Miscellaneous Hacks - CES Parser Permissions

CES Parser Permissions
vBulletin 3.6.x, 3.7.x, 3.8.x, 4.0.x supported
Version: 2.2.3

If you encounter what you think may be a bug, please include your vBulletin version number when reporting it, since code and fixes differ greatly from 3.6.4 - 3.8.x.

*** NEWS ***
11/8/2010 - 2.2.3 released
5/15/2010 - 2.2.2 released
4/12/2009 - 3.6.x thread separated

Known Issues:
- If you are using the Advanced BB-Code Permissions hack, conflicts can arise when profile fields are parsed in the postbit, causing nothing be parsed. The fix is described here: https://vborg.vbsupport.ru/showthread.php?p=1252480

What It Does:
Allows you to grant only certain usergroups the ability to use HTML, BB-code, smilies, and IMG-code in their profile fields, posts, PMs, and in Project Tools.

Mod Features:
- parse profile fields on user profiles using Usergroup Permissions
- parse profile fields in postbits using Usergroup Permissions
- parse posts using Usergroup Permissions
- parse calendar events using Usergroup Permissions
- parse private messages using Usergroup Permissions
- parse Project Tools issues and replies using Usergroup Permissions
- parse Social Messages and usernotes using Usergroup Permissions
- complete Forum Rules integration
- disallow certain HTML tags

Products to Install: 1
Files to Upload: 3
Files to Edit: 0
Template Edits: 0

*** Changelog ***
As of Version 2.2.3

• non-forum messages don't parse
• poll options don't parse

As of Version 2.2.2

• several bug fixes
• compatible with VaultWiki 2.5.7 PL 1 & 3.0.0 RC 3

* This mod is offered for free here. Please donate if you like this mod *

[Sychev_S]

I get it on the profile page. Version of vb is 3.6.4
There is a possibility that it might be conflicting with psionic vision's interactive profiles, but I am not sure. When that hack is on, it givers me 8+ strings of above mentione error in the same profile, when I turn it off it gives me only one.
Plus for some reasons it varies from profiel to profile, on some profiles I do not get error at all...

[BlackNovaYZFR1]

After my upgrade to 1.2.7, I started getting random bbcode disables within threads. User would randomly have their bbcodes disabled within threads. The thing I found to fix this is to put

Code:

$this->set_parse_userinfo($userinfo, $userinfo['permissions']);

at the end of the

Code:

if (THIS_SCRIPT != 'member')

block. Is this proper?

BTW, the version number is still 1.2.6 in the file.

[thincom2000]

The fact that you were getting that error was probably a result of the version number not being updated, so none of the plugins were replaced with the new versions.

I will be uploading a new file with a little cleaner code and that fixed a bug in the new plugin code that wasn't installed anyway thanks to the version number.

[thincom2000]

Quote:

Originally Posted by Sychev_S

I get it on the profile page. Version of vb is 3.6.4
There is a possibility that it might be conflicting with psionic vision's interactive profiles, but I am not sure. When that hack is on, it givers me 8+ strings of above mentione error in the same profile, when I turn it off it gives me only one.
Plus for some reasons it varies from profiel to profile, on some profiles I do not get error at all...

You are probably right about the conflict since this has already had conflicts with other hacks. If PV's Interactive Profiles is a free hack I will look into this later.

EDIT: Apparently the fix I wrote way back for what I think may have been a conflict with this same hack was broken somewhere along the line. I have fixed the fix. Let me know if you still get this error.

[BlackNovaYZFR1]

I've had to make some modifications to get the member and private scripts to display properly:

Code:

global $vbulletin;

if (THIS_SCRIPT == 'private')
{
	$tempuser=fetch_userinfo($pm['fromuserid']);
	$tempuser['permissions'] = cache_permissions($tempuser);
	$check_ugp = convert_bits_to_array($tempuser['permissions']['ces_parser_permissions'], $vbulletin->bf_ugp['ces_parser_permissions']);
}
elseif (THIS_SCRIPT != 'member')
{
	global $newpost, $postinfo, $post;

	// newthread, newreply uses $newpost
	// editpost uses $postinfo
	// showthread uses $post

	$postusername = '';

	if (THIS_SCRIPT == 'editpost')
	{
		$postusername = $postinfo['username'];
	}

	if (in_array(THIS_SCRIPT, array('newreply', 'newthread')))
	{
		$post = $newpost;

		if ($post['username'] AND ($vbulletin->userinfo['username'] != $post['username']))
		{
			$postusername = $post['username'];
		}
	}

	if (!$post['usergroupid'] AND $postusername != '')
	{
		$userinfo = $vbulletin->db->query_first("
			SELECT userid, usergroupid, membergroupids 
			FROM " . TABLE_PREFIX . "user
			WHERE username = '" . $vbulletin->db->escape_string($postusername) . "'
		");

		if (empty($post['permissions']))
		{
			$grab = true;
		}
		else
		{
			$userinfo['permissions'] = $post['permissions'];
		}
	}
	else if (($post['usergroupid'] > 0))
	{
		$userinfo['userid'] = $post['userid'];
		$userinfo['usergroupid'] = $post['usergroupid'];
		$userinfo['membergroupids'] = $post['membergroupids'];

		if (empty($post['permissions']))
		{
			$grab = true;
		}
		else
		{
			$userinfo['permissions'] = $post['permissions'];
		}
	}
	else if (in_array(THIS_SCRIPT, array('newreply', 'newthread')))
	{
		$userinfo['userid'] = $vbulletin->userinfo['userid'];
		$userinfo['usergroupid'] = $vbulletin->userinfo['usergroupid'];
		$userinfo['membergroupids'] = $vbulletin->userinfo['membergroupids'];

		if (empty($vbulletin->userinfo['permissions']))
		{
			$grab = true;
		}
		else if (empty($userinfo['permissions']))
		{
			$userinfo['permissions'] = $vbulletin->userinfo['permissions'];
		}
	}

	if ($grab)
	{
		$userinfo['permissions'] = cache_permissions($userinfo);
	}


	if ($this->parse_userinfo['permissions'] != $userinfo['permissions'])
	{
		$this->set_parse_userinfo($userinfo, $userinfo['permissions']);
	}

	$check_ugp = convert_bits_to_array($this->parse_userinfo['permissions']['ces_parser_permissions'], $vbulletin->bf_ugp['ces_parser_permissions']);
} else {
	$tempuser=fetch_userinfo($vbulletin->GPC['userid']);
	$tempuser['permissions'] = cache_permissions($tempuser);
	$check_ugp = convert_bits_to_array($tempuser['permissions']['ces_parser_permissions'], $vbulletin->bf_ugp['ces_parser_permissions']);
}
$bad_tags = explode(',', $vbulletin->options['bad_tags']);

$dobbcode = $do_bbcode ? $do_bbcode : $dobbcode;
$dosmilies = $do_smilies ? $do_smilies : $dosmilies;
$dobbimagecode = $do_smilies ? $do_bbimagecode : $dobbimagecode;
$dohtml = $do_html ? $do_html : $dohtml;

$dobbcode = ($check_ugp['can_bbcode_post'] AND $dobbcode);
$dosmilies = ($check_ugp['can_smilies_post'] AND $dosmilies);
$dobbimagecode = ($check_ugp['can_imgcode_post'] AND $dobbimagecode);

$do_bbcode =& $dobbcode;
$do_smilies =& $dosmilies;
$do_bbimagecode =& $dobbimagecode;
$do_html =& $dohtml;

if ($check_ugp['can_html_post'] AND $do_html)
{
	$do_html = true;
	foreach ($bad_tags AS $badtag)
	{
		$badtag = html_entity_decode($badtag);
		$text = str_replace( '<' . trim($badtag), htmlspecialchars('<' . trim($badtag)), $text);
		$text = str_replace( '</' . trim($badtag), htmlspecialchars('</' . trim($badtag)), $text);
	}
	unset($badtag, $badtags);
}
else
{
	$do_html = false;
}

I'm not sure that this is entirely correct, but it's a start for me.

[thincom2000]

Thanks for the PM bit, I completely forgot about that, although I think I would add another permissions set to make the hack a little more flexible there.

Did you find that it was necessary to add the permissions on the member page or did you do that for the sake of completeness? In my case I had not had any problems with the original code for permissions on member.php.

[BlackNovaYZFR1]

Quote:

Originally Posted by thincom2000

Thanks for the PM bit, I completely forgot about that, although I think I would add another permissions set to make the hack a little more flexible there.

Did you find that it was necessary to add the permissions on the member page or did you do that for the sake of completeness? In my case I had not had any problems with the original code for permissions on member.php.

The member script gave me a bunch of invalid eval()'s, I don't have the exact error messages anymore, sorry. I think it was looking at the fields at the time.

[BlackNovaYZFR1]

Actually, I was able to find the error:

Code:

( ! ) Parse error: syntax error, unexpected '"' in /usr/www/sites/www.parrotforums.com/member.php(607) : eval()'d code on line 28Call Stack#TimeMemoryFunctionLocation10.0122786432{main }( )../member.php:0


( ! ) Parse error: syntax error, unexpected '"' in /usr/www/sites/www.parrotforums.com/member.php(607) : eval()'d code on line 28Call Stack#TimeMemoryFunctionLocation10.0122786432{main }( )../member.php:0


( ! ) Parse error: syntax error, unexpected '"' in /usr/www/sites/www.parrotforums.com/member.php(607) : eval()'d code on line 28Call Stack#TimeMemoryFunctionLocation10.0122786432{main }( )../member.php:0


( ! ) Parse error: syntax error, unexpected '"' in /usr/www/sites/www.parrotforums.com/member.php(607) : eval()'d code on line 28Call Stack#TimeMemoryFunctionLocation10.0122786432{main }( )../member.php:0


( ! ) Parse error: syntax error, unexpected '"' in /usr/www/sites/www.parrotforums.com/member.php(607) : eval()'d code on line 28Call Stack#TimeMemoryFunctionLocation10.0122786432{main }( )../member.php:0

[thincom2000]

Sounds like I overlooked something before the eval()s. When I get back home I'll look into this.

UPDATE: The next build will be 1.3.0 and will include the eval() fix, as well as have the added permissions for PMs (the code is a bit simpler than BlackNova posted above).

let me know if there's anything else I should include since this is a major (feature) update.

[Sychev_S]

I get this error:

Quote:

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77

Parse error: syntax error, unexpected '"' in /home/talkint/public_html/testboard/forums/member.php(595) : eval()'d code on line 77