Administrative and Maintenance Tools - Username Request

Introduction
I was looking through the Modification Requests forum here and found a pretty good idea. The basic idea was to add a list of users who would like a name change for the administrators. I added the basics and released it. In consecutive versions I have added the abilities and features you have requested and this is the product. It is morphing into a more powerful, more useful system each and every version.

The Tools

User Tools
Inside the User Control Panel, there is an area that is added where a user is given the ability to submit a username that they would like their name changed to. They receive PM updates depending upon the "status" of their request, whether it is Accepted or Rejected.

Administrative Tools
As soon as a request is added to the database, the specified administrator is sent an e-mail saying that a user would like a username request. Inside the Administrators Control Panel, a new section is added under the "Users" navigation tab, that lists all the "Pending" requests with the ability to "Reject" or "Approve" the request. A user will be notified via PM when an action is taken. When a username is approved, the system will automatically change the username.

Username History
This tool will list all username changes that a user has requested. It will also display the status of the request, meaning that if you reject it, this will be displayed. This tool will be built upon in a later version.

Username History Changes:
In the next version, the status of a username change request has been revamped and no longer includes hard-coded "Accepted", "Rejected", and "Requested" status values. More information will be given at the release of v1.1.0!

Requirements
This hack has several requirements. They include:

• vBulletin v3.6.6 or higher (This is the minimum version required for the next requirement)
• The usercp_nav_bottom template hook.

To get around the second requirement, you can copy the cell manually or add $template_hook[usercp_navbar_bottom] at the end of the User Control Panel navigation.

Installation
Installing the product is easy. Just follow these steps:

1. Upload Files into your Administrators Control Panel directory.
2. Import the product through the Product Manager.
3. Click Install Here

Known Bugs:

1. No e-mail is sent out to users upon username change. Fix: The next version will include a fix that will respect all the users settings on receiving e-mail from administrators.
2. The setting for PM sender was ignored within the code and uses the userid of the administrator who changed the username through the administration back-end. Fix: In the next version, revamped settings and improved back-end will now properly use a setting similar to this.

Big Thanks!
I would like to give a big thanks to Paul M for helping me with my stupid mistakes in v1.0.4 - v1.0.6! Now all of my mistakes should be taken care of (unless I made a mistake in the disallowed if statement). Thanks Paul!

I would also like to say thanks to Marco for pointing out a possible SQL Injection that was in v1.0.4 - v1.0.6 (It was inside the ACP, and used a wrong variable name / clean type).

And to Dannyloski for fixing my modification on his forum and providing the fix here. Much faster than I did it.

Final Remarks
I hope that you will enjoy this product as much as I enjoyed making it.

[King Kovifor]

Run the following mysql query:

[sql]DROP TABLE `unreq`[/sql]

That should work.

[Kalina]

Just a suggestion, if possible, it would make it better if we could set a limit in the admin for how often a user can request a name change, I have some doing it weekly, I'd like a way to prevent it so I don't have to check and see if they requested already then explain why they can't.

[Kiros72]

I actually have a question of my own...

Does this modification check against the regular expression set in the User Registration Options? Because I have mine set to " ^[A-Z]{3,}[A-Z0-9 \.\-\_\']+$ " and I would like to make suggest (if it's not implemented) that username requests get rejected if they do not match the regular expression. An error message (with a custom phrase) to let the users know what went wrong would be very nice too!

Thanks!

[King Kovifor]

Quote:

Originally Posted by Kalina

Just a suggestion, if possible, it would make it better if we could set a limit in the admin for how often a user can request a name change, I have some doing it weekly, I'd like a way to prevent it so I don't have to check and see if they requested already then explain why they can't.

That is being implemented for the next version.

Quote:

Originally Posted by Kiros72

I actually have a question of my own...

Does this modification check against the regular expression set in the User Registration Options? Because I have mine set to " ^[A-Z]{3,}[A-Z0-9 \.\-\_\']+$ " and I would like to make suggest (if it's not implemented) that username requests get rejected if they do not match the regular expression. An error message (with a custom phrase) to let the users know what went wrong would be very nice too!

Thanks!

That should be done. THe function I use is from vB and I think it is how they check new users against everything.

[Dannyloski]

Is this Hack affected by the Security Token added in the vB 3.6.10 Release? I'm making a list of all the Hacks I have installed and will stop working when I go ahead and upgrade, so that I know which need to be edited and fixed. Please let me know ... Thanks ...

[DssCrazy]

Quote:

Originally Posted by King Kovifor

That is being implemented for the next version.



That should be done. THe function I use is from vB and I think it is how they check new users against everything.

When will the new Release be here?

[Spinball]

Quote:

Originally Posted by Kalina

Just a suggestion, if possible, it would make it better if we could set a limit in the admin for how often a user can request a name change, I have some doing it weekly, I'd like a way to prevent it so I don't have to check and see if they requested already then explain why they can't.

Yeah, we had to infract someone for makeing about 10 requests in a week.

[King Kovifor]

Quote:

Originally Posted by Dannyloski

Is this Hack affected by the Security Token added in the vB 3.6.10 Release? I'm making a list of all the Hacks I have installed and will stop working when I go ahead and upgrade, so that I know which need to be edited and fixed. Please let me know ... Thanks ...

Most likely. I haven't had time to confirm since I have 3.7.x installed. I will see about giving an update.

Quote:

Originally Posted by DssCrazy

When will the new Release be here?

If it is affected by the CSRF flaw I will release one by the end of this week. The next major is being restarted cause I have no idea what I was doing and is going to be for 3.7.0

Quote:

Originally Posted by Spinball

Yeah, we had to infract someone for makeing about 10 requests in a week.

Yeah. I had that feature working but will get it working again.

[Dannyloski]

King Kovifor, yeah I can confirm that it is in fact affected by the new Security Token on 3.6.10 and 3.7.0 RC4 ... Its a really easy fix though (see below) ...

In the modifyusername template FIND:

Code:

<form action="profile.php?do=submitrequest" method="post">

BELOW that line add:

Code:

<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />

That's it! I did that and now its working like a charm again. So for those who need this Quick Fix until the New Version is released, there it is ...

[King Kovifor]

Quote:

Originally Posted by Dannyloski

King Kovifor, yeah I can confirm that it is in fact affected by the new Security Token on 3.6.10 and 3.7.0 RC4 ... Its a really easy fix though (see below) ...

In the modifyusername template FIND:

Code:

<form action="profile.php?do=submitrequest" method="post">

BELOW that line add:

Code:

<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />

That's it! I did that and now its working like a charm again. So for those who need this Quick Fix until the New Version is released, there it is ...

Thanks. I should release a 1.0.9 including this fix later tonight (I assumed this would be affected but couldn't test it).