Go Back   vb.org Archive > vBulletin Article Depository > Read An Article > vBulletin 3 Articles
Reload this Page [Tip] - Common Mistake when hacking your vb
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Page 1 of 2 1 2
 
Thread Tools
[Tip] - Common Mistake when hacking your vb
Dean C's Avatar
Dean C
Join Date: Jan 2002
Posts: 9,071

 

England
Show Printable Version Email this Page Subscription
Dean C Dean C is offline 01-02-2003, 10:00 PM
Well the most common mistake i made when i was new to install hacks was when it was long lines of code which performed a query.

Many hacks require you to edit the same line and add little fractions to it.

Ok so lets start out with a fresh install.

We install just a part of the 'away user hack'.

The instructions want us to replace this in user.php:

PHP Code:
$DB_site->query("UPDATE user SET birthday='$birthday',options='$options',usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,email='".addslashes(htmlspecialchars($email))."',styleid='$userstyleid',parentemail='".addslashes(htmlspecialchars($parentemail))."',coppauser=$coppauser,homepage='".addslashes(htmlspecialchars($homepage))."',icq='".addslashes(htmlspecialchars($icq))."',aim='".addslashes(htmlspecialchars($aim))."',yahoo='".addslashes(htmlspecialchars($yahoo))."',signature='".addslashes($signature)."',adminemail=$adminemail,showemail=$showemail,invisible=$invisible,usertitle='".addslashes($usertitle)."',customtitle=$customtitle,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,daysprune='$daysprune',lastvisit=$lastvisit,lastactivity=$lastactivity,lastpost=$lastpost,posts='$posts',timezoneoffset='$timezoneoffset',emailnotification=$emailnotification,receivepm='$receivepm',emailonpm='$emailonpm',ipaddress='".addslashes($aipaddress)."',pmpopup=IF(pmpopup=2 AND $pmpopup=1,pmpopup,'$pmpopup') WHERE userid=$userid"); 
With this:

PHP Code:
$DB_site->query("UPDATE user SET away='$away',awaydate=$awaydate,returndate='$returndate',awayreason='".addslashes(htmlspecialchars($awayreason))."',birthday='$birthday',options='$options',usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,email='".addslashes(htmlspecialchars($email))."',styleid='$userstyleid',parentemail='".addslashes(htmlspecialchars($parentemail))."',coppauser=$coppauser,homepage='".addslashes(htmlspecialchars($homepage))."',icq='".addslashes(htmlspecialchars($icq))."',aim='".addslashes(htmlspecialchars($aim))."',yahoo='".addslashes(htmlspecialchars($yahoo))."',signature='".addslashes($signature)."',adminemail=$adminemail,showemail=$showemail,invisible=$invisible,usertitle='".addslashes($usertitle)."',customtitle=$customtitle,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,daysprune='$daysprune',lastvisit=$lastvisit,lastactivity=$lastactivity,lastpost=$lastpost,posts='$posts',timezoneoffset='$timezoneoffset',emailnotification=$emailnotification,receivepm='$receivepm',emailonpm='$emailonpm',ipaddress='".addslashes($aipaddress)."',pmpopup=IF(pmpopup=2 AND $pmpopup=1,pmpopup,'$pmpopup') WHERE userid=$userid"); 
Ok that's not hard because what we need to replace will be there because the hack is made for a fresh install.

The problem comes when we have to edit that line again and it's different to the instructions. Most people will just look at the first 10 characters of that line and say well i should just replace it. Now if you do your 'away user hack' won't work.

Here's an example in the 'contributor lable' hack. It wants us again to replace this line in user.php:

PHP Code:
$DB_site->query("UPDATE user SET birthday='$birthday',options='$options',usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,email='".addslashes(htmlspecialchars($email))."',styleid='$userstyleid',parentemail='".addslashes(htmlspecialchars($parentemail))."',coppauser=$coppauser,homepage='".addslashes(htmlspecialchars($homepage))."',icq='".addslashes(htmlspecialchars($icq))."',aim='".addslashes(htmlspecialchars($aim))."',yahoo='".addslashes(htmlspecialchars($yahoo))."',signature='".addslashes($signature)."',adminemail=$adminemail,showemail=$showemail,invisible=$invisible,usertitle='".addslashes($usertitle)."',customtitle=$customtitle,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,daysprune='$daysprune',lastvisit=$lastvisit,lastactivity=$lastactivity,lastpost=$lastpost,posts='$posts',timezoneoffset='$timezoneoffset',emailnotification=$emailnotification,receivepm='$receivepm',emailonpm='$emailonpm',ipaddress='".addslashes($aipaddress)."',pmpopup=IF(pmpopup=2 AND $pmpopup=1,pmpopup,'$pmpopup') WHERE userid=$userid"); 
With this:

PHP Code:
$DB_site->query("UPDATE user SET birthday='$birthday',options='$options',usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,email='".addslashes(htmlspecialchars($email))."',styleid='$userstyleid',parentemail='".addslashes(htmlspecialchars($parentemail))."',coppauser=$coppauser,homepage='".addslashes(htmlspecialchars($homepage))."',icq='".addslashes(htmlspecialchars($icq))."',aim='".addslashes(htmlspecialchars($aim))."',yahoo='".addslashes(htmlspecialchars($yahoo))."',signature='".addslashes($signature)."',adminemail=$adminemail,showemail=$showemail,invisible=$invisible,usertitle='".addslashes($usertitle)."',customtitle=$customtitle,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,daysprune='$daysprune',lastvisit=$lastvisit,lastactivity=$lastactivity,lastpost=$lastpost,posts='$posts',timezoneoffset='$timezoneoffset',emailnotification=$emailnotification,receivepm='$receivepm',emailonpm='$emailonpm',ipaddress='".addslashes($aipaddress)."',donator='$donation',pmpopup=IF(pmpopup=2 AND $pmpopup=1,pmpopup,'$pmpopup') WHERE userid=$userid"); 
But because we've edited that line of code for another hack it isn't there. This leads many people to go into the support thread and say i haven't got that line of code in my user.php

Well in fact you have but it's slightly changed.

So what we do is look at the code that needs to be changed and we'll look up the line until we find what's different. Here's the code that was added to that line for the away hack:

PHP Code:
away='$away',awaydate=$awaydate,returndate='$returndate',awayreason='".addslashes(htmlspecialchars($awayreason))."'
So what we do is ignore this line of code and see what's different in the other hack:

PHP Code:
donator='$donation'
So we see where the bit of code was added after in the line which was:

PHP Code:
ipaddress='".addslashes($aipaddress)."'
Then we add the relevent code after it. And your final line of code should look like this:

PHP Code:
$DB_site->query("UPDATE user SET away='$away',awaydate=$awaydate,returndate='$returndate',awayreason='".addslashes(htmlspecialchars($awayreason))."',birthday='$birthday',options='$options',usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,email='".addslashes(htmlspecialchars($email))."',styleid='$userstyleid',parentemail='".addslashes(htmlspecialchars($parentemail))."',coppauser=$coppauser,homepage='".addslashes(htmlspecialchars($homepage))."',icq='".addslashes(htmlspecialchars($icq))."',aim='".addslashes(htmlspecialchars($aim))."',yahoo='".addslashes(htmlspecialchars($yahoo))."',signature='".addslashes($signature)."',adminemail=$adminemail,showemail=$showemail,invisible=$invisible,usertitle='".addslashes($usertitle)."',customtitle=$customtitle,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,daysprune='$daysprune',lastvisit=$lastvisit,lastactivity=$lastactivity,lastpost=$lastpost,posts='$posts',timezoneoffset='$timezoneoffset',emailnotification=$emailnotification,receivepm='$receivepm',emailonpm='$emailonpm',ipaddress='".addslashes($aipaddress)."',donator='$donation',pmpopup=IF(pmpopup=2 AND $pmpopup=1,pmpopup,'$pmpopup') WHERE userid=$userid"); 
And there we go. We've managed to get past one of the most commonest mistakes when editing your long query lines.

Regards

- miSt
Reply With Quote
  #2  
Old 01-03-2003, 10:28 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Sorry for the stretching of the page - that can't be helped

- miSt
Reply With Quote
  #3  
Old 01-03-2003, 10:34 AM
Chris M's Avatar
Chris M Chris M is offline
 
Join Date: Dec 2001
Location: Northampton, England
Posts: 6,186
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I suppose it could be useful for newbies - Perhaps you ought to consider a shorter query? Saves side-scrolling

Satan
Reply With Quote
  #4  
Old 01-03-2003, 03:40 PM
DrkFusion's Avatar
DrkFusion DrkFusion is offline
 
Join Date: Nov 2001
Posts: 1,926
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Nice of you to post this hear, many new hackers will get soem use out of it
Reply With Quote
  #5  
Old 01-03-2003, 04:04 PM
JulianD's Avatar
JulianD JulianD is offline
 
Join Date: Jan 2002
Posts: 455
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I've had those problems before, thanks for the nice tips Mist
Reply With Quote
  #6  
Old 01-03-2003, 06:06 PM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Your Welcome and yes this was aimed at newbies

Regards

- miSt
Reply With Quote
  #7  
Old 01-03-2003, 07:57 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Very usefull for newbies indeed!
Thanks mist
Reply With Quote
  #8  
Old 01-03-2003, 08:13 PM
Logik's Avatar
Logik Logik is offline
 
Join Date: Nov 2002
Location: Tx
Posts: 432
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Yes. Im not new to vB hacks. But this will help alot of new comers.
Reply With Quote
  #9  
Old 01-05-2003, 11:29 PM
escoson escoson is offline
 
Join Date: Sep 2002
Posts: 18
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
im a newbie lol so from my perspective it helps to know what i have to do...yet i dont understand the script so i would still be lost
i jus tried doin it and totally messed up and had to upload the backup php file... :cry:
lol
$o.o2
Reply With Quote
  #10  
Old 01-06-2003, 10:19 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
No lol - this is just a guideline of what to do when you get lines of code which have already been hacked

You didn't try and do what it said in this post did you?

- miSt
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 06:36 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04942 seconds
  • Memory Usage 2,349KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (8)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_article
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete