Miscellaneous Hacks - CES Parser Permissions

CES Parser Permissions
vBulletin 3.6.x, 3.7.x, 3.8.x, 4.0.x supported
Version: 2.2.3

If you encounter what you think may be a bug, please include your vBulletin version number when reporting it, since code and fixes differ greatly from 3.6.4 - 3.8.x.

*** NEWS ***
11/8/2010 - 2.2.3 released
5/15/2010 - 2.2.2 released
4/12/2009 - 3.6.x thread separated

Known Issues:
- If you are using the Advanced BB-Code Permissions hack, conflicts can arise when profile fields are parsed in the postbit, causing nothing be parsed. The fix is described here: https://vborg.vbsupport.ru/showthread.php?p=1252480

What It Does:
Allows you to grant only certain usergroups the ability to use HTML, BB-code, smilies, and IMG-code in their profile fields, posts, PMs, and in Project Tools.

Mod Features:
- parse profile fields on user profiles using Usergroup Permissions
- parse profile fields in postbits using Usergroup Permissions
- parse posts using Usergroup Permissions
- parse calendar events using Usergroup Permissions
- parse private messages using Usergroup Permissions
- parse Project Tools issues and replies using Usergroup Permissions
- parse Social Messages and usernotes using Usergroup Permissions
- complete Forum Rules integration
- disallow certain HTML tags

Products to Install: 1
Files to Upload: 3
Files to Edit: 0
Template Edits: 0

*** Changelog ***
As of Version 2.2.3

• non-forum messages don't parse
• poll options don't parse

As of Version 2.2.2

• several bug fixes
• compatible with VaultWiki 2.5.7 PL 1 & 3.0.0 RC 3

* This mod is offered for free here. Please donate if you like this mod *

[thincom2000]

Currently working on including an extremely dangerous [anything] BB-code tag, though the going is rough. When I release the next version I highly recommend only letting the Super-Admin use this tag since it will parse anything.

EDIT: Finished the anything tag. A little more complicated than I thought it would be, and sadly requires a file edit, thanks to the lack of hooks.

The whole purpose of the anything tag was because I desperately needed to use an <if condition> inside a post.

[thincom2000]

Version 1.2.0 released. The new version includes Usergroup Permissions for posting, and a new BB-code tag [anything] (please use responsibly).

EDIT: Version 1.2.1 will include updated Forum Rules.

[zippokid]

I would be infinitely grateful if this were made to work in 3.5.4

[thincom2000]

Unfortunately I do not have a 3.5.x test board. I don't believe any of the hooks are different or that the bitfields have changed, since I have been able to use 3.5.x products no problem (and in fact I used part of a tutorial from 2.x to write the hack). Try editing the product-xml with Notepad and change the dependency to 3.5.

Let me know if you have any problems.

[zippokid]

Hmm i get some mysql table issues when I try. I'm not too experienced with this. I'm not pushing for it or anything, but I'd appreciate it.

[thincom2000]

What are your errors?

[zippokid]

Code:

Database error in vBulletin 3.5.4:

Invalid SQL:

### INSERT QUERY GENERATED BY fetch_query_sql() ###
INSERT INTO plugin
	(`active`, `executionorder`, `title`, `hookname`, `phpcode`, `product`)

VALUES
	('1', '5', 'Parse Profile Fields', 'member_customfields', 'global $check_ugp;\r\n\r\n$userinfo[\'permissions\'] = 
cache_permissions($userinfo);\r\n$check_ugp = 
convert_bits_to_array($userinfo[\'ces_parser_permissions\'], 
$vbulletin->bf_ugp[\'ces_parser_permissions\']);\r\n$bad_tags = explode(\',\', 
$vbulletin->options[\'bad_tags\']);\r\n\r\nif ($check_ugp[\'can_html_profile\'])\r\n{\r\n	
$allowed[\'html\'] = true;\r\n\r\n	foreach ($bad_tags AS $badtag)\r\n	{\r\n		
$profilefield[\'value\'] = str_replace( \'<\' . trim($badtag), htmlspecialchars(\'<\' . 
trim($badtag)), $profilefield[\'value\']);\r\n		$profilefield[\'value\'] = str_replace( \'</\' . 
trim($badtag), htmlspecialchars(\'</\' . trim($badtag)), $profilefield[\'value\']);\r\n	}\r\n	
unset($badtag, $badtags);\r\n}\r\n\r\n$allowed[\'bbcode\'] = 
$check_ugp[\'can_bbcode_profile\'] ? true : false;\r\n$allowed[\'smilies\'] = 
$check_ugp[\'can_smilies_profile\'] ? true : false;\r\n$allowed[\'imgcode\'] = 
$check_ugp[\'can_imgcode_profile\'] ? true : false;\r\n\r\nrequire_once(DIR . 
\'/includes/class_bbcode.php\');\r\n$parser =& new vB_BbCodeParser($vbulletin, 
fetch_tag_list());\r\n$profilefield[\'value\'] = $parser->do_parse($profilefield[\'value\'], 
$allowed[\'html\'], $allowed[\'smilies\'], $allowed[\'bbcode\'], 
$allowed[\'imgcode\']);\r\n\r\neval(\'$profilefield[value] = 
\"$profilefield[value]\";\');\r\n$userinfo[\"$profilefieldname\"] = 
$profilefield[\'value\'];\r\n\r\nunset($check_ugp, $parser, $allowed);', 'ces_html_profile');


MySQL Error  : Unknown column 'executionorder' in 'field list'
Error Number : 1054
Date         : Monday, March 12th 2007 @ 08:18:06 PM
Script       : http://www.site.com/bb/admincp/plugin.php
Referrer     : http://www.site.com/bb/admincp/plugin.php?do=productadd
IP Address   : xx.xx.xx.xx
Username     : admin
Classname    : vB_Database

[thincom2000]

Oh, right. No execution order in those days. Well if that's the only conflict (I hope), it should be a relatively simple conversion... Do you have a test board where you could do some beta-testing of a 3.5.4 version?

[zippokid]

yes i do, i'd be glad to help with that kind of thing.

[YabbaDabba]

Seems like I should be able to block use of the IMG tag by new users, right?

MOST EXCELLENT!!

I will install ASAP.