The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
PMCrypt - Private Message Encryption Details »»
|
|||||||||||||||||||||||||
Keywords: Private, Message, PM, Encrypt, Encode, Security
Description: Encrypts Private Messages within the MySQL database. Allows for on-the-fly decryption without the need for a shared key. Details: This hack will encrypt sent messages within your MySQL database. No longer will they be viewable in plaintext, thus affording your members a little more security with their private correspondance. Please be aware that this is not a total security solution. This was devised with simplicity as well as security in mind -- such as that the encryption method used is NOT to be assumed "unbreakable" by any stretch of the imagination. The messages are encrypted using a method developed and credited to AITOR SOLOZABAL MERIN by where text is encrypted/decrypted using a simple but powerful XOR method without a known key. Implicitly, the key is defined by the string itself in a character by character way. There are 4 items to compose the unknown key for the character in the algorithim:
This product was developed by request of FGENETICS and DOOGIE88. Installation: 1. Download and import the product-pmcrypt1.1.0.xml file via the Product Manager. 2. Enable the product via the AdminCP (vBulletin Options > Private Message Encryption) 3. ??? 4. Profit Version History: v1.0.0 - Initial Release v1.0.1 - Fixed bug when replying to an encrypted message. v1.1.0 - Fixed issue with reply and preview. Encapsulated encryption within base64_encode(); for storage. Smilies no longer run risk of breaking encryption. * Once enabled, all PM's sent thereafter will be encrypted. This means that should you choose to disable and/or uninstall the product, said PM's will remain encrypted -- rendering them unreadable. * Please note that this modification was developed on a forum with a userbase of 1 (myself). I've tested it for basic functionality but I cannot guarantee functionality or behavior on your forum. So, please -- make backups before installing this product! Show Your Support
|
|||||||||||||||||||||||||
About Developer
DB Changes 
Is in Beta Stage | Comments |
|
#62
05-26-2008, 09:12 PM
|
|||
|
|||
Quote:
If you have only deactivated the hack, you set the sql settings in my script and run the sript. The script will encrypt all pn?s to the right format. I think it?s better if you test it first on a test board.  For me is the script working perfectly.  But make before a database backup from your pmtext table!!! 
|
|
#63
05-27-2008, 05:26 AM
|
|||
|
|||
|
Quote:
for your help Pander23 =) i will check your Script...
|
|
#67
10-10-2008, 01:34 PM
|
|||
|
|||
|
dont function under 3.7.3 PL1
Following mistake when I will open a message... Quote:
|
|
#69
01-10-2009, 09:43 PM
|
|||
|
|||
|
This was functioning for me right up through 3.7.4 but when I upgraded to 3.8.0 it no longer works.
Pander23.... I've been toying with your script, but it won't update the database because of apostrophes (') . They break the sql query if not escaped.
|
|
#70
01-11-2009, 09:26 PM
|
|||
|
|||
|
Okay, I've got this "functioning" enough to decrypt PM's again, but am getting this error:
Parse error: syntax error, unexpected ';' in /public_html/includes/functions_newpost.php(1881) : eval()'d code on line 3 and it doesn't matter if the PM's are encrytped or not (I'm using some test PM's that are not encrypted to test functionality). This highlighted section is the part of the code I'm having a problem with (this is from the .xml file for this add-in). If I remove the ";" at the end of the line it works for unencrypted PM's but not for encrypted PM's. If I leave it there, I get the error stated above: Code:
<plugin active="1" executionorder="5">
<title>PMCrypt :: Decrypt an encrypted reply</title>
<hookname>private_newpm_reply</hookname>
<phpcode><![CDATA[if ($pm['encrypt']){
unset($pm);
if ($pm = $db->query_first_slave("SELECT pm.*, pmtext.* FROM `" . TABLE_PREFIX . "pm` AS pm LEFT JOIN `" . TABLE_PREFIX . "pmtext` AS pmtext ON(`pmtext.pmtextid` = pm.pmtextid) WHERE `pm.userid` = '" . $vbulletin->userinfo['userid'] . "' AND `pm.pmid` = '" . $vbulletin->GPC['pmid'] . "'";)){
// quote reply
$originalposter = fetch_quote_username($pm['fromusername']);
$pm['message'] = encrypt_decrypt(base64_decode($pm['message']));
// allow quotes to remain with an optional request variable
// this will fix a problem with forwarded PMs and replying to them
if ($vbulletin->GPC['stripquote']){
$pagetext = strip_quotes($pm['message']);
}
else{
// this is now the default behavior -- leave quotes, like vB2
$pagetext = $pm['message'];
}
$pagetext = trim(htmlspecialchars_uni($pagetext));
eval('$pm[\'message\'] = "' . fetch_template('newpost_quote', 0, false) . '";');
// work out FW / RE bits
if (preg_match('#^' . preg_quote($vbphrase['forward_prefix'], '#') . '#i', $pm['title'])){
$pm['title'] = substr($pm['title'], strlen($vbphrase['forward_prefix']) + 1);
}
elseif (preg_match('#^' . preg_quote($vbphrase['reply_prefix'], '#') . '#i', $pm['title'])){
$pm['title'] = substr($pm['title'], strlen($vbphrase['reply_prefix']) +1);
}
else{
$pm['title'] = preg_replace('#^[a-z]{2}:#i', '', $pm['title']);
}
$pm['title'] = trim($pm['title']);
if ($vbulletin->GPC['forward']){
$pm['title'] = $vbphrase['forward_prefix'] . " $pm[title]";
$pm['recipients'] = '';
$pm['forward'] = 1;
}
else{
$pm['title'] = $vbphrase['reply_prefix'] . " $pm[title]";
$pm['recipients'] = $pm['fromusername'] . ' ; ';
$pm['forward'] = 0;
}
}
}]]></phpcode>
</plugin>
|
|
#71
01-13-2009, 02:31 AM
|
|||
|
|||
|
More testing shows that when replying to a PM it will quote the encoded message, not the unencoded one.
So, looks like this is broken for 3.8, an possibly earlier (although this worked for me right up through 3.7.4). I see the coder is still active here. Just wish he could update this.... (hint, hint) 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT. The time now is 12:03 PM.