Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Beta Releases

Reply
 
Thread Tools
Style / Template / Replacement Hack For Moderators Details »»
Style / Template / Replacement Hack For Moderators
Version: 1.00, by blackice912 blackice912 is offline
Developer Last Online: Jun 2006 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 09-20-2002 Last Update: Never Installs: 13
Is in Beta Stage  
No support by the author.

Alright, I've finally finished working on this darn thing and ready for a beta release!

This hack impliments the Style, Template, and Replacement hack into one hack since it was the best way to work on it and easy to setup.

Please read the readme file before you install it.

For the style part, view this thread for screenshots

For the template part, view this thread for screenshots

For the replacement part, view this thread for screenshots

Also remember: It's a beta. There will probably be bugs I haven't found.

--------------------------
SECURITY FIX IF YOU USE XENON'S "MODS CAN EDIT USERS"
(https://vborg.vbsupport.ru/showthrea...threadid=42096)
Security fix by me, thanks to Xenon for pointing out where to edit the code
--------------------------
1. Open user.php in your forums/mod/ folder

2. Find the following:
--------------------------
Code:
  if($canedit[profilefields]) {
    maketableheader("Custom Profile Fields");
    $userfield=$DB_site->query_first("SELECT * FROM userfield WHERE userid=$userid");

    $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
    while ($profilefield=$DB_site->fetch_array($profilefields)) {
      $varname="field$profilefield[profilefieldid]";
      makeinputcode($profilefield[title],"field".$profilefield[profilefieldid],$userfield[$varname]);
    }
  }
---------------------------

Replace it with:
---------------------------
Code:
 if($canedit[profilefields]) { 
   maketableheader("Custom Profile Fields"); 
   $userfield=$DB_site->query_first("SELECT * FROM userfield WHERE userid=$userid"); 
  
   $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield"); 
   while ($profilefield=$DB_site->fetch_array($profilefields)) { 
    $varname="field$profilefield[profilefieldid]";
   if ($varname != "field999")
   if ($varname != "field998") 
   if ($varname != "field997") 
     makeinputcode($profilefield[title],"field".$profilefield[profilefieldid],$userfield[$varname]); 
   } 
 }
-----------------------------

Find:
---------------------------
Code:
  if($canedit[profilefields]) {
    $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
    while ($profilefield=$DB_site->fetch_array($profilefields)) {
      $varname="field$profilefield[profilefieldid]";
      $sql.=",field$profilefield[profilefieldid]='".addslashes($$varname)."'";
    }
    $DB_site->query("UPDATE userfield SET userid=$userid$sql WHERE userid=$userid");
  }
---------------------------
Replace it with:
Code:
  if($canedit[profilefields]) {
    $profilefields=$DB_site->query("SELECT profilefieldid,title FROM profilefield");
    while ($profilefield=$DB_site->fetch_array($profilefields)) {
      $varname="field$profilefield[profilefieldid]";
if ($varname != "field999")
if ($varname != "field998")
if ($varname != "field997")
      $sql.=",field$profilefield[profilefieldid]='".addslashes($$varname)."'";
    }
    $DB_site->query("UPDATE userfield SET userid=$userid$sql WHERE userid=$userid");
  }
Save and upload.

That's it, your forums are now secure from moderators breaking your security!
-----------------------------

Now...onto the download...

Oh, and if you use it, please click install!

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 09-21-2002, 09:33 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

nice to see these coming together... good work

You have a PM from me btw

- miSt
Reply With Quote
  #3  
Old 09-21-2002, 07:24 PM
blackice912's Avatar
blackice912 blackice912 is offline
 
Join Date: Jun 2002
Location: Tacoma, WA
Posts: 144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks

And I replied to your PM
Reply With Quote
  #4  
Old 09-21-2002, 08:08 PM
SZ|TalonKarrde SZ|TalonKarrde is offline
 
Join Date: Jun 2002
Posts: 60
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I posted a link to this thread in all the others, just in case they go to those instead of this one
Reply With Quote
  #5  
Old 09-21-2002, 08:11 PM
blackice912's Avatar
blackice912 blackice912 is offline
 
Join Date: Jun 2002
Location: Tacoma, WA
Posts: 144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

heh, I had already posted an edit in those threads about this one
Reply With Quote
  #6  
Old 09-22-2002, 06:28 AM
SZ|TalonKarrde SZ|TalonKarrde is offline
 
Join Date: Jun 2002
Posts: 60
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Darn =(
Reply With Quote
  #7  
Old 09-22-2002, 03:16 PM
Webmasta XT's Avatar
Webmasta XT Webmasta XT is offline
 
Join Date: Mar 2002
Posts: 359
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

rofl, very very useless for me, but nice for some ppl, if i wanted mods to edit templates, why wouldn't I make them admins? lol
Reply With Quote
  #8  
Old 09-22-2002, 04:15 PM
FleaBag's Avatar
FleaBag FleaBag is offline
 
Join Date: Dec 2001
Posts: 1,674
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Because you wouldn't want them to be able to mass delete parts of your database or let them edit forums and users - obviously. Before you try belittling the hard work of a hacker, try rubbing those two brain cells together and think for a moment. Great work on this hack, this is exactly what my hosted forums on GamerForums need.
Reply With Quote
  #9  
Old 09-22-2002, 05:08 PM
FleaBag's Avatar
FleaBag FleaBag is offline
 
Join Date: Dec 2001
Posts: 1,674
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

OK, first bug... Once installed, clicking "Edit Forum Style" causes the browser to attempt to connect to a secure area of stardust-one.net.
Reply With Quote
  #10  
Old 09-22-2002, 08:31 PM
blackice912's Avatar
blackice912 blackice912 is offline
 
Join Date: Jun 2002
Location: Tacoma, WA
Posts: 144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

haha crap sorry about that, I forgot to change the redirect crap

*goes to update*
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:19 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05628 seconds
  • Memory Usage 2,292KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete