v2.0 Details »»
[AJAX] vBShout v2.0
Version: 2.0, by Zero Tolerance Zero Tolerance is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: 3.5.0 RC2 Rating:
Released: 07-27-2005 Last Update: 04-22-2006 Installs: 1831
Uses Plugins Template Edits
Additional Files  
No support by the author.

[high]Staff Edit/Update[/high]

I have released an updated version of this hack (version 2.0.1), this version fixes some security issues with this hack. All version prior to this one allow users to insert html in their shouts, this can cause problems with them using html that breaks the site layout or malicious javascript. Download the new zip file (vBshout_fixed.zip) and upload the new vbshout.php file to patch/upgrade. If you want to manual instructions they are in the zip file, in the file bugfixes.txt

Second Staff update

I've uploaded a new version of this hack, dubbed '2.0.2'. This one should fix the html injection issues without breaking special characters. To upgrade, download the new zip file and upload the new vbshout.php file.

Please note that this only fixes the html injection issues. I do not use this hack on my own forum (although I've tested this on a client's board) so I will not be fixing the server load issues. I suggest you do not install this hack if you can't deal with the extra server load, as it's rather intensive.

- Brad

[high]End staff edit[/high]

Well, been a while since I've been to vb.org and released anything, thought i'd break the trend and whip up something quick while I have a little spare time.

A shoutbox as you would assume, a very simple one to start off with, but does include AJAX Technology, which pushes the shoutbox 1 step closer to live, messages from other people will appear with no refreshing, and so will yours that you post

A preview is below, i'd estimate a 50 second installation max

Primary Features:
- AJAX Technology (no refreshing)
- Administration control an display element options
- Fast format editor

Change Log::

- v1.1:
WOL (Who's Online) Correction

- v1.2:
New Posting Featurs (Bold/Italic/Underline/Colour/Font)
Admin Controls

- Change location/position of shoutbox
- Change number of shouts displayed
- Switch vbcode/similes on/off
- v1.3
Firefox javascript issue fixed
New Admin Controls

- Command Activation
- Swtch extra format options on/off
- Change position of editor (above/below messages)
New Commands

- /prune (Clears the shoutbox completely)
- /prune [username] (Clears all shouts posted by specified user)
- v1.4
Usergroup HTML Markup For Usernames
Clear Editor Button
Emoticons Pop Up Menu
Time display configurated to vBulletin settings
Username Links To Profile
New Admin Conrols

New vBShout Position (Directly Above Forums)
Banned Users
Banned Usergroups
Banned Permissions
Smilie Pop-Up Box Height
Smilie Pop-Up Box Width
New Commands

"/me" - Action message (all users are able to use this command)
/pruneshout [shout] - Deletes a single shout
- v1.5
Improved Smilies Display
XHTML 1.0 Transitional Valid (couple of errors fixed)
New Admin Options

Shoutbox Height
Smilies To Show
Shout Messages Order
Banned Permissions (fixed)
- v1.6
Bug Fixes:

- Unable to delete shouts that used /me command fixed
- Shouts being displayed from bottom-upwards only showed first 20 shouts
Automatically parses URL's

- v2.0
New Archive

- Displays shouts and pages
- Stats and top 10 shouters
- AJAX Edit/Delete (staff can edit/delete all shouts)
Enjoy,

- Zero Tolerance

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #3002  
Old 09-18-2007, 11:51 PM
mystic10 mystic10 is offline
 
Join Date: Sep 2007
Posts: 298
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i have a problem i have followed the instructions properly you can see the shout box on the homepage but it says loading...i dont know what i did wrong plz help..this is the link to my website..its right above the temporary shoutbox thanks
Reply With Quote
  #3003  
Old 09-20-2007, 10:04 PM
o2tools.com o2tools.com is offline
 
Join Date: Jun 2007
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mystic10 View Post
i have a problem i have followed the instructions properly you can see the shout box on the homepage but it says loading...i dont know what i did wrong plz help..this is the link to my website..its right above the temporary shoutbox thanks
i have followed the instructions properly you can see the shout box on the

homepage but it says " in progress .. : Realy It works ? any thing else.

My forum Ajax is Enable. what I did wrong ?
Reply With Quote
  #3004  
Old 09-24-2007, 03:54 PM
ChopBam's Avatar
ChopBam ChopBam is offline
 
Join Date: Apr 2006
Location: California
Posts: 25
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Concerning the char issues, I edited vbshout.php.

I changed it from
Code:
$striphtml = true
to
Code:
$striphtml = false
Did I open up any vulnerabilities, or what? The characters work now...
Reply With Quote
  #3005  
Old 09-25-2007, 07:09 PM
Alviker Alviker is offline
 
Join Date: Nov 2005
Posts: 32
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I cant write characters like ', >, <, ... it gives me error.

What can I do?
Reply With Quote
  #3006  
Old 09-26-2007, 03:30 AM
mmmender's Avatar
mmmender mmmender is offline
 
Join Date: Sep 2002
Location: toronto
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ChopBam View Post
Concerning the char issues, I edited vbshout.php.

I changed it from
Code:
$striphtml = true
to
Code:
$striphtml = false
Did I open up any vulnerabilities, or what? The characters work now...
I did the same thing and special characters are now working. Is this going to cause other errors?
Reply With Quote
  #3007  
Old 09-26-2007, 10:53 PM
thepub thepub is offline
 
Join Date: Aug 2006
Posts: 226
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I changed it to false and characters still didn't work for me so I changed it back.
Reply With Quote
  #3008  
Old 09-27-2007, 04:24 PM
vitrag24's Avatar
vitrag24 vitrag24 is offline
 
Join Date: Nov 2006
Location: India
Posts: 639
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

changing it will be dangerous ?
reply so i can proceed.
Reply With Quote
  #3009  
Old 09-27-2007, 10:23 PM
ChopBam's Avatar
ChopBam ChopBam is offline
 
Join Date: Apr 2006
Location: California
Posts: 25
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't know if it will be dangerous, which is why I asked myself. It doesn't parse HTML or anything, but I still don't know if it opens up anything to hackers. I've had it this way for a few days now and everything still works.
Reply With Quote
  #3010  
Old 09-28-2007, 11:18 AM
princeedward's Avatar
princeedward princeedward is offline
 
Join Date: Jan 2007
Location: Deutschland
Posts: 901
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

hi...is there a way to prevent any members using this ( /me ) to this shoutbox???

if they use ( /me + message ) their username won't appear but only blank...and the message will appear like this

*username + message here*


thanks and best regards to all

Reply With Quote
  #3011  
Old 09-30-2007, 07:52 AM
princeedward's Avatar
princeedward princeedward is offline
 
Join Date: Jan 2007
Location: Deutschland
Posts: 901
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by princeedward View Post
hi...is there a way to prevent any members using this ( /me ) to this shoutbox???

if they use ( /me + message ) their username won't appear but only blank...and the message will appear like this

*username + message here*


thanks and best regards to all

BUMP!

Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:02 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08121 seconds
  • Memory Usage 2,323KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (4)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete