Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
vBSSO - vBulletin Single Sign-On Details »»
vBSSO - vBulletin Single Sign-On
Version: 1.6.4, by xeagle xeagle is offline
Developer Last Online: Apr 2019 Show Printable Version Email this Page

Category: Add-On Releases - Version: 4.x.x Rating:
Released: 09-17-2011 Last Update: 06-27-2014 Installs: 242
DB Changes Uses Plugins Auto-Templates
Re-useable Code Additional Files  
No support by the author.

vBSSO is a vBulletin plugin that helps you connect to different software platforms like content management systems, blogs, and online stores using a secure Single Sign-On

The system has two components. First, there?s a vBulletin plugin that creates an interface for authenticating, controlling access, and managing user profile data. The second component is plugins for other platforms (like WordPress) that teach it to talk to vBulletin and exchange data. Here?s a list of support platforms.

Supported Platforms (https://www.vbsso.com)
  • vBulletin
  • WordPress
  • WordPress Multisite
  • Drupal
  • Mediawiki
  • Moodle
  • Prestashop
  • DokuWiki
  • Joomla
  • Magento

SSO Key Features
  • Run across different sub-domains, domains, servers and ports
  • Easy setup & configuration
  • Automatically log into third party applications when you log into vBulletin
  • Automatically log out of third party applications when you log out of vBulletin

Single Sign-On
  • Log to third party applications through vBulletin
  • Log out of third party applications through vBulletin
  • Register to third party applications through vBulletin
  • Recover password to third party applications through vBulletin

License
  • Free, open source
  • GNU general public license, version 2
  • Reusable code

Safety
  • Encrypted data exchange via private unique shared key
  • Friends with firewalls
  • Communicates purely through API of the connected platform
  • Basic Access Authentication support

Setup & Configuration
  • Quick startup
  • Advanced configuration options
  • Backup & Restore

Avatars
  • Sync vBulletin avatars with third-party applications

User Groups
  • Restrict access to third-party applications using vBulletin usergroups
  • Add visitors of third-party applications to vBulletin usergroups

Miscellaneous
  • Custom vBulletin login page
  • Custom vBulletin registration page
== Changelog ==

= 1.6.4 =
  • Feature #6421: vBSSO | Add PHP 7.1, 72 support. Fixed PHP warnings.
  • [Updated on March 26, 2019]

= 1.6.1 =
  • Added PHP 5.3, 5.4, 5.5, 5.6, 7.0 support for vBulletin 4.2.
  • Fixed an issue when vBulletin throws the Warning: Invalid argument supplied... in case of connecting platforms on different domains/BAA.
  • Fixed an issue when user location is shown as unknown on the "Currently Active Users" page.
  • Other enhancements and bugs fixes.
  • [Updated on July 25, 2017]

= 1.6.0 =
  • Added PHP 5.4, 5.5, 5.6, 7.0 support for vBulletin 4.1.x.
  • Fixed the issue when download logs function was not working and was displaying an empty white screen (PHP5.6).
  • EOL (End-of-life due to the end of life of this version) for PHP 5.2 support.
  • EOL (End-of-life due to the end of life of this version) for vBulletin 3.x support.
  • Other enhancements and bugs fixes.
  • [Updated March 10, 2017]

= 1.5.1 =
  • Fixed an issue when vBulletin redirects to WordPress search page after сlearing the browser's cookie and cache.
  • [Updated February 19, 2016]
= 1.5 =
  • Fixed fatal error on logout operation if logout is initiated from "vBulletin Mobile Suite".
  • Enhanced intensive logging to troubleshoot issues with ease.
  • Added vBulletin 5 compatibility notifications message on installation.
  • [Updated August 31, 2015]

= 1.4.16 =
  • Added PHP 5.6 support
  • Added support of cross-domain single-sign on in Internet Explorer.
  • Fixed an issue when vBSSO didn't connect platform with strong www redirect.
  • Fixed an issue when vBulletin didn't work as a child platform.
  • Fixed an issue when vBSSO widget for Wordpress didn't show the number of notifications due to bug on vBulletin side.
  • Other enhancements and bugs fixes.
  • [Updated June 04, 2015]

We strongly recommend you to upgrade vBSSO to the latest version (1.4.15)

= 1.4.15 =
  • Fixed the potential SQL injection vulnerability that might display md5 version of password (the original password is safe).
  • Fixed an issue when sometimes avatars are not fetched and displayed in connected to vBulletin platforms.
  • Fixed an issue when some redirects in vBulletin 3.x were processed improperly.
  • Fixed an issue when sometimes white screen was displayed after registration.
  • Fixed <base> tag for vBulletin 3.x
  • Other enhancements and bugs fixes.
  • [Updated January 20, 2015]

= 1.4.14 =
  • Fixed "Support www alias" option on "Connect Platform" page.
  • Fixed <base> tag behavior when "Always use Forum URL as Base Path" option disabled.
  • Other enhancements and bugs fixes.
  • [Updated November 17, 2014]

= 1.4.13 =
  • Implemented possibility to get vBulletin notifications counter through vBSSO.
  • Improved avatars rendering method.
  • Added usergroups support in vBulletin as connected platform.
  • Added a new warning entry to ?Warnings? page identifying vBulletin hooks status.
  • Added a new warning entry to ?Warnings? page identifying forum accounts with empty username.
  • Added a new warning entry to ?Warnings? page identifying missing PHP extensions.
  • Added a new warning entry to ?Warnings? page identifying disabled PHP functions required by vBSSO.
  • Added support for authorization both with www and without it.
  • Fixed an issue, when the platform couldn?t be disconnnected while uninstalling vBSSO.
  • Fixed AdminCP login issue.
  • Fixed E_NOTICE errors in debug mode.
  • Other enhancements and bugs fixes.
  • [Updated November 1, 2014]

= 1.4.12 =
  • Made the version compatible with other extensions like "PurevB Theme Manager", "GlowHost - Spam-O-Matic", "PhotoPost vBGallery".
  • Added a new warning entry to "Warnings" page identifying forum accounts with duplicated username/email and empty email addresses.
  • Added a forum "moderation" page support while user is being registered through vBSSO.
  • Logout is not any longer restricted by "Access Settings" configuration.
  • Adding "https" domains to forum "whitelist".
  • Fixed the "logs in .zip" downloading issue.
  • Resolved "Logout" issue for user with no forum access privileges when two forums are connected to each other.
  • Adjusted "Access Settings" to handle login access restrictions properly.
  • Other enhancements and bugs fixes.
  • [Updated June 17, 2013]

= 1.4.11 =
  • Prepared the feature to handle broken user accounts between WordPress and vBulletin.
  • Enhancements and bugs fixes.
  • [Updated May 22, 2013]

= 1.4.10 =
  • Added usergroups support in vBSSO vBulletin. Other vBSSO extensions should implement vBSSO vBulletin usergroups API to support usergroups on a connected platform.
  • Implemented an ability to login visitors by their email address.
  • Improved support of vBulletin SSL mode.
  • Improved vBSSO avatars lookup performance.
  • Removed unsed 'cssrollup_vbsso.xml'.
  • Fixed login issue through vBulletin API. Tapatalk compatible.
  • Fixed the issue when "Show vBulletin Profile" option is not being updated in case of connection two forums.
  • Fixed the issue when the platform couldn't be connected if "Allowed User Groups" is filled out to restrict login access.
  • Other enhancements and bugs fixes.
  • [Updated May 20, 2013]

= 1.4.9 =
  • Restored the visibility of the activation message showed before user proceeds with login after registration process.
  • Improved "Logging & Notifications" section to get much quicker and flexible access to log files.
  • Added a special section called "Warnings" to warn administrators about potential issues required to be solved.
  • Added tips to "Access Settings" section.
  • Improved the verification process in case if we establish forum to forum connection.
  • "vBulletin Links" section was renamed to "Link Custom Pages".
  • Enhancements and bugfixes.
  • [Updated February 01, 2013]

= 1.4.8 =
  • Made vBSSO "vBulletin 4.2.0 PL3" compatible.
  • Added new supported profile fields "Birth", "Phone".
  • Enhancements and bugfixes.
  • [Updated October 26, 2012]

= 1.4.7 =
  • Extended the authentication and login vBSSO API.
  • Added 4 new hooks (vBSSO Login Event, vBSSO Logout Event, vBSSO Authentication Event, vBSSO Register Event).
  • Fixed creating user from admincp.
  • Fixed Admin Panel menu items order.
  • Enhancements and bugfixes.
  • [Updated October 26, 2012]

= 1.4.6 =
  • Implemented support of SSL.
  • Handled endless redirect once it finds non-compatible accounts.
  • Fixed the conflict when "Save stylesheets to files" option is enabled in vBulletin 3.x.
  • Enhancements and bugfixes.
  • [Updated September 23, 2012]

= 1.4.5 =
  • Implemented support of avatars for connected vBulletin platform.
  • Implemented support of user profile and author links for connected vBulletin platform.
  • Adjusted login form for connected vBulletin platform.
  • Implemented the feature to update the settings of all the connected platforms as soon as master plugin is upgraded.
  • Enhancements and bugfixes.
  • [Updated September 03, 2012]

= 1.4.4 =
  • Added vBulletin 3.x compatibility.
  • Added support of vBulletin connection as slave platform.
  • Fixed an issue on adding new user from admincp when it is not added to the connected platforms.
  • Fixed "Class 'LoggerReflectionUtils' not found" issue.
  • [Updated August 10, 2012]

= 1.4.3 =
  • Http status code 100 shouldn't be tracked as error - fixed.
  • Adjusted extensive debug logging of the response errors.
  • Fixed an issue when sometimes avatars are not fetched and displayed in connected to vBulletin platforms.
  • [Updated June 22, 2012]

= 1.4.2 =
  • Resolved installation error "Invalid SQL: INSERT INTO `vbsso_users`" thrown in cases when account duplicates exist. We check for the duplicates and throw the warning during the installation phase.
  • Fixed Fatal error: Call to undefined function print_cp_header() error when vBulletin is configured to have custom named AdminCP folder.
  • Implemented un-installation hook to disconnect all the connected to vBSSO platforms.
  • Added a check to warn if vBulletin "User Registration Options -> Require Unique Email Addresses" is disabled and duplicated accounts are allowed.
  • [Updated November 17, 2011]

= 1.4.1 =
  • Fixed Warning: call_user_func_array() [function.call-user-func-array]: First argument is expected to be a valid callback, 'Logger::warning' was given in /vbsso/includes/functions_logging.php.
  • [Updated October 10, 2011]


= 1.4 =
  • Refined Notifications section, renamed it to Logging & Notifications, added the options to log vBSSO logic, keep logging files and send log messages to email.
  • Improved installation process by cleaning up the database before the product is completely installed.
  • Improved installation process by adding a check for the required PHP extension before the plugin is completely installed or upgraded.
  • Fixed the issue that might be a cause of the empty page in admincp.
  • Moved the settings to standard vBulletin Options.
  • Moveed Backup & Restore to standard vBulletin Backup & Restore facility.
  • Added vBulletin 4.x version as a dependency for the plugin.
  • Removed option to set Forum Path.
  • [Updated September 28, 2011]

= 1.3 =
  • Added sending of the authentication event to the connected platform as soon as user is registered in vBulletin.
  • Fixed issue with ':' delimiter located between host and port in url in case of using non-standard port #80
  • Added support to redirect to lost password page via API.
  • Added config.custom.default.php file as a config sample.
  • Fixed "Warning: Call-time pass-by-reference has been deprecated" error.
  • Added error message in case if platform couldn't be verified for some reason.
  • Removed the extra steps to set up forumpath setting, it's being setup automatically during plugin installation.
  • Fixed css to display "SSO provided By" text correctly in different theme layouts.
  • [Updated September 18, 2011]

= 1.2 =
  • First release
  • [Created September 10, 2011]

Project Supported by Diabetes Daily
"We are in dept to those who have donated their code and advice to us over the last six years. Without that support, we would never have built one of the most successful diabetes communities. This is our way of 'paying it forward' so others can do more better and faster." - David Edelman, Co-Founder of Diabetes Daily

Download Now

Download Now

File Type: zip vbsso.zip (180 Bytes, 465 views)

Screenshots

File Type: png screenshot-1.png (126.9 KB, 0 views)
File Type: png screenshot-2.png (166.7 KB, 0 views)
File Type: png screenshot-3.png (276.4 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #892  
Old 01-13-2015, 05:08 AM
xeagle xeagle is offline
 
Join Date: Sep 2011
Posts: 477
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Maxthon View Post
Does the plugin works with vbulletin 5.1?

Unfortunately the plugin does not support vbulletin 5.
The latest version of vbulletin which is supported is 4.2.
Reply With Quote
  #893  
Old 01-15-2015, 07:15 AM
xeagle xeagle is offline
 
Join Date: Sep 2011
Posts: 477
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Keep up to date with the latest news on http://vbsso.com/
Reply With Quote
  #894  
Old 01-18-2015, 01:52 PM
m7sen m7sen is offline
 
Join Date: Mar 2014
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

we need update wp 4.1 ^_^
Reply With Quote
  #895  
Old 01-18-2015, 07:12 PM
TiKu's Avatar
TiKu TiKu is offline
 
Join Date: Sep 2006
Posts: 97
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

We use vBSSO to connect vBulletin 4.2 with Wordpress 4.0 and Mediawiki 1.23. One of our users has the vBulletin user name "T?sti's Welle". I don't know whether Wordpress can deal with this user name, as the user is not in a user group that has access to our Wordpress dashboard. But Mediawiki has problems with this name - the user does not get logged in to Mediawiki. And worse: According to the vBSSO logs the system runs into a SQL error, that seems to occur due to missing escaping of the apostroph in the user name. This seems like a security hole to me, as it might allow SQL injection!
Here are the important lines from the log file (I've removed some parts to protect our forum):
Code:
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request JSON: {"email":"xyz@mydomain.com","username":"T\u00e4sti's Welle","usergroup":"2","e":6,"lid":"547a124e343fb2.23578572","d":"http:\/\/www.mydomain.com\/vbulletin\/admincp\/user.php?do=edit&u=98985"}
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request encrypted JSON: HHqgd6uMZZyW2mJIZ63QhGgJPoi//Gm4a1+Fp5a/49YTXbCsUhbeidQWpRqhfaQqfixmAr/iG1lKUJZfMLV85UKZdCgG94Wm5TuI9tqYzsMLBy2wqqVcSRd8ErbXB314PF4bhT11cXpNp3X9lrp8fSNHA++0SvzZZMfrhKwF+fwFVgXMOhcLohxTQ0tFzuLUazAIPVFU0dsRMlhRVr2YRfH8pOZcL24kDCFAyzU7pNc58c5AKoS7E1DCFm7Gah19kRXadS1yT4MoXhHOqKCE9Q==
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request urlencoded/encrypted JSON: HHqgd6uMZZyW2mJIZ63QhGgJPoi%2F%2FGm4a1%2BFp5a%2F49YTXbCsUhbeidQWpRqhfaQqfixmAr%2FiG1lKUJZfMLV85UKZdCgG94Wm5TuI9tqYzsMLBy2wqqVcSRd8ErbXB314PF4bhT11cXpNp3X9lrp8fSNHA%2B%2B0SvzZZMfrhKwF%2BfwFVgXMOhcLohxTQ0tFzuLUazAIPVFU0dsRMlhRVr2YRfH8pOZcL24kDCFAyzU7pNc58c5AKoS7E1DCFm7Gah19kRXadS1yT4MoXhHOqKCE9Q%3D%3D
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned http status code: 200
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned error: 
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned response: <!DOCTYPE HTML>
<html>
<head>
	<title>MediaWiki API</title>
</head>
<body>
<pre>
<span style="color:blue;">&lt;?xml version=&quot;1.0&quot;?&gt;</span>
<span style="color:blue;">&lt;api&gt;</span>
  <span style="color:blue;">&lt;error code=&quot;internal_api_error_DBQueryError&quot; info=&quot;Database query error&quot; xml:space=&quot;preserve&quot;&gt;</span>

#0 /apache/dc/htdocs/wiki/includes/db/Database.php(1123): DatabaseBase-&gt;reportQueryError('Table './dcwiki...', 145, 'INSERT IGNORE I...', 'User::removeGro...', false)
#1 /apache/dc/htdocs/wiki/includes/db/Database.php(1920): DatabaseBase-&gt;query('INSERT IGNORE I...', 'User::removeGro...')
#2 /apache/dc/htdocs/wiki/includes/User.php(2968): DatabaseBase-&gt;insert('user_former_gro...', Array, 'User::removeGro...', Array)
#3 /apache/dc/htdocs/wiki/extensions/vbsso/includes/api.php(63): User-&gt;removeGroup('bot')
#4 [internal function]: vbsso_listener_register(Array)
#5 /apache/dc/htdocs/wiki/extensions/vbsso/includes/sharedapi.php(349): call_user_func('vbsso_listener_...', Array)
#6 /apache/dc/htdocs/wiki/extensions/vbsso/apivbsso.php(35): sharedapi_data_handler(9, '1.23.5', '1.0.1', '316050855963126...', Array)
#7 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(913): vbsso-&gt;execute()
#8 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(363): ApiMain-&gt;executeAction()
#9 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(334): ApiMain-&gt;executeActionWithErrorHandling()
#10 /apache/dc/htdocs/wiki/api.php(85): ApiMain-&gt;execute()
#11 {main}

<span style="color:blue;">&lt;/error&gt;</span>
<span style="color:blue;">&lt;/api&gt;</span>
</pre>
</body>
</html>
<script>if(window.mw){
mw.config.set({"wgBackendResponseTime":54});
}</script>
Sun Jan 18 19:08:18 2015,642 [23526] ERROR localFileLogger - Communication: Unable to accept response:
Sun Jan 18 19:08:18 2015,642 [23526] ERROR localFileLogger - Wrong Shared Password
There is another user with the same problem, but another kind of apostroph in his name (? instead of ').

So if this is a vulnerability, can it please be fixed?
Is there a way that vBSSO converts user names on the fly so that Mediawiki will accept them? For instance any apostroph could be removed or replaced with a dash, followed by the apostroph's hex code.

Regards
TiKu
Reply With Quote
  #896  
Old 01-19-2015, 07:07 AM
xeagle xeagle is offline
 
Join Date: Sep 2011
Posts: 477
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by TiKu View Post
We use vBSSO to connect vBulletin 4.2 with Wordpress 4.0 and Mediawiki 1.23. One of our users has the vBulletin user name "T?sti's Welle". I don't know whether Wordpress can deal with this user name, as the user is not in a user group that has access to our Wordpress dashboard. But Mediawiki has problems with this name - the user does not get logged in to Mediawiki. And worse: According to the vBSSO logs the system runs into a SQL error, that seems to occur due to missing escaping of the apostroph in the user name. This seems like a security hole to me, as it might allow SQL injection!
Here are the important lines from the log file (I've removed some parts to protect our forum):
Code:
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request JSON: {"email":"xyz@mydomain.com","username":"T\u00e4sti's Welle","usergroup":"2","e":6,"lid":"547a124e343fb2.23578572","d":"http:\/\/www.mydomain.com\/vbulletin\/admincp\/user.php?do=edit&u=98985"}
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request encrypted JSON: HHqgd6uMZZyW2mJIZ63QhGgJPoi//Gm4a1+Fp5a/49YTXbCsUhbeidQWpRqhfaQqfixmAr/iG1lKUJZfMLV85UKZdCgG94Wm5TuI9tqYzsMLBy2wqqVcSRd8ErbXB314PF4bhT11cXpNp3X9lrp8fSNHA++0SvzZZMfrhKwF+fwFVgXMOhcLohxTQ0tFzuLUazAIPVFU0dsRMlhRVr2YRfH8pOZcL24kDCFAyzU7pNc58c5AKoS7E1DCFm7Gah19kRXadS1yT4MoXhHOqKCE9Q==
Sun Jan 18 19:08:18 2015,584 [23526] DEBUG localFileLogger - Platform request urlencoded/encrypted JSON: HHqgd6uMZZyW2mJIZ63QhGgJPoi%2F%2FGm4a1%2BFp5a%2F49YTXbCsUhbeidQWpRqhfaQqfixmAr%2FiG1lKUJZfMLV85UKZdCgG94Wm5TuI9tqYzsMLBy2wqqVcSRd8ErbXB314PF4bhT11cXpNp3X9lrp8fSNHA%2B%2B0SvzZZMfrhKwF%2BfwFVgXMOhcLohxTQ0tFzuLUazAIPVFU0dsRMlhRVr2YRfH8pOZcL24kDCFAyzU7pNc58c5AKoS7E1DCFm7Gah19kRXadS1yT4MoXhHOqKCE9Q%3D%3D
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned http status code: 200
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned error: 
Sun Jan 18 19:08:18 2015,642 [23526] DEBUG localFileLogger - Communication: Platform returned response: <!DOCTYPE HTML>
<html>
<head>
	<title>MediaWiki API</title>
</head>
<body>
<pre>
<span style="color:blue;">&lt;?xml version=&quot;1.0&quot;?&gt;</span>
<span style="color:blue;">&lt;api&gt;</span>
  <span style="color:blue;">&lt;error code=&quot;internal_api_error_DBQueryError&quot; info=&quot;Database query error&quot; xml:space=&quot;preserve&quot;&gt;</span>

#0 /apache/dc/htdocs/wiki/includes/db/Database.php(1123): DatabaseBase-&gt;reportQueryError('Table './dcwiki...', 145, 'INSERT IGNORE I...', 'User::removeGro...', false)
#1 /apache/dc/htdocs/wiki/includes/db/Database.php(1920): DatabaseBase-&gt;query('INSERT IGNORE I...', 'User::removeGro...')
#2 /apache/dc/htdocs/wiki/includes/User.php(2968): DatabaseBase-&gt;insert('user_former_gro...', Array, 'User::removeGro...', Array)
#3 /apache/dc/htdocs/wiki/extensions/vbsso/includes/api.php(63): User-&gt;removeGroup('bot')
#4 [internal function]: vbsso_listener_register(Array)
#5 /apache/dc/htdocs/wiki/extensions/vbsso/includes/sharedapi.php(349): call_user_func('vbsso_listener_...', Array)
#6 /apache/dc/htdocs/wiki/extensions/vbsso/apivbsso.php(35): sharedapi_data_handler(9, '1.23.5', '1.0.1', '316050855963126...', Array)
#7 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(913): vbsso-&gt;execute()
#8 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(363): ApiMain-&gt;executeAction()
#9 /apache/dc/htdocs/wiki/includes/api/ApiMain.php(334): ApiMain-&gt;executeActionWithErrorHandling()
#10 /apache/dc/htdocs/wiki/api.php(85): ApiMain-&gt;execute()
#11 {main}

<span style="color:blue;">&lt;/error&gt;</span>
<span style="color:blue;">&lt;/api&gt;</span>
</pre>
</body>
</html>
<script>if(window.mw){
mw.config.set({"wgBackendResponseTime":54});
}</script>
Sun Jan 18 19:08:18 2015,642 [23526] ERROR localFileLogger - Communication: Unable to accept response:
Sun Jan 18 19:08:18 2015,642 [23526] ERROR localFileLogger - Wrong Shared Password
There is another user with the same problem, but another kind of apostroph in his name (? instead of ').

So if this is a vulnerability, can it please be fixed?
Is there a way that vBSSO converts user names on the fly so that Mediawiki will accept them? For instance any apostroph could be removed or replaced with a dash, followed by the apostroph's hex code.

Regards
TiKu
Could you please contact support team http://vbsso.com/report-an-issue/ describing the steps you use to reproduce your case on your website.

Thank you,
Reply With Quote
  #897  
Old 01-19-2015, 11:00 PM
xeagle xeagle is offline
 
Join Date: Sep 2011
Posts: 477
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The updated version of vBSSO vBulletin 1.4.15 is released!

We strongly recommend you to upgrade vBSSO to the latest version (1.4.15)
Reply With Quote
  #898  
Old 01-25-2015, 01:08 PM
m7sen m7sen is offline
 
Join Date: Mar 2014
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i have problem now when i update to 1.4.15

there is new user i want to log in wprdpress but i cannt
its take me to vbulletin and give me error
vbsso/vbsso.php?a=act&do=error

what can i do

and if i log out
its give me same error !!

all user group have Access to login wordpress


I hope you can provide me the correct default feature for all fields

and what the setting for vBSSO URLS !!


if i log out wordpress its take me to vbulletin and give me error
Invalid Redirect URL wp-admin/options-general.php?page=vbsso_options

another problem
i cannt log out in wordpress
if i log out its take me to vbulletin and went me back to wp admin !!!!!

what can i do

help me please
Reply With Quote
  #899  
Old 01-26-2015, 04:17 AM
TiKu's Avatar
TiKu TiKu is offline
 
Join Date: Sep 2006
Posts: 97
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by TiKu View Post
We use vBSSO to connect vBulletin 4.2 with Wordpress 4.0 and Mediawiki 1.23. One of our users has the vBulletin user name "T?sti's Welle". I don't know whether Wordpress can deal with this user name, as the user is not in a user group that has access to our Wordpress dashboard. But Mediawiki has problems with this name - the user does not get logged in to Mediawiki.
For your interest: We've been able to solve this problem. It has been a misconfiguration (user rights) and converting our Mediawiki database to UTF-8 probably also did help.
Reply With Quote
  #900  
Old 01-26-2015, 06:49 AM
xeagle xeagle is offline
 
Join Date: Sep 2011
Posts: 477
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by m7sen View Post
i have problem now when i update to 1.4.15

there is new user i want to log in wprdpress but i cannt
its take me to vbulletin and give me error
vbsso/vbsso.php?a=act&do=error

what can i do

and if i log out
its give me same error !!

all user group have Access to login wordpress


I hope you can provide me the correct default feature for all fields

and what the setting for vBSSO URLS !!


if i log out wordpress its take me to vbulletin and give me error
Invalid Redirect URL wp-admin/options-general.php?page=vbsso_options

another problem
i cannt log out in wordpress
if i log out its take me to vbulletin and went me back to wp admin !!!!!

what can i do

help me please
Could you please contact support team http://vbsso.com/report-an-issue/ describing the steps you use to reproduce your case on your website.

Thank you,
Reply With Quote
  #901  
Old 01-26-2015, 04:49 PM
m7sen m7sen is offline
 
Join Date: Mar 2014
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by xeagle View Post
Could you please contact support team http://vbsso.com/report-an-issue/ describing the steps you use to reproduce your case on your website.

Thank you,
i do it

now i cannt Contact vbulletin with wordpress !!


Unable to verify platform [http://******.com/wp-content/plugins/vbsso/vbsso.php] Please analyze log files located at `/home/******/public_html/vb/vbsso/logs/` to detect the cause of the issue.

Error message:

what is problem
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:36 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06407 seconds
  • Memory Usage 2,402KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (3)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (21)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (4)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete