The Arcive of Official vBulletin Modifications Site.

if() vBCode - Private Post Text Hack · **Released**: 02-02-2003

Important News: This hack is now out of beta testing and is now in alpha.

What this hack does, is add a if() vB Code where you can enter formulas that if true, the user will be able to see the private text in the post, if it shows up false, its hidden from the users sight. This hack doesnt use any queries at all. Also the if() vB Code also supports other vB Codes inside of it.

The formulas can contain both functions and varibles such as $bbuerinfo[userid] or strtolower(), you can add a list of allowed functions to it and all others functions that arent allowed are removed from the code to prevent security issues.

All security issues and exploits have now been fixed. This hack has settings where you can allow all users to use it or just allow admins to use it. Theres also a setting that you can change to allow admins to see all the private text in posts even if they normaly cant see it.

The code part of the vB Code ( if(code) ) uses the same syntax as php script, so if you wanna check if a varible equals something, you must use == instead of =, also all varibles from $bbuserinfo also have there own varible, what i mean by this is that $bbuserinfo[username] is also $bbusername and $bbuserinfo[posts] is also $bbposts, with these specail varibles, it is optional to add a $ in front of it, so $bbusername and bbusername will both work.

Also theres a feature where admins can see the forumula that was used next to the text "Private Text:", it is shown is (code used here), other members will just see "Private Text:".

Examples of the If() vB Code:
[if($bbuserid>0)]Thank you for joining![/if]
[if(bbuserid>0)]Thank you for joining![/if]

[if($bbusername=="Admin")]Whats up?[/if]
[if(bbusername=="Admin")]Whats up?[/if]

[if($ourtimenow>=$post[dateline]+((7*24)*60*60))]Text To Display 1 week from this post[/if]

[if(bbuserid>0 and bbposts>100)]Keep up the posting

[/if]

[if(bbusergroupid==6 or bbusergroupid==7)]Important Text[/if]

Important: New Update as of March 16th
I recoded the doif function and fixed it up and added editable options for and also a bug that Nuclion encountered:
Admin Only
Admin can read all private text
Allowable functions that you can use
Certain accounts that can see all the private texts
Admins allowed to use all php functions

https://vborg.vbsupport.ru/showthrea...167#post367167
The text below already contains the fix.

Important: New Update as of February 8th
I fixed a bug, that when you search your forums, the if() tag shows even if you cant view it.

https://vborg.vbsupport.ru/showthrea...808#post351808
The text below already contains the fix.

Also I hope you enjoy the hack, If you have any problems, ideas, or just feedback, feel free to post.

Screenshots:
Heres a screenshot of a test post I did with the if() vB Code, the user who made the post can see all the private text in the post by default.
https://vborg.vbsupport.ru/attachmen...&postid=350154
(Note: The private text table can esily be edited in the "privatetext_style" style in headinclude after the hack is installed:

Heres a screen shot of the same post but after I logged out, so this is what the guest would see.
https://vborg.vbsupport.ru/attachmen...&postid=350155

I only have one request if you install this hack, please click Install, Thank You.

Slynderdale · #52 03-16-2003, 03:21 AM

Its been a while, but I fixed the bug that Nuclion had and also added a few more options to it, I also updated the text file with the fix, Ill also post the code below so you dont have to redownload the text. Just replace your old doif function with:

PHP Code:


			
// ###################### Do IF #######################

function doif($code,$text,$output=0) {

  extract ($GLOBALS);

  

  //Editable Options Below

  $allowed_functions = array('trim','strtolower','strtoupper');  //Array of allowable functions

  $admin_only = false; //Set to true if you want only admins to use this.

  $admin_allowed_functions = false; //Set to true if you want only admins to be able to use all the functions.

  $admin_view_all = false; //Set to true if you want to allow admins to view all text.

  $users_view_all = array('1'); //Users that can view all the text

  //Editable Options Above

  

  $postadmin = false;

  if ($post['usergroupid']==6 or $postinfo['usergroupid']==6 or $searchresult['usergroupid']==6)  $postadmin = true;

  $isadmin = false;

  if ($bbuserinfo['usergroupid']==6)  $isadmin = true;

  if ($code and ($admin_only!=true or $admin_only==true and $postadmin==true)) { 

      unset($codestuff);

    while (list($key,$val)=each($bbuserinfo)) {

      $codestuff .= '$bb'.strtolower($key).' = "'.$val.'";';

      @define("bb".strtolower($key),$val,true);

    }

    @eval($codestuff);

    $allfuncs = get_defined_functions();

    $search_array = array();

    $replace_array = array();

    if ($admin_allowed_functions!=true or $admin_allowed_functions==true and $postadmin!=true) {

      foreach ($allfuncs['internal'] as $name) {

        if (!in_array($name,$allowed_functions)) {

          $search_array[] = "/($name)(.*)(\()(.*)(\))/siU";

          $replace_array[] = "\\4";

        }

      }

      foreach ($allfuncs['user'] as $name) {

        if (!in_array($name,$allowed_functions)) {

          $search_array[] = "/($name)(.*)(\()(.*)(\))/siU";

          $replace_array[] = "\\4";

        }

      }

    }

    $code = preg_replace($search_array,$replace_array,$code);

    //$code = str_replace("(","",$code);

    //$code = str_replace(")","",$code);

    $eval_code=false;

    @eval ('if ('.stripslashes($code).') { $eval_code=true; } else { $eval_code=false; }');

      if (($eval_code==true) or ($bbuserinfo['userid'] == $post['userid'] and intval($post['userid'])>0) or ($bbuserinfo['userid'] == $postinfo['userid'] and intval($postinfo['userid'])>0) or ($bbuserinfo['userid'] == $searchresult['userid'] and intval($searchresult['userid'])>0) or ($isadmin==true and $admin_view_all==true) or (is_array($users_view_all) and @in_array($bbuserinfo['userid'],$users_view_all))) {

         if (!$output) {

           return "<table border=\"0\" align=\"center\" width=\"90%\" cellpadding=\"3\" cellspacing=\"1\"><tr><td><smallfont><b>Private Text: ".iif($isadmin,"(".stripslashes($code).")","")."</b></smallfont></td></tr><tr><td class=\"privatetext_style\">".bbcodeparse($text)."</td></tr></table>";

        } else return "[if(".stripslashes($code).")]".$text."[/if]";

     } else {

       return "";

     }

  }

  if ($admin_only==true and $postadmin!=true) return "[if(".stripslashes($code).")]".$text."[/if]";

  else return bbcodeparse($text);

}

NuclioN · #53 03-16-2003, 01:55 PM

Great Slynderdale, i hope it is fixed now

I saw this line:

$users_view_all = array('1'); //Users that can view all the text

What does this mean? Is 1 = all users can view and 0 is only the reciever can see it??

Slynderdale · #54 03-16-2003, 06:47 PM

Quote:

Today at 10:55 AM NuclioN said this in Post #52
Great Slynderdale, i hope it is fixed now
I saw this line:

$users_view_all = array('1'); //Users that can view all the text

What does this mean? Is 1 = all users can view and 0 is only the reciever can see it??

The array of userid's that can view all the private text's on the forum, in case you only want to see all the text instead of all the admins.

squawell · #55 03-22-2003, 03:04 PM

i found a problem....

when i use quote than i can see anything if the rule set someone

can see...so how to solve that??

thankz

Intex · #56 08-01-2003, 03:35 PM

Slynderdale - just looking at the installation for this hack. In the first part it asks yiou to find some text in functions.php, but then doesn't seem to suggest to modify / replace anything, it just asks to find something else.

Can you confirm please. Thx.

brauner · #57 08-06-2003, 10:56 AM

Quote:

08-01-03 at 05:35 PM Intex said this in Post #55
Slynderdale - just looking at the installation for this hack. In the first part it asks yiou to find some text in functions.php, but then doesn't seem to suggest to modify / replace anything, it just asks to find something else.

Can you confirm please. Thx.

Please Help, I have the same problem. I use vb 2.3.0

Slynderdale · #58 08-07-2003, 07:47 AM

Sorry about that, fixed.

VeoMorphine · #59 11-08-2003, 02:02 AM

I was testing this:

[if($ourtimenow>=$post[dateline]+((7*24)*60*60))]Text To Display 1 week from this post[/if]

that makes the showthread.php for that post just a white page.

how would i also enable this for only supermods, admins and mod? and just not users?

#01 · #60 12-11-2003, 01:46 AM

Thanks a lot for making this hack! Works very good! I can see a lot of work went into it and I give mad props to ya!

It was exactly what I was looking for. It's almost 100% secure. Only flaw I can find in it is the fact that if a member who should not be able to see the stuff was to click on "Reply to Thread" They could see all of the info... even the admin portion showing the code. They just need to scroll down to look at the previous threads under the reply box.

Not a big deal though... that feature can be easily shut off (which I'm shutting mine off now.) Thanx a lot!

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.09429 seconds Memory Usage 2,338KB Queries Executed 26 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)bbcode_php (2)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (9)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!