Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
Reload this Page Rename Thread on Reply
FAQ Community Calendar Today's Posts Search

Reply
Page 4 of 4 « First 23 4
 
Thread Tools
Details »»

Version: 1.00, by Tommy Boy Tommy Boy is offline
Developer Last Online: Oct 2014 Show Printable Version Email this Page
Version: 2.2.x Rating:
Released: 02-05-2002 Last Update: Never Installs: 7
 
No support by the author.

If you run a support forum, you certainly hate these thread with names like "BUG!" or "NOT WORKING!" or "HELP!!", because they don't give any indication about the content of the threads, and other users will probably create new threads with similar content, just because the other thread names were not clear enough.

After installing this hack, you will be able to change a thread title when replying to it, without having to go to the admin panel, and waste precious time and clicks.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #32  
Old 06-04-2003, 02:55 AM
Paul Paul is offline
 
Join Date: Jan 2002
Posts: 211
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
There's a nasty little bug in this hack. Essentially, the title will always be overwritten when replied to by a moderator but it will not strip special html characters. If you've installed this hack, follow the following steps to fix it. In newreply.php, find:

PHP Code:
        $DB_site->query("UPDATE thread SET title='" addslashes ($newthreadtitle) . "' WHERE threadid='$threadid'"); 
Replace it with:

PHP Code:
       $DB_site->query("UPDATE thread SET title='".addslashes(htmlspecialchars($newthreadtitle))."' WHERE threadid='$threadid'"); 
Find and REMOVE the following line:

PHP Code:
    $newthreadtitle htmlspecialchars ($newthreadtitle); 
You will now need to run a series of MySQL queries to fix threads affected by this bug:

Code:
UPDATE `thread` SET title = REPLACE(title,"\"","&quot\;") WHERE title LIKE "%\"%";
UPDATE `thread` SET title = REPLACE(title,">","&gt\;") WHERE title LIKE "%>%";
UPDATE `thread` SET title = REPLACE(title,"<","&amp;lt\;") WHERE title LIKE "%<%";
UPDATE `thread` SET title = REPLACE(title,"&","&amp;amp\;") WHERE title NOT REGEXP "&(quot|amp|lt|gt)" AND title LIKE "%&%";
As usual, backup everything before doing the above.

Best wishes,
Paul

Edit: Due to a bug on vbulletin.org, I had to alter the queries and add an additional &amp; to get them to display properly. They should appear correctly now.
Reply With Quote
  #33  
Old 06-04-2003, 06:15 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I don't mean to sound stupid here, but what does this fix actually do? I can add quotes to the thread title with no problems.
Reply With Quote
  #34  
Old 06-04-2003, 10:40 AM
Paul Paul is offline
 
Join Date: Jan 2002
Posts: 211
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It removes special html characters from a string and fixes a bug that was causing your hack to always update the database when a moderator replied. See:

www.php.net/htmlspecialchars

Certain functions on the forum require that the text stored in the database be htmlspecialchars()'ed. For an example, create a new thread with a title that has quotation marks in it, reply to that thread with a moderator account, and then attempt to split the thread. Notice what happens to the thread title.

All input should be processed with htmlspecialchars(); The first change in my post above corrrects that. The second change fixes the matching check. The queries add special html tags (like &quot; instead of ") to existing thread titles that may have already been affected by this hack.

After a year of running with this hack, we had approximately 400 out of ~60,000 threads which had the problem. We only realized it when someone tried to split one.
Reply With Quote
  #35  
Old 06-04-2003, 01:22 PM
WEForums WEForums is offline
 
Join Date: Apr 2003
Location: Jacksonville, Florida
Posts: 195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Today at 12:40 PM LoveShack said this in Post #33
For an example, create a new thread with a title that has quotation marks in it, reply to that thread with a moderator account, and then attempt to split the thread. Notice what happens to the thread title.
Umm... I did that...notice the ;quot thing...however, I plit the thread and everything was normal. I don't understand what is 'wrong' or 'different.' :ermm:
Reply With Quote
Reply
Page 4 of 4 « First 23 4

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:01 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03986 seconds
  • Memory Usage 2,249KB
  • Queries Executed 19 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (3)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (4)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete