The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Side-effects of Custom Who's Online
Hello,
I paid a freelance programmer to find this solution for me, but since I'm not familiar with vBulletin code I'm a little worried to put his hack live because of potential side effects. The point of the hack was to get who's online to track what people do on non-vB custom scripts. I'm using 3.6.8 Patch 2... here's what I've done: includes/functions.php Line 5,201, commented out the exit; on the print_output function Added this at the top of my custom script, let's call it TEST_SCRIPT.php (my forums are in /forums/ and my script is in a level back so I needed to go this route) PHP Code:
PHP Code:
The part that has me paranoid is commenting out that "exit;". I'm sure it was there for a reason, have I opened up a pandoras box of problems or will I be fine? What are some side effects of not exiting that function right there? Thank you in advance for your support. |
#2
|
||||
|
||||
I've re-read your post a few times and I'm not quite sure I follow it all.
However i'm concerned that your coder needed to change the directory to get his code to work ... so I'd wonder about the quality of the rest. Smacks of the newbie coding I did 8 years ago He also hasn't used internal vB database handling which is simpler but doesn't utilise some of the safeguards vB has provided. Can "getenv(REMOTE_ADDR)" be hacked? Can it be used for an injection? You might want to check that too. |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|