The Arcive of Official vBulletin Modifications Site.

About Developer · **Released**: 10-27-2005

Hello.

For those of you who have public forums with members who may become future-banned members, because they have too much time on their hands, this is one area of the forum's E-mail system they won't be able to play with.

What I mean is, currently, the 'Contact Us' form's member's 'username' and 'E-mail' fields can be overwritten such that the admin can receive E-mail with the incorrect 'reply to' info if someone monkey's with the username and/or put's someone else's E-mail address in the field. This can cause some unknowing person to receive unwanted E-mail from the admin.

This 'playfulness' is expected from random 'guests'. Therefore, in order to restrict this behavior to 'guests' only, here is the code to make these fields 'uneditable' for logged-in members, since their profile values are automatically filled-in by the system. At least, they won't be able to 'play' here...

Locate the 'name' section of code. Modify with this:

PHP Code:


			
<!-- begin revision -->

<if condition="$show['member']">

                        <input type="text" class="bginput" name="name" value="$name" size="50" readonly="readonly" /> &nbsp;(uneditable)

<else />

                        <input type="text" class="bginput" name="name" value="$name" size="50" />

</if>

<!-- end revision -->

Next, locate the 'email' section of code. Modify with this:

PHP Code:


			
<!-- begin revision -->

<if condition="$show['member']">

                        <input type="text" class="bginput" name="email" value="$email" size="50" dir="ltr" readonly="readonly" /> &nbsp;(uneditable)

<else />

                        <input type="text" class="bginput" name="email" value="$email" size="50" dir="ltr" />

</if>

<!-- end revision -->

NOTE: the difference in the 2 '<input...> statements is the 'readonly' attribute and a field message that lets members know those 2 fields are 'uneditable'.

Hope this helps.

EDIT: Make change to 'contactus' template

EDIT (11/15/05): CHANGED from 'readonly' to readonly="readonly" to make compliant although the original version works. The text file download was also updated.

moonclamp · #12 10-29-2005, 11:45 PM

"locate the 'name' section of the code modify with this" ????

Are there some simple find/replace instructions as the word name is repeated all over the template

(Surely this is just a template mod anyway?)

moonclamp · #13 10-29-2005, 11:55 PM

Quote:

Originally Posted by moonclamp

"locate the 'name' section of the code modify with this" ????

Are there some simple find/replace instructions as the word name is repeated all over the template

(Surely this is just a template mod anyway?)

No worries, I worked it out

Here is a text file for anyone else having trouble

timetunnel · #14 10-30-2005, 02:07 AM

Moonclamp,

Nice job with the instructions. If you don't mind, I revised it by putting credit to you in it and put it with the initial post now that I know how to do it. No other changes. Hope this is okay.

Thanks to all of you who have 'shown me the way...' :squareeyed:

Oblivion Knight · #15 10-30-2005, 06:19 AM

Nice template mod, although I'd rather use disabled="disabled" than readonly. Using this method, the visual feedback is already there without having to note that it's uneditable..

Boofo · #16 10-30-2005, 09:36 AM

Quote:

Originally Posted by Oblivion Knight

Nice template mod, although I'd rather use disabled="disabled" than readonly. Using this method, the visual feedback is already there without having to note that it's uneditable..

So, exactly how would you change it then?

moonclamp · #17 10-30-2005, 09:47 AM

Quote:

Originally Posted by Boofo

So, exactly how would you change it then?

swapping "readonly" with disabled="disabled" greys out the input while still keeping it read only

HOWEVER ... as I just discovered. When I just used "disabled" I got an error message "You entered an invalid email address."

Andreas · #18 10-30-2005, 10:59 AM

1. Moved to Templated Modifications, as it is not a Code Hack
2. This breaks XHTML validity
3. It does not stop users from using faked input

timetunnel · #19 11-06-2005, 10:01 PM

In response to Moonclamp's using the

Quote:

disabled="disabled"

attribute, the error message comes because of the difference between how it is handled over the 'readonly' attribute. The 'readonly' attribute still allows the parameters of the 'input' statement to be sent to the server when the form is submitted. Therefore, the input 'acts' like the type is 'hidden' vs. 'text'. When the disabled attribute is used, its parameters are NOT sent to the server thereby causing the error message, 'invalid email address'. The server never received the data.

In response to Andreas,

Quote:

2. This breaks XHTML validity
3. It does not stop users from using faked input

I'm not sure I understand. Can you explain, please?

For example, I'm not familiar with 'what' breaks XHTML validity since I haven't been working with it very long. Also, re: item 3, if the fields are 'readonly', how can the input be faked?

Thanks.

King Kovifor · #20 11-14-2005, 11:17 PM

Question: What do we replace with what.

timetunnel · #21 11-14-2005, 11:22 PM

Download the file attached to the initial post (on the right-hand column under 'Mod Options'). It has instructions in a different format.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04954 seconds Memory Usage 2,319KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (2)bbcode_php (5)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (11)post_thanks_box (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (11)post_thanks_postbit_info (10)postbit (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!