The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vBPlaza / vBux 1.6.0 (with security fixes) Details »» | |||||||||||||||||||||||||||
vBPlaza / vBux 1.6.0 (with security fixes)
Developer Last Online: Feb 2008
Edit: The staff who examined this has found that not all exploits detailed to the original author have been fixed in this version, plus permission was not obtained from the original author for this release, so therefore we have no alternative but to remove it again.
vbBux / vbPlaza v1.6.0 originally by CMX updated by eXtremeTim v1.5.7 AND HIGHER are now compatible with vBulletin v3.5.x and v3.6.x Welcome to the largest points/store system for vBulletin! READ THE ENTIRE POST AGAIN AS THERE HAVE BEEN CHANGES SINCE THE CONVERSION TO vbBux / vbPlaza!! Credits: MrZeropage for ibProArcade Support, John for v3 Arcade Support, Caimakale for various additions including ribbons and his other addons for vbPlaza, defi for the addon for Paypal Subscriptions. Now with 135 Options for purchasing at your forums and this is still rising folks! NOTE: As of this version, there is a Template Patcher helper inside the Admin CP. Admin CP -> vbPlaza Maintenance -> Auto Patch Templates, when you run this the first time, it will just list the changes that it has found/not found. If you press Attempt Auto Patches, it will modify the template changes it has found only. It will also modify all styles for your forums. I have tested this on all 3 of my licensed vBulletin production websites and the patches all worked great. UPDATED MUST READ NOTES: 1) RE-READ THE UPGRADING OR NEW INSTALLATION INSTRUCTIONS AS THEY HAVE CHANGED FROM THE PREVIOUS VERSIONS!! 2) IF UPGRADING FROM A PREVIOUS VERSION OF eBux / eStore. YOU MUST INSTALL THIS ONE FIRST TO SAVE YOUR SETTINGS. (BUT YOU WOULD KNOW THIS IF YOU READ THE UPGRADING INSTRUCTIONS!! DONT SAY I DIDNT WARN YOU!!) Features List: This section has been moved due to its length. Look in the file included insize the zip named features.txt. Release Notes: This section will only show the most recent changes. For the rest of the changes, look in the file included inside the zip named changes.txt. NOTE: If you want ibProArcade, v3 Arcade or vBookie integration now, you'll have to install the appropriate Addon included in the download. The reason for these parts being packaged as Addons, is to make the install a little smaller for users who do not have an Arcade, and because both Arcades cant be installed simultaneously as well. So it saves space only installing the one that you currently have. v1.5.8 Updates: 1) Bugfix: Quick editing a post with BB Codes, modified the post directly instead of modifying a copy. 2) Bugfix: Some phrases fixed. 3) Bugfix: TABLEPREFIX bug has been fixed. 4) Bugfix: Addon Product XML sheets do not have executionorder in them anymore for vB 3.5 compatibility. Database Backups Recommended! Although I have upgraded 3 forums with this script already, it IS recommended that you backup your database before installing this product!! Upgrading Instructions: NOTE: THESE INSTRUCTIONS ARE FOR UPGRADING IF YOU HAD A PREVIOUS VERSION OF eBux / eStore INSTALLED!! 1) DO NOT UNINSTALL eBux / eStore (UNLESS YOU WANT TO LOSE ANY AND ALL SETTINGS.) 2) Reupload all of the files in the upload folder to your forum's root folder. Make sure that all files are being overwritten. Do not move on to the next step until all files are transferred successfully! NOTE: It could take a long time to install if you have a lot of registered users, be PATIENT! It should display the messages as it goes along to let you know that it IS working. 3) After finished with step 2!! Reimport the product-vbbuxplaza.xml file via Admin CP -> Plugin System -> Manage Products -> Add/Import Product. Make sure that Allow Overwrite is set to YES. 4) Refresh the Admin CP and you will see all of the vbBux / vbPlaza Admin CP features at the top. 5) UNINSTALL THE OLD eBux / eStore NOW!! Go to Admin CP -> Plugin System -> Manage Products -> eBux / eStore -> Uninstall. 6) You can delete all files/folders that have the word estore or elottery in them from the FTP as well. 7) You will need to redo the template edits listed below as almost all of them have changed since the previous eBux / eStore. If upgrading from a previous version of vbBux / vbPlaza follow these instructions: 1) Reupload all of the files in the upload folder to your forum's root folder. Make sure that all files are being overwritten. Do not move on to the next step until all files are transferred successfully! 2) After finished with step 2!! Reimport the product-vbbuxplaza.xml file via Admin CP -> Manage Products -> Add/Import Product. Make sure that Allow Overwrite is set to YES. 3) Refresh the Admin CP and get to checking your settings! NOTE: You will be happy know that NO templates have been updated from v1.5.0 to v1.5.2! New Installation Instructions: 1) Upload all of the files/folders in the UPLOAD folder to your forum's root folder. 2) Import the product-vbbuxplaza.xml via Admin CP -> Manage Products -> Add/Import Product. NOTE: It could take a long time to install if you have a lot of registered users, be PATIENT! It should display the messages as it goes along to let you know that it IS working. 3) Refresh the Admin CP and start setting up your settings! 4) You will need to do all of the template edits listed below as well. Template Edits: A) Inside templates 'postbit' AND 'postbit_legacy': Find: Code: HTML Code:
<div id="postmenu_$post[postid]">
Code: HTML Code:
<!-- vbPlaza start --> <div id="postmenu_$post[postid]" <if condition="$post['namestyle']">style="$post[namestyle]"</if>> <!-- vbPlaza end --> Code: HTML Code:
<if condition="$post['usertitle']"><div class="smallfont">$post[usertitle]</div></if> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$post['usertitle']"><div class="smallfont" <if condition="$post['titlestyle']">style="$post[titlestyle]"</if>>$post[usertitle]</div></if> <!-- vbPlaza end --> Code: HTML Code:
$vbphrase[posts]: $post[posts] Code: HTML Code:
$vbphrase[posts]: $post[posts] <!-- vbPlaza start --> <if condition="$show['pointsinpostbit']"><br /> $vbphrase[vbbux_points]: $post[points]<br /> $vbphrase[vbbux_bank]: $post[bank]<br /> <phrase 1="$vbphrase[vbbux_points]">$vbphrase[vbbux_total_points]</phrase>: $post[totalpoints]<br /> <a href="vbplaza.php?do=donate&userid=$post[userid]">$vbphrase[vbplaza_donate]</a><br /> </if> <!-- vbPlaza end --> Code: HTML Code:
<div>$post[icqicon] $post[aimicon] $post[msnicon] $post[yahooicon] $post[skypeicon]</div> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$post['giftsdisplay']"><div class="smallfont">$post[giftsdisplay]</div></if> <if condition="$post['ribbonsdisplay']"><div class="smallfont">$post[ribbonsdisplay]</div></if> <!-- vbPlaza end --> Find: Code: HTML Code:
<td class="vbmenu_control"><a href="calendar.php$session[sessionurl_q]">$vbphrase[calendar]</a></td> <if condition="$show['popups']"> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$show['member']"> <if condition="$vboptions['vbplaza_enabled']"><td id="vbplazamenu" class="vbmenu_control"><a href="$show[nojs_link]#vbplazamenu">$vbphrase[vbplaza_name] $vbphrase[vbplaza_menu]</a> <script type="text/javascript"> vbmenu_register("vbplazamenu"); </script></td></if> </if> <!-- vbPlaza end --> Code: HTML Code:
<!-- / NAVBAR POPUP MENUS -->
Code: HTML Code:
<!-- vbPlaza start --> <if condition="$show['member']"> <!-- vbplaza tools menu --> <div class="vbmenu_popup" id="vbplazamenu_menu" style="display:none"> <table cellpadding="4" cellspacing="1" border="0"> <tr><td class="thead"><a href="vbplaza.php?$session[sessionurl]">$vbphrase[vbplaza_name] $vbphrase[vbplaza_main]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=48">$vbphrase[vbplaza_lottery]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=27">$vbphrase[vbplaza_give_gifts]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=118">$vbphrase[vbplaza_give_ribbons]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=13">$vbphrase[vbbux_bank]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=7">$vbphrase[vbplaza_donate]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=16">$vbphrase[vbplaza_thief]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=richestusers">$vbphrase[vbbux_richest_users]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=userhistory">$vbphrase[vbplaza_history]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=mostsold">$vbphrase[vbplaza_most_sold]</a></td></tr> <if condition="is_member_of($vbulletin->userinfo, $vboptions['vbplaza_adminusergroups'])"> <tr><td class="thead">$vbphrase[vbplaza_admin_only]</a></td></tr> <tr><td class="vbmenu_option"><a href="vbplaza.php?$session[sessionurl]do=action&itemid=12">$vbphrase[vbplaza_admin_donate]</a></td></tr> </if> </table> </div> <!-- / vbplaza tools menu --> </if> <!-- vbPlaza end --> Find: Code: HTML Code:
<div class="bigusername">$userinfo[musername] $userinfo[onlinestatus]</div> Code: HTML Code:
<!-- vbPlaza start --> <div class="bigusername" <if condition="$userinfo['namestyle']">style="$userinfo[namestyle]"</if>>$userinfo[musername] $userinfo[onlinestatus]</div> <!-- vbPlaza end --> Code: HTML Code:
<if condition="$userinfo['usertitle']"><div class="smallfont">$userinfo[usertitle]</div></if> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$userinfo['usertitle']"><div class="smallfont" <if condition="$userinfo['titlestyle']">style="$userinfo[titlestyle]"</if>>$userinfo[usertitle]</div></if> <!-- vbPlaza end --> Code: HTML Code:
<if condition="$vboptions['usereferrer']">
Code: HTML Code:
<!-- vbPlaza start --> <if condition="$vboptions['vbbux_enabled']">$show[vbbuxuserinfo]</if> <if condition="$show['gifts']">$show[gifts]</if> <if condition="$show['ribbons']">$show[ribbons]</if> <!-- vbPlaza end --> Find: Code: HTML Code:
<div><phrase 1="$htmlcodeon">$vbphrase[html_code_is_x]</phrase></div> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$vboptions['vbbux_enabled']"> <if condition="!$show['codeonly']"> <hr /> <div><phrase 1="$vbphrase[vbbux_points]" 2="$foruminfo[points_perview]">$vbphrase[vbbux_points_perview]</phrase></div> <div><phrase 1="$vbphrase[vbbux_points]" 2="$foruminfo[points_perthread]">$vbphrase[vbbux_points_perthread]</phrase></div> <div><phrase 1="$vbphrase[vbbux_points]" 2="$foruminfo[points_perreply]">$vbphrase[vbbux_points_perreply]</phrase></div> </if> </if> <!-- vbPlaza end --> Find: Code: HTML Code:
<if condition="$show['avatarlink']">
Code: HTML Code:
<!-- vbPlaza start --> <if condition="$vboptions['vbplaza_enabled']"> <tr> <td class="$navclass[vbplaza]" nowrap="nowrap"><a class="smallfont" href="vbplaza.php?$session[sessionurl]do=editvbpoptions"><phrase 1="$vbphrase[vbplaza_name]">$vbphrase[edit_vbplaza_options]</phrase></a></td> </tr> </if> <!-- vbPlaza end --> Find: Code: HTML Code:
$thread[title_editable]
<div>
Code: HTML Code:
<!-- vbPlaza start --> $thread[title_editable] <div <if condition="$thread['titlestyle']">style="$thread[titlestyle]"</if>> <!-- vbPlaza end --> Next Find: Code: HTML Code:
<if condition="$show['gotonewpost']"> <strong><a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]">$thread[threadtitle]</a></strong> <else /> <a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]">$thread[threadtitle]</a> </if> Code: HTML Code:
<!-- vbPlaza start --> <if condition="$show['gotonewpost']"> <strong><a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]" <if condition="$thread['titlestyle']">style="$thread[titlestyle]"</if>>$thread[threadtitle]</a></strong> <else /> <a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]" <if condition="$thread['titlestyle']">style="$thread[titlestyle]"</if>>$thread[threadtitle]</a> </if> <!-- vbPlaza end --> Next Find: Code: HTML Code:
<a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]"<if condition="$show['gotonewpost']"> style="font-weight:bold"</if>>$thread[threadtitle]</a> Code: HTML Code:
<a href="showthread.php?$session[sessionurl]t=$thread[threadid]$thread[highlight]" id="thread_title_$thread[realthreadid]"<if condition="$thread['titlestyle']">style="$thread[titlestyle]"</if>>$thread[threadtitle]</a> G): Inside template 'memberlist_resultsbit': Code: HTML Code:
<a href="member.php?$session[sessionurl]u=$userinfo[userid]">$userinfo[musername]</a> <if condition="$show['usertitlecol']"><div class="smallfont">$userinfo[usertitle]</div></if> Code: HTML Code:
<!-- vbPlaza start --> <div <if condition="$userinfo['namestyle']">style="$userinfo[namestyle]"</if>><a href="member.php?$session[sessionurl]u=$userinfo[userid]" <if condition="$userinfo['namestyle']">style="$userinfo[namestyle]"</if>>$userinfo[musername]</a></div> <if condition="$show['usertitlecol']"><div class="smallfont" <if condition="$userinfo['titlestyle']">style="$userinfo[titlestyle]"</if>>$userinfo[usertitle]</div></if> <!-- vbPlaza end --> I will be supporting this over at my site as well as here and for now I will continue to update it and improve on it. CMX if you do show up please contact me so we can work out arrangements and possible see about joining teams to continue the development on vbplaza / vbux. I am not perfect so please if I missed any security exploits that I overlooked in the reading of this mass amt of code please report them via pm and not via the thread. Show Your Support
|
Comments |
#2
|
|||
|
|||
Hooray!
|
#3
|
|||
|
|||
Reserved
Report any bugs you find with the system so that i can finish fixing 3.6.5 compatibility issues. Special characters are broken for now till I have time to fix the security exploits in a manor to not break them. |
#4
|
||||
|
||||
Wow .. 1st install
Well done Tim .. great achievement if it now works as originally designed. |
#5
|
|||
|
|||
I just want to state for the record that I will be maintaining this hack since the original author is nowhere to be found and unreachable.
|
#6
|
|||
|
|||
Wow you will be L O V E D lol
|
#7
|
|||
|
|||
With 1.5.8, do you want to fix Security Hole?+
OK. This is everything you need to do: Go to your vbplaza folder, find occurrences of the following: includes/function_vbplaza.php Just changes the the php function with vb's own cleaning class. includes/function_vbplaza.php(line 152) Code:
$message = strip_tags($message); Code:
$message = $vbulletin->input->clean($message, TYPE_NOHTML); vbplaza/action.admindonate.php (line 133) Code:
$action['reason'] = strip_tags($action['reason']); Code:
$action['reason'] = $vbulletin->input->clean($action['reason'], TYPE_NOHTML); vbplaza/action.changeotherusertitle.php (line 136) Code:
$newusertitle_stripped = strip_tags($newusertitle); Code:
$newusertitle_stripped = $vbulletin->input->clean($newusertitle, TYPE_NOHTML); vbplaza/action.changeusertitle.php (line 87) Code:
$newusertitle_stripped = strip_tags($newusertitle); Code:
$newusertitle_stripped = $vbulletin->input->clean($newusertitle, TYPE_NOHTML); vbplaza/action.donate.php (line 164) Code:
$action['reason'] = strip_tags($action['reason']); Code:
$action['reason'] = $vbulletin->input->clean($action['reason'], TYPE_NOHTML); vbplaza/action.gift.php (line 209) Code:
$action['giftmessage'] = strip_tags($action['giftmessage']); Code:
$action['giftmessage'] = $vbulletin->input->clean($action['giftmessage'], TYPE_NOHTML); vbplaza/action.ribbons.php (line 218) Code:
$action['ribbonmessage'] = strip_tags($action['ribbonmessage']); Code:
$action['ribbonmessage'] = $vbulletin->input->clean($action['ribbonmessage'], TYPE_NOHTML); |
#8
|
|||
|
|||
hey awesome work, been waiting for ages for this. its great to see it is supported! Thanks.
|
#9
|
|||
|
|||
i will be releasing an update shortly
|
#10
|
|||
|
|||
Do you have much planned as in new features or will you just be maintaining this?
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|