Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Upload Hack Details »»
Upload Hack
Version: 1.00, by Slynderdale Slynderdale is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 04-09-2002 Last Update: Never Installs: 78
 
No support by the author.

Im a newbie at php, and this is my first hack, its a uploader i made that uses your vbulletin forum's accounts and pass to upload files into there private folder, it also lets people view what files they uploaded, it also logs when, who, what file was uploaded and the size of the forum to a text file. When some one uplaods it creates a sub folder thats the same as there username and a blank index.html file so no one can browse through there stuff and then uploads the image into there personal sub folder, you can also edit authvb to only alow certain usergroups to upload.

How to setup:
Open config.php and change the settings to how you want them
upload config.php,upload.php and authvb.php
chmod the folder where the log file will go and where the account sub folders will be places so there read and write, probily 0777

Thats it, now go to upload.php and use your vbulletin account and pass and upload a file

Coming soon:
Delete feature
File count limit

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #92  
Old 04-30-2003, 02:16 PM
ipscone ipscone is offline
 
Join Date: Jul 2002
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm getting "Couldn't Copy File To Server" error. I have done some troublshooting on this...

1) I have checked the permissions and they are 777.
2) I have verified that the login is checked properly.
3) I have verified that the folder is created, for the user, when a file upload is attempted, in the upload directory.
4) I have verified that the copy path is correct. I put some test code in to see what the script thinks the path is and it returns:
/MyAbsolutePath/ipscone/MyTestFile.gif, which is the correct absolute path.
5) I have even manually copied a file to the upload/member folder and when I try to use the Upload.php program to upload that same file, it correctly sees that it's a duplicate. So that part works ok.
6) I have tried to view that directory with the View Files and even though there is one file that was manually copied, it doesn't display with the View Files.
7) I modified the upload.php file to do some debugging and found something I can't explain. In the case view: section, I modified the following:
Code:
$dir = opendir("$absolute_path/$PHP_AUTH_USER") 
       or $list .= "<tr><td>Error: Can't open $absolute_path/$PHP_AUTH_USER</td></tr>";
while($file = readdir($dir)) {{
to see that the absolute path was right and it was. Now, I know there is one file in the directory but the code within the while loop does not execute even once. Since there is one file there (manually placed) it should go through this loop, at least once. Why not?

Can there be an incompatibility with php 4.3.1 that I'm using?

But the file just won't copy. I get "Couldn't Copy File to Server".

Any idea what might be causing this error? opendir adn copy seem to fail.

Is this the only UPLOAD program that produces individual folders for each of the members?

What version is included in the first post in this thread? Is there a newer version somewhere?
Reply With Quote
  #93  
Old 05-01-2003, 03:26 AM
ipscone ipscone is offline
 
Join Date: Jul 2002
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok, I have a clue to the symptoms but no answer to the problem yet.

The opendir() and copy() fail because of the way the directory is created. The script uses the following to create the upload directory
PHP Code:
if (!is_dir("$absolute_path/$PHP_AUTH_USER")) {
   
$oldumask umask(0);
   
mkdir("$absolute_path/$PHP_AUTH_USER",0777); 
   
umask($oldumask);
   if (
$indexfile 
        
fopen("$absolute_path/$PHP_AUTH_USER/index.html""a")) {
      
$timenow time();
      
$name    strip_tags($PHP_AUTH_USER);
      
fwrite($indexfile"");
      
fclose($indexfile);
    }

With this code, the directory is created but the owner is "apache." When the owner is apache, the opendir() and copy() don't work in the script.

But if I manually create any directory that I plan to use, instead of the program doing it, everything works fine. I can upload and the opendir() and copy() work fine.

How does one change the script to avoid this problem? I believe it is normal for "apache" to be the owner of something created from the script but why doesn't the copy() and opedir() work for a directory that has "apache" as the owner? Any way around this?
Reply With Quote
  #94  
Old 05-01-2003, 08:30 PM
ipscone ipscone is offline
 
Join Date: Jul 2002
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Now, I'm thinking this inability to use copy() and opendir() has to do with the open_basedir configuration.

The program works perfectly, if I manually create the folder and set the permissions. But if the program creates the directory, I can't open or copy to it.

Anyone know how I can get around this and open and copy files, if this is the case? Or, if this is not the problem what is?
Reply With Quote
  #95  
Old 05-19-2003, 01:11 AM
kevinnguyen kevinnguyen is offline
 
Join Date: Feb 2003
Posts: 77
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

man, where's v2? it sounds great
any1 here knows how to add more upload boxes?
Reply With Quote
  #96  
Old 05-19-2003, 01:43 AM
LangTuDaTinh LangTuDaTinh is offline
 
Join Date: Dec 2001
Posts: 159
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
05-01-03 at 02:30 PM ipscone said this in Post #93
Now, I'm thinking this inability to use copy() and opendir() has to do with the open_basedir configuration.

The program works perfectly, if I manually create the folder and set the permissions. But if the program creates the directory, I can't open or copy to it.

Anyone know how I can get around this and open and copy files, if this is the case? Or, if this is not the problem what is?

i think u must go to telnet or SSH and change its chown from apache to that site's user.
Reply With Quote
  #97  
Old 06-20-2003, 07:36 AM
corsacrazy's Avatar
corsacrazy corsacrazy is offline
 
Join Date: May 2002
Location: london
Posts: 854
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

bump once again the creator if ur out there please share version 2 with us
Reply With Quote
  #98  
Old 06-25-2003, 12:15 PM
Nebby Nebby is offline
 
Join Date: Mar 2003
Location: England
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Reply With Quote
  #99  
Old 06-25-2003, 01:10 PM
ipscone ipscone is offline
 
Join Date: Jul 2002
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Here is one I'm working on...

Photo album
Reply With Quote
  #100  
Old 06-25-2003, 02:40 PM
corsacrazy's Avatar
corsacrazy corsacrazy is offline
 
Join Date: May 2002
Location: london
Posts: 854
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

looks good is it intergrated in to users database?
Reply With Quote
  #101  
Old 06-26-2003, 11:39 PM
Nebby Nebby is offline
 
Join Date: Mar 2003
Location: England
Posts: 65
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Can it be edited to work with MP3's?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:30 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04793 seconds
  • Memory Usage 2,309KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (1)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete