Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases

Reply
 
Thread Tools
Details »»

Version: , by Stasik Stasik is offline
Developer Last Online: May 2009 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 06-25-2001 Last Update: Never Installs: 31
 
No support by the author.

Hi.... it is my first hack - phpProbe
here is it... it was tested under vbb2x RC2 and phpMyChat 0.14.4

News:
Updated on 19.07.01
- FAQ has been add

Updated on 18.07.01
The hack is compatible with version 0.14.5 of phpMyChat
- there is some javaScript code there, so the hack will not work with browsers without JS support (phpMyChat will not work with these browsers too )
- the Exit link in chat works ok now

Hack:
Step 1:
open /lib/index.lib.php3 in yours phpMyChat Derictory
find:
PHP Code:
// Fix some security holes 
replace it with
PHP Code:
//a VBB integration hack by Stasik (stasik@t-online.de)
//v0.1
//(C)2001

$exiturl "http://www.blabla.com"// the url the user will be redirected exiting the chat

if($Ver == ""){print "
<HTML>
<SCRIPT TYPE=\"text/javascript\" LANGUAGE=\"javascript\">
    <!--
    var NS4 = (document.layers) ? 1 : 0;
    var IE4 = ((document.all) && (parseInt(navigator.appVersion)>=4)) ? 1 : 0;
    var ver4 = (NS4 || IE4) ? \"H\" : \"L\";
function defineVerField()
    {
        if (document.images && ver4 == 'L')
            document.forms['Params'].elements['Ver'].value = 'M';    // js1.1 enabled browser
        else document.forms['Params'].elements['Ver'].value = ver4;
    }
 -->
</SCRIPT>
<FORM ACTION=\"index.php3\" METHOD=\"POST\" AUTOCOMPLETE=\"OFF\" NAME=\"Params\">
<INPUT TYPE=\"hidden\" NAME=\"Ver\" VALUE=\"L\">
</FORM>
<SCRIPT TYPE=\"text/javascript\" LANGUAGE=\"javascript\">
defineVerField();
document.forms.Params.submit();
</SCRIPT>
</HTML>
"
; exit;}

chdir("/path/to/board/");
require(
"./global.php");
chdir("/path/to/chat/");

if (
$bbuserid == 0

print 
"no"//Message if the user has no cookie
exit; 
}
else
{
if (
$bbusername == "" || (isset($bbusername))==0

$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid"); 
$username=$getusername[username]; 
$bbusername $username
}
else 

$username $bbusername
} }

$U $username;

$pat "[[:space:]]"
$repl ""
$U ereg_replace($pat,$repl,$U); 
$pat ','
$U ereg_replace($pat,$repl,$U); 
stripslashes($U); 

$N 20
$D 10
$Form_Send 1

//Replace admin with your administration nick
if($U != "Admin")
{
$PASSWORD="1";
}

// Fix some security holes 
Step 2:
open /lib/index.lib.php3 in yours phpMyChat Derictory
find:
PHP Code:
$DbLink->query("INSERT INTO ".C_MSG_TBL." VALUES ($EN, '$E', 'SYS exit', '', ".time().", '', 'sprintf(L_EXIT_ROM, \"".special_char($U,$Latin1)."\")')");
        }
    } 
replace it with:
PHP Code:
$DbLink->query("INSERT INTO ".C_MSG_TBL." VALUES ($EN, '$E', 'SYS exit', '', ".time().", '', 'sprintf(L_EXIT_ROM, \"".special_char($U,$Latin1)."\")')");
        }
    }
if(
$exit == "1"){header ("Location: $exiturl"); exit;} 
Step 3:
open /exit.php3 in yours phpMyChat Derictory
find:

PHP Code:
<A HREF="<?php echo("$From?Ver=$Ver&L=$L&U=".urlencode(stripslashes($U))."&E=".urlencode(stripslashes($R))."&EN=$T"); ?>" TARGET="_parent"><?php echo(L_EXIT); ?></A>
replace it with:
PHP Code:
<A HREF="<?php echo("$From?exit=1&Ver=$Ver&L=$L&U=".urlencode(stripslashes($U))."&E=".urlencode(stripslashes($R))."&EN=$T"); ?>" TARGET="_parent"><?php echo(L_EXIT); ?></A>
ENJOY

FAQ:
Q: I`m getting "no" every time.
A: You need to upgrade a cookie option in your VB control panel. Write under: Options->Change Options->[HTTP Headers and output]->Cookie Domain your domainname ONLY (blabla.com).

Q: I`m getting "you need to register" error.
A: Enable chat using for not registered users in your phpMyChat config (/config/config.lib.php3).

Q: I`m getting "wrong password" error.
A: Make shure you have deleted all user accounts in your chat and have only administrative one. If you are logging is as administrator note that you have to enter your password EVERY time you are logging in.

Questions or Bug reports?
Post it here I`ll answer ASAP.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #122  
Old 08-10-2001, 03:45 AM
macom
Guest
 
Posts: n/a
Default

Danke erst mal... ich werde es heute nacht mal testen. Wäre echt cool wenn's funktionieren würde. Melde mich wieder...
Reply With Quote
  #123  
Old 08-10-2001, 12:35 PM
VirtueTech VirtueTech is offline
 
Join Date: Oct 2001
Posts: 189
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

One thing I've noticed with this hack is that it does not integrate the phpMyChat profile with the forums profile. Any future for that?
Reply With Quote
  #124  
Old 08-10-2001, 01:33 PM
Stasik Stasik is offline
 
Join Date: Nov 2001
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, u can link the vbb profile on chat pages.... I think it will be in upgrade...
Reply With Quote
  #125  
Old 08-10-2001, 06:06 PM
macom
Guest
 
Posts: n/a
Default

Hallo nochmal,

habs jetzt probiert... jetzt kommt folgender Fehler:

Fatal error: Call to a member function on a non-object in index.lib.php3 on line 161

Code:
$PREMS = "admin";
if($group == "6"){
$U = $AUTH_USERNAME;
	$DbLink->query("SELECT perms FROM ".C_REG_TBL." WHERE username='$U' LIMIT 1");

	if ($DbLink->num_rows() != 0)

	{

		list($PREMS) = $DbLink->next_record();

	}

	$DbLink->clean_results();
};
Hilfe....
Reply With Quote
  #126  
Old 08-10-2001, 06:51 PM
Stasik Stasik is offline
 
Join Date: Nov 2001
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

du mus alles mit require oder include vorher schieben
Reply With Quote
  #127  
Old 08-10-2001, 06:53 PM
macom
Guest
 
Posts: n/a
Default

?? Sorry aber das verstehe ich jetzt nicht ??
Reply With Quote
  #128  
Old 08-10-2001, 07:03 PM
Stasik Stasik is offline
 
Join Date: Nov 2001
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

try to replace

$PREMS = "admin";
mit

$DbLink->clean_results();
$PREMS = "admin";
Reply With Quote
  #129  
Old 08-10-2001, 07:14 PM
macom
Guest
 
Posts: n/a
Default

Hm, jetzt kommt folgender fehler...

Fatal error: Call to a member function on a non-object in index.lib.php3 on line 158

Code:
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid"); 
$username=$getusername[username]; 
$getusername=$DB_site->query_first("SELECT usergroupid FROM user WHERE userid=$bbuserid"); 
$group=$getusername[usergroupid]; 
$bbusername = $username; 
}
else 
{ 
$username = $bbusername; 
} }

$U = $username;

$DbLink->clean_results(); 
$PREMS = "admin";
if($group == "6"){
$U = $AUTH_USERNAME;
	$DbLink->query("SELECT perms FROM ".C_REG_TBL." WHERE username='$U' LIMIT 1");

	if ($DbLink->num_rows() != 0)

	{

		list($PREMS) = $DbLink->next_record();

	}

	$DbLink->clean_results();
};

$pat = "[[:space:]]"; 
$repl = ""; 
$U = ereg_replace($pat,$repl,$U); 
$pat = ','; 
$U = ereg_replace($pat,$repl,$U); 
stripslashes($U); 

$N = 20; 
$D = 10; 
$Form_Send = 1; 

//Replace admin with your administration nick
//if($U == "xxx")
//{
//$PASSWORD="1";
//}
?? Sorry das ich dich eventuell schon nerve, aber ich habe wirklich fast keine ahnung vom PHP.
Reply With Quote
  #130  
Old 08-10-2001, 07:16 PM
Stasik Stasik is offline
 
Join Date: Nov 2001
Posts: 233
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

aslo

move

require("./${ChatPath}config/config.lib.php3");
require("./${ChatPath}lib/release.lib.php3");
require("./${ChatPath}localization/languages.lib.php3");
require("./${ChatPath}localization/".$L."/localized.chat.php3");
require("./${ChatPath}lib/database/".C_DB_TYPE.".lib.php3");
require("./${ChatPath}lib/clean.lib.php3");
include("./${ChatPath}lib/get_IP.lib.php3");

das alles bevor das hack anfaengt
Reply With Quote
  #131  
Old 08-12-2001, 02:24 PM
mADmAX` mADmAX` is offline
 
Join Date: Dec 2001
Posts: 93
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I upgraded from 2.02 to 2.03 and now I get this when going to index.php3. Any clue? Database error: Invalid SQL: DELETE FROM c_messages WHERE m_time < 997295258
MySQL error: 1146 (Table 'dssmafif_+++++f.c_messages' doesn't exist)
Session halted.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:58 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08354 seconds
  • Memory Usage 2,326KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (6)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (7)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete