vBcustompage 1.0

vBcustomPage
Version 1.0 | A hack by Velocd :ninja:


Update - 7/27/02 - Bug fix

I accidentally forgot to add the instructions on how to allow the admin to modify the custom page name and content via ACP.

Please refer to the 7-27-02fix.txt for instructions on how to fix it.



What does this hack do?

This integrated vB add-on will allow your users to have their own custom page built on simple HTML. In addition, the admin can specifiy a minimum post count that all users must achieve before they are allowed the creation of a custom page.


Why is it useful?
More creativity and ways for the users to express themselves on your forum. Users who do not match the postcount needed to create custom pages will want to post more in order to get it. Ofcourse this isn't going to happen just because it's written here, but the possibilities are unknown until you try it out.


Features:

• Via the ACP users page, the admin can toggle whether a member is allowed to use custom pages.
• Via the ACP users page, the admin can also modify the users custom page name, and also the content.
• Javascript code filter + offensive language block
• The name of your custom page will show up in the title bar of your custom page (big wow, I know )
• ..more creativity for your users!

WARNINGS:
As with HTML in posts and signatures, the vulnerabilities of allowing your members to create pages using HTML could be risky. Please moderate your member custom pages (view the source) on a daily basis, insuring that no malicious code is hidden away somewhere.


Screenshots?
Screenshots are included in the zip.

Bugs?
None that I know of, but if you find any please let me know!



-----------------------------------------

Attached is the hack zip. If you use this hack on your forum, please click the install!

Suggestions and comments are always welcomed

[DemiNeo0101]

thanks hellsatan.

[Chris M]

Np...

Satan

[LouChipher]

a big hole - css etc...

can somebody code a blacklist for the html code? so you can lock abject html code...

[DemiNeo0101]

Quote:

Originally posted by Lionel
I get a blank page when I click on the link in profile.

$userinfo[custompage] returns empty, but the info is in the database

i get the same exact thing. I have that getinfo_custompage template and i ran the mysql querys.

im useing vb 2.2.6

[Chris M]

Thats strange...

I am running vB 2.2.6 and everything is running fine...

Satan

[ripman]

Mayby it would be good make something more than simple page - eg. everyone can make his own webpage - but the full one, including :

-Hiperlinks to other private pages within one account
-Images upload
-Without forum's includes (logo,buttons,etc)

What do you think about that ?

[Chris M]

Hmm...

Good, except for 2 things...

Images uploads - How do we know they wont upload p*rn?

Without forum includes - how will internet niave members get back to the forum easily?

Satan

[Point Blank]

Very nice hack. I will be using this in the future.

[ripman]

Hmmmmmm - I've removed that part of code but the problem's still there :surprised:

------member.php--------

PHP Code:

// ############################### start modify custompage by Velocd ###############################
if ($action=="custompage") {
  $templatesused = 'error_nopermission_custompage,error_nopermission_customposts,usercpnav,modifycustompage_bit,modifycustompage';
  include("./global.php");
  // do modify profile form

  /* ODKOMENTOWAC JESLI STRONU PRYWATNE MAJA BYC TYLKO WIDOCZNE DLA ZAREJESTROWANYCH
  if ($bbuserinfo[userid]==0) {
    show_nopermission();
  }
  */
  

  if ($bbuserinfo[posts]<1) {
      eval("standarderror(\"".gettemplate("error_nopermission_customposts")."\");");
  }

  if ($bbuserinfo[enablecustompage] == 0) {
      eval("standarderror(\"".gettemplate("error_nopermission_custompage")."\");");
  }

  // draw cp nav bar
  $cpnav[1]="{secondaltcolor}";
  $cpnav[2]="{secondaltcolor}";
  $cpnav[3]="{secondaltcolor}";
  $cpnav[4]="{secondaltcolor}";
  $cpnav[5]="{secondaltcolor}";
  $cpnav[6]="{secondaltcolor}";
  $cpnav[7]="{secondaltcolor}";
  $cpnav[8]="{firstaltcolor}";
    $cpmenu[8]="class=\"fjsel\" selected";
  eval("\$cpnav = \"".gettemplate("usercpnav")."\";");

  eval("\$custompagebit = \"".gettemplate("modifycustompage_bit")."\";");


  $custompage=htmlspecialchars($bbuserinfo[custompage]);

  eval("dooutput(\"".gettemplate("modifycustompage")."\");");
}


  // ############################### start update custompage by Velocd ###############################
  if ($HTTP_POST_VARS['action']=="updatecustom") {
    $templatesused = 'redirect_updatethanks';
    include("./global.php");

    /* ODKOMENTOWAC JESLI STRONU PRYWATNE MAJA BYC TYLKO WIDOCZNE DLA ZAREJESTROWANYCH
    if ($bbuserinfo[userid]==0) {
      show_nopermission();
    }
    */

    $custompage = censortext($custompage);
    $custompagename = censortext($custompagename);

    $DB_site->query("UPDATE user SET custompage='".addslashes($custompage)."', custompagename='".addslashes($custompagename)."' WHERE userid='$bbuserinfo[userid]'");

    eval("standardredirect(\"".gettemplate("redirect_updatethanks")."\",\"usercp.php?s=$session[sessionhash]\");");

} 


------------------------------

[ripman]

Quote:

Originally posted by hellsatan
Hmm...

Good, except for 2 things...

Images uploads - How do we know they wont upload p*rn?

Without forum includes - how will internet niave members get back to the forum easily?

Satan

Hmm :
1. Image upload after X posts - that should prevent most people from "chating"

2. I ment that includes should be very small like a table with a theme chosen by user

3. One more thing. Every user can have pre-installed web page like.

Quote:

Hello, I'M $username. I live in $location ... etc )

P.S I could write that hack but I'm new @ VB so knowing PHP is not enought :P