Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vB Journal for vBulletin 3.0.3(v1.0.1) Details »»
vB Journal for vBulletin 3.0.3(v1.0.1)
Version: 1.0.1, by AN-net AN-net is offline
Developer Last Online: Jan 2010 Show Printable Version Email this Page

Version: 3.0.7 Rating:
Released: 09-16-2004 Last Update: 09-22-2005 Installs: 462
DB Changes Template Edits
Code Changes  
No support by the author.

vB Journal v1.0.1
By Antonbomb22(Anthony Scudese)

vB Journal 1.5 Beta 1 is now available, click here.

Features:
  • Full vBulletin 3.0.3 intergration
  • Install file for SQL queries
  • Comment System
  • "GoToMyJournal"
  • link from postbit to journal
  • link from profile to journal
  • link from memberlist to journal
  • usergroup permissions
  • journal buddy system(by Wonko)
  • Journal Search Engine
  • journal highlight
  • bbcode parsing
  • smilie parsing
  • Admin Cp Support Section
  • Journal Status Icons
  • Who is viewing
  • most recent journal entries and journals
  • Who Can View for journals and entries
  • Complete journal and entry privacy
  • Comment on entries or journals
  • Journal Moderation(Like Post and Thread Moderation)
  • Entry Moderation(Like Post and Thread Moderation)
  • Pagination
  • Rating System
  • Lock System
  • Moods
  • "Can Have Journal" on a per user basis
  • Ip Logging
  • Journalists can name their journals
  • Export entries in TXT or XML format
  • Flood System
  • Administrators have absolute permissions
  • Search in Journal
  • Last Entry on Journal Index
  • Numerous AdminCp Settings
  • Unique Standard vB Images for vB Journal
  • View Single Entry
  • and so much more...

Version 1.0.1:
  • Many parts of vB Journal 1.0.0 were rewritten to cap security holes lurking within the code.

Features for later versions:
  • journalists can specify colors for their journal
  • attachments
  • subscriptions
  • journal moderators
  • report system
  • more administration options
  • complete phrasing

Demos:
Add-Ons(I Will not give support for these because i did not create them):
Side Credits:
  • Journal Buddy System ~ WonkotheSane
  • Closed Beta Tester ~ Pitman
  • Closed Beta Tester ~ DantX
  • Helpful Person ~ Oblivion Knight
And to all those who helped me find my mistakes and encourage me

Notes:
  • The WOL(Who's Online) is not yet finished but will be released shortly due to some bugs and flaws
  • You may not remove the copyright notice!
  • An import script for Ryangle's ported Journal will be made so dont install this hack for now if you have the vb3 port of Ryangle's

Support:
~READ FIRST POST COMPLETELY BEFORE POSTING PROBLEMS AND MAKE SURE YOU DID ALL EDITS AND REQUIREMENTS!~

Support may be denied if provided files are edited/modified and support may be stopped at any time due to any circumstances.

If you should run into any errors, problems, confusion, or maybe even a suggestion please
foward them to one of the following places:
Contents of Zip:
  • install.txt
  • journal.php
  • journaladmin.php
  • journalinstall.php
  • images

I have also provided several screenshots

Please click install

If you are missing phrases or blank spaces in the usergroup manager click here.

Updates/Fixes:

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #1202  
Old 06-10-2005, 05:57 PM
AN-net's Avatar
AN-net AN-net is offline
 
Join Date: Dec 2003
Location: AnimationTalk.com
Posts: 2,367
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by fechten
Any way to allow for a user to create multiple journals?

For my site some users want to have 2 journals: one for general thoughts and one to act as a training log.

Thanks,
Craig
you have to change journalist_id from unique to not unique and edit a place in the code
Reply With Quote
  #1203  
Old 06-10-2005, 05:58 PM
AN-net's Avatar
AN-net AN-net is offline
 
Join Date: Dec 2003
Location: AnimationTalk.com
Posts: 2,367
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Widebertha
Someone installed the vbulletin journal hack for me this past week. Is there an editor associated with the Journal that would allow members to change fonts and font colours, to post pictures, avatars and smilies into their entries? How does one go about posting links into your vbulletin Journal?

Thank you
Widebertha
these are done through bbcode there is no editor like the post at this time but bbcode can be used except html code.
Reply With Quote
  #1204  
Old 06-10-2005, 08:35 PM
Widebertha Widebertha is offline
 
Join Date: Jan 2004
Posts: 21
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi,

Thank you for your reply. Just wondering if there are any add-ons for vbulletin journal? Also wondering if I can do something in the administrative control panel so that all the journals on my website are public journals? How does one get moods and smilies for vb Journal?

Thank you,
Widebertha
Reply With Quote
  #1205  
Old 06-14-2005, 05:32 PM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Urgent Security-Warning

This Hack has several severe XSS and SQL-Injection-Vulnerbilities.

The author has been informed since 2 weeks, but still hasn't fixed the remaining issues.
Therefore I strongly recommend to uninstall this hack in order to keep your Board secure.
Reply With Quote
  #1206  
Old 06-14-2005, 05:56 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KirbyDE
Urgent Security-Warning

This Hack has several severe XSS and SQL-Injection-Vulnerbilities.

The author has been informed since 2 weeks, but still hasn't fixed the remaining issues.
Therefore I strongly recommend to uninstall this hack in order to keep your Board secure.
Well thanks for broardcasting it to the whole world - TBH, you are not exactly being very helpful here are you ? - now every unsavory person who reads this bloody great message will be looking for exploits. Uninstalling it is not exactly an option so why don't you be a little more helpful and tell us how to fix it, I don't even know what an XSS vulnerability is.
Reply With Quote
  #1207  
Old 06-14-2005, 06:43 PM
MajorFm.com MajorFm.com is offline
 
Join Date: Dec 2004
Location: UK
Posts: 402
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M
Well thanks for broardcasting it to the whole world - TBH, you are not exactly being very helpful here are you ? - now every unsavory person who reads this bloody great message will be looking for exploits. Uninstalling it is not exactly an option so why don't you be a little more helpful and tell us how to fix it, I don't even know what an XSS vulnerability is.
I have to say the same, there are too many people using it to uninstall it... we appreciate the info but a pm might have been more of a option to the people who have clicked install... we need a fix asap...
Reply With Quote
  #1208  
Old 06-14-2005, 06:55 PM
Pseudomizer's Avatar
Pseudomizer Pseudomizer is offline
 
Join Date: Mar 2002
Location: Germany
Posts: 614
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hey guys,

sorry but I do NOT agree with the last 2 postings. VB.org moderators have to warn their members about any possible impact. If this hack has serious problems then I would deinstall it by removing the journal.php file in the first instance.

I have the hack installed as well and the first thing I did was to remove the file.

In addition Kirby is not responsible to provide any fix for this hack. He is just informing you guys. So do not blame him for informing you because next time he will just sit back and relax to see you struggling with your hacked board. I agree with Kirby that if the author does not react on any message he should inform the people by posting into the appropriate thread and not send a PM. Because a PM will not have the same effect like his posting.

If I would be the hack author I would react on the posting rather then on a PM to all users.

Summary: Contact the author to create the pressure to fix the security issue(s) and THANK Kirby for informing us.

Cheers,
Reply With Quote
  #1209  
Old 06-14-2005, 07:32 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

As Kirby already mentioned, the author have been privatly informed about the vulnerabilities in more detail then this public post. He was given time to create a fix without mentioning the risks to public.

Since the risks still exist, it is our duty to inform the users of this hack of the risks. The choice to do this in the public thread was being made since not all that use the hack would have clicked install, and contacting in private would therefor be impossible.
Reply With Quote
  #1210  
Old 06-14-2005, 09:29 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MarcoH64
Since the risks still exist, it is our duty to inform the users of this hack of the risks. The choice to do this in the public thread was being made since not all that use the hack would have clicked install, and contacting in private would therefor be impossible.
Inform the users yes - but broadcasting it to every man and his dog when no sort of fix is available is irresposible as far as I am concerned.

One of the reasons we click on install is to allow updates to be sent, users should have been informed in this manner. If the author is unable / unwilling to fix the issues then another user may have been able, before it was made public. BTW - if people install it and don't click install as requested then that is really their fault, as a hack writer, I have little sympathy for them.

FYI - this is the second time this has been publically posted in this thread, not the first - and as I said last time - I need to know what the actual problems are since we run a "hacked" version of the hack - so just replacing it with whatever the author provides is not feasible anyway.
Reply With Quote
  #1211  
Old 06-14-2005, 09:40 PM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@Paul M
Well, if only the users were informed then others (who might not have clicked Install or have not yet installed this) would not know.
And I think it's better to know that there are problems, instead of keeping them secret.
It's the same with for example Browser security issues: Once they are discovered, the developers are being informed.
After a while the information gets made public on Full Disclosure or smth. like this, so users are aware of the problem and can take apropriate action before a patch is available.
If they don't do - it'sd their fault
But leaving them uninformed increases the risk, as users wouldn't even know that there are problems.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:58 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04876 seconds
  • Memory Usage 2,338KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (4)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete