Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Top 'X' Stats Details »»
Top 'X' Stats
Version: 1.2.2, by InfiniteWebby InfiniteWebby is offline
Developer Last Online: Aug 2007 Show Printable Version Email this Page

Version: 3.5.0 RC1 Rating:
Released: 07-27-2005 Last Update: 09-03-2006 Installs: 538
Uses Plugins Template Edits
Additional Files  
No support by the author.

[high]Security Fix: The uploaded version fixes all issues concerned with the recent security vulnerabilities. Sorry I haven't been around I don't really do anything plugin wise anymore.[/high]

Oh this version also works with all current version of vB 3.6. So feel free to use it on that version.

- InfiniteWebby

The low down

Well this is the vB 3.5.0 version of my hack. It is much the same as the original except that for some added stuff that I never released

Basically what it does is show the Top 'X' (edited via the vBulletin options in the admincp) newest members, top posters and newest replies on the Forumhome.

So what's new in this version?

Well for one all settings, which include amount of stats to show on forumhome and the extended page, thread title and username truncation, excluded forums and 'new' and 'old' thread prefixes.

Secondly there is now an extra page where you are able to choose exactly how many stats to show.

And lastly and most importantly it only takes 3 simple steps to install =)

What's on the horizon?

- More "stat blocks" including top reputation and top thread based on views or replies. If you have a suggestion please let me know, prefferably via pm.
- Proper can view other users threads permissions. At the moment I cannot think of how to block other people threads while still showing your own without totally re-writing the hack =(.

Version 1.2.1 is a re-release with who's online additions as well as some template changes. So you are best to reinstall the whole thing all over again.

So anyway enjoy and click install.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #432  
Old 10-04-2006, 09:55 PM
desiforums desiforums is offline
 
Join Date: Mar 2006
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ya worked for me
Reply With Quote
  #433  
Old 10-04-2006, 09:56 PM
desiforums desiforums is offline
 
Join Date: Mar 2006
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

but i want to know how can put it on the top of the forum its at the bottom anyone knows????
Reply With Quote
  #434  
Old 10-04-2006, 10:57 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by desiforums
but i want to know how can put it on the top of the forum its at the bottom anyone knows????
In your "navbar" template
Add to the very bottom
PHP Code:
    <if condition="$show['topXstats']">
    
$topXstats
    
</if> 
-Hope it works
Reply With Quote
  #435  
Old 10-07-2006, 07:04 PM
cbr929rrerion cbr929rrerion is offline
 
Join Date: Oct 2005
Posts: 275
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

this is STILL a security risk..

Forum was redirected again today...

Yes I have the newest version and it still is insecure..
Reply With Quote
  #436  
Old 10-07-2006, 07:07 PM
DementedMindz DementedMindz is offline
 
Join Date: Jan 2006
Posts: 1,474
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by cbr929rrerion
this is STILL a security risk..

Forum was redirected again today...

Yes I have the newest version and it still is insecure..

report it and have the admins look at it.
Reply With Quote
  #437  
Old 10-07-2006, 08:14 PM
murrtex murrtex is offline
 
Join Date: May 2002
Location: izmir
Posts: 249
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by cbr929rrerion
this is STILL a security risk..

Forum was redirected again today...

Yes I have the newest version and it still is insecure..

delete and forget this hack..

and try this
https://vborg.vbsupport.ru/showthread.php?t=122986

be sure you will be glad
Reply With Quote
  #438  
Old 10-07-2006, 08:26 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I can't figure out how the crap people redirect This?!!
Im removing it
Reply With Quote
  #439  
Old 10-07-2006, 09:32 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by DementedMindz
report it and have the admins look at it.
I had a look at this tonight.

If this is installed from scratch then it cannot be exploited.

However, because of the the way the fix has been implemented - it is possible that it may still be exploitable if someone updated their older version to the new code, and they had customised the templates, but did not revert or re-edit those templates.

This is because the older versions used $getstats_thread[title], the fix uses $getstats_thread[titletrimmed] - but the old variable is still available, and if displayed by an old template, will still cause a redirect.

The best workaround to this is to make sure you revert any old topXstats templates. The author should fix this properly by making sure that the old variable $getstats_thread[title] is either removed, or also made 'harmless' by using htmlspecialchars().
Reply With Quote
  #440  
Old 10-07-2006, 10:20 PM
DementedMindz DementedMindz is offline
 
Join Date: Jan 2006
Posts: 1,474
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

yeah I havent had a problem Paul since the fix but others are claiming they are so I told them to report it if so.
Reply With Quote
  #441  
Old 10-08-2006, 03:17 PM
apdcanari apdcanari is offline
 
Join Date: May 2005
Location: Belgique
Posts: 97
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello,

Thread preview, it is possible (lasts threads) ?

Tks,

C?dric
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:11 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06208 seconds
  • Memory Usage 2,313KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete