Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Disable conditional function filters Details »»
Disable conditional function filters
Version: 1.00, by Brad Brad is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: 3.0.3 Rating:
Released: 08-02-2004 Last Update: Never Installs: 5
Re-useable Code Translations  
No support by the author.

This hack will allow you to by-pass the function filters built into the template conditional's. Currently you are restricted to the following functions:

PHP Code:
        $safe_functions = array(
            
// logical stuff
            
=> 'and',              // logical and
            
=> 'or',               // logical or
            
=> 'xor',              // logical xor

            // built-in variable checking functions
            
'in_array',              // used for checking
            
'is_array',              // used for checking
            
'is_numeric',            // used for checking
            
'isset',                 // used for checking
            
'empty',                 // used for checking
            
'defined',               // used for checking
            
'array',                 // used for checking

            // vBulletin-defined functions
            
'can_moderate',          // obvious one
            
'can_moderate_calendar'// another obvious one
            
'exec_switch_bg',        // harmless function that we use sometimes
            
'is_browser',            // function to detect browser and versions
            
'is_member_of',          // function to check if $user is member of $usergroupid
        
); 
With this hack installed you will be allowed to use ANY avaiable php or vBulletin defined function within your templates. I have also included a on/off switch that allows you to disable filtering via config.php.

PHP Code:
// filtering off
define('C_PASSTHRU'false);

// filtering on
define('C_PASSTHRU'true); 

This hack is ment to be used on test boards for functionality testing, do not run it in production enviroments.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #12  
Old 09-02-2004, 10:17 AM
CarCdr CarCdr is offline
 
Join Date: Apr 2004
Posts: 242
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You can execute any PHP function without requiring a mod, simply by inserting something between the name of the function and the parenthesis of the argument list.

For example, the following examples will work fine:
Code:

<if condition="$foobar = time/**/()">
Time: $foobar
</if>

<if condition="execute_some_function/**/()">

</if>
Reply With Quote
  #13  
Old 09-02-2004, 10:28 AM
HiDeo's Avatar
HiDeo HiDeo is offline
 
Join Date: Oct 2003
Posts: 306
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Good job thanks
Reply With Quote
  #14  
Old 09-02-2004, 05:37 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@Car: have you reported this as a bug?
Reply With Quote
  #15  
Old 09-03-2004, 10:03 AM
CarCdr CarCdr is offline
 
Join Date: Apr 2004
Posts: 242
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Xenon
@Car: have you reported this as a bug?
No Xenon. There is no good way to fix it without writing a complete PHP expression parser, and, I do not think it should be fixed. If an administrator wants to use this trick, I see no reason to disallow it.

In all the time that vB has been used at sites, I doubt very strongly that anyone has done this accidently.

BTW, I think that one could probably go as far as defining and running functions in a template, if one was so twisted.
Reply With Quote
  #16  
Old 09-03-2004, 08:24 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, but it IS a bug and therefore it should be reported in my eyes.

The defs will then say themselve if they want to fix it or not.

Actually i see a reason for it. Because why are some functions not allowed is because they didn't want to let every admin change the permissions themselves, but with that bug, it's easyli possible, and therefore it's a security problem (still normally if you make someone and admin, you should trust him that far, but hey, i have not designed the permission system )
Reply With Quote
  #17  
Old 09-03-2004, 08:37 PM
CarCdr CarCdr is offline
 
Join Date: Apr 2004
Posts: 242
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The permission system has little to do with this imo. If you make someone an admin, they hardly need to mess about with writing funky template conditionals to subvert permissions. By definition, if you give AdminCP access to someone who can overwrite template, with or without conditionals, it is someone you trust.

The list of allowed functions is pretty silly anyway. Why aren't the hundred other benign PHP functions allowed? I mean, what damage can one do with 'strlen(...)'.

Anyway, we need not argue. If you think it is a bug, you know what to do.

Cheers
Reply With Quote
  #18  
Old 09-03-2004, 08:46 PM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I meant the Adminpermission system.
Why have it if those admins can change them themselves

but as you already said, it's nothing we have to argue about, i'll just report it and we'll see what the dev's think about.
Reply With Quote
  #19  
Old 09-09-2004, 04:17 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Was to stop people putting backdoors into styles, you make a nice style with a backdoor and post it on your website and an unsuspecting admin installs it.

Its easy to see hacks with backdoors but if you think about styles, there could be 1000's of lines of code.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:58 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06933 seconds
  • Memory Usage 2,301KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (2)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (8)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete