Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
[AJAX] vBShout v2.0 Details »»
[AJAX] vBShout v2.0
Version: 2.0, by Zero Tolerance Zero Tolerance is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: 3.5.0 RC2 Rating:
Released: 07-27-2005 Last Update: 04-22-2006 Installs: 1831
Uses Plugins Template Edits
Additional Files  
No support by the author.

[high]Staff Edit/Update[/high]

I have released an updated version of this hack (version 2.0.1), this version fixes some security issues with this hack. All version prior to this one allow users to insert html in their shouts, this can cause problems with them using html that breaks the site layout or malicious javascript. Download the new zip file (vBshout_fixed.zip) and upload the new vbshout.php file to patch/upgrade. If you want to manual instructions they are in the zip file, in the file bugfixes.txt

Second Staff update

I've uploaded a new version of this hack, dubbed '2.0.2'. This one should fix the html injection issues without breaking special characters. To upgrade, download the new zip file and upload the new vbshout.php file.

Please note that this only fixes the html injection issues. I do not use this hack on my own forum (although I've tested this on a client's board) so I will not be fixing the server load issues. I suggest you do not install this hack if you can't deal with the extra server load, as it's rather intensive.

- Brad

[high]End staff edit[/high]

Well, been a while since I've been to vb.org and released anything, thought i'd break the trend and whip up something quick while I have a little spare time.

A shoutbox as you would assume, a very simple one to start off with, but does include AJAX Technology, which pushes the shoutbox 1 step closer to live, messages from other people will appear with no refreshing, and so will yours that you post

A preview is below, i'd estimate a 50 second installation max

Primary Features:
- AJAX Technology (no refreshing)
- Administration control an display element options
- Fast format editor

Change Log::

- v1.1:
WOL (Who's Online) Correction

- v1.2:
New Posting Featurs (Bold/Italic/Underline/Colour/Font)
Admin Controls

- Change location/position of shoutbox
- Change number of shouts displayed
- Switch vbcode/similes on/off
- v1.3
Firefox javascript issue fixed
New Admin Controls

- Command Activation
- Swtch extra format options on/off
- Change position of editor (above/below messages)
New Commands

- /prune (Clears the shoutbox completely)
- /prune [username] (Clears all shouts posted by specified user)
- v1.4
Usergroup HTML Markup For Usernames
Clear Editor Button
Emoticons Pop Up Menu
Time display configurated to vBulletin settings
Username Links To Profile
New Admin Conrols

New vBShout Position (Directly Above Forums)
Banned Users
Banned Usergroups
Banned Permissions
Smilie Pop-Up Box Height
Smilie Pop-Up Box Width
New Commands

"/me" - Action message (all users are able to use this command)
/pruneshout [shout] - Deletes a single shout
- v1.5
Improved Smilies Display
XHTML 1.0 Transitional Valid (couple of errors fixed)
New Admin Options

Shoutbox Height
Smilies To Show
Shout Messages Order
Banned Permissions (fixed)
- v1.6
Bug Fixes:

- Unable to delete shouts that used /me command fixed
- Shouts being displayed from bottom-upwards only showed first 20 shouts
Automatically parses URL's

- v2.0
New Archive

- Displays shouts and pages
- Stats and top 10 shouters
- AJAX Edit/Delete (staff can edit/delete all shouts)
Enjoy,

- Zero Tolerance

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #902  
Old 12-04-2005, 02:40 AM
Raptor Raptor is offline
 
Join Date: Nov 2001
Posts: 499
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ive tested - yes indeed it does fix

can i have this confirmed please
Reply With Quote
  #903  
Old 12-04-2005, 02:46 AM
Raptor Raptor is offline
 
Join Date: Nov 2001
Posts: 499
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Dollah
i uploaded everything box show fine but it keeps saying loading whats that all about.
i can type but it loads or show nuthing. i use firefox 1.5 if that helps u help me..thanx in advance
ive found it doesnt work on firefox v1.5 but does on v1.7
Reply With Quote
  #904  
Old 12-04-2005, 02:58 AM
Chris M's Avatar
Chris M Chris M is offline
 
Join Date: Dec 2001
Location: Northampton, England
Posts: 6,186
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Raptor
ive found it doesnt work on firefox v1.5 but does on v1.7
There is no 1.7...

Chris
Reply With Quote
  #905  
Old 12-04-2005, 03:22 AM
Raptor Raptor is offline
 
Join Date: Nov 2001
Posts: 499
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

sorry i was thinking of mozilla
Reply With Quote
  #906  
Old 12-04-2005, 03:35 AM
Dollah Dollah is offline
 
Join Date: Nov 2005
Posts: 55
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Raptor
there is a security flaw if you direct link to vbshout.php - you can execute java and html

this should fix

Code:
// ---------------------------------------------------
// Shout
// ---------------------------------------------------
if ($_POST['do'] == 'shout')
{
$vbulletin->input->clean_array_gpc('p', array(
'shout' => TYPE_STR,


if you change that to

// ---------------------------------------------------
// Shout
// ---------------------------------------------------
if ($_POST['do'] == 'shout')
{
$vbulletin->input->clean_array_gpc('p', array(
'shout' => TYPE_NOHTML,
which is;

http://www.vbulletin.com/docs/html/m...estandards_gpc

changes..
# TYPE_STR - Trimmed String (No leading or trailing whitespace)
to
# TYPE_NOHTML - Trimmed String sent through htmlspecialchars_uni()


im sorry i'm new at this where do i find this at please
Reply With Quote
  #907  
Old 12-04-2005, 04:12 AM
divided_by_fear's Avatar
divided_by_fear divided_by_fear is offline
 
Join Date: Oct 2005
Posts: 451
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

well its seems its in the file like that 2 times do we replace both of the 'shout' => TYPE_STR,
with 'shout' => TYPE_NOHTML,
Reply With Quote
  #908  
Old 12-04-2005, 10:20 AM
Raptor Raptor is offline
 
Join Date: Nov 2001
Posts: 499
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Dollah
im sorry i'm new at this where do i find this at please
in the vbshout.php of course
Reply With Quote
  #909  
Old 12-04-2005, 10:22 AM
Raptor Raptor is offline
 
Join Date: Nov 2001
Posts: 499
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by divided_by_fear
well its seems its in the file like that 2 times do we replace both of the 'shout' => TYPE_STR,
with 'shout' => TYPE_NOHTML,
the hole is in the first one - no need to change anything else

as a test i looked at a couple of forums with shoutbox installed - it was very very easy to run custom javascript on their forums - this hole is actually very dangerous - all the users need to fix
Reply With Quote
  #910  
Old 12-04-2005, 10:23 AM
divided_by_fear's Avatar
divided_by_fear divided_by_fear is offline
 
Join Date: Oct 2005
Posts: 451
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

would it hurt to change the second one ? cause i had changed mine already everything still works... just want to make sure its ok
Reply With Quote
  #911  
Old 12-04-2005, 11:40 AM
Snake's Avatar
Snake Snake is offline
 
Join Date: Mar 2005
Location: Cleveland, OH
Posts: 3,832
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Raptor
the hole is in the first one - no need to change anything else

as a test i looked at a couple of forums with shoutbox installed - it was very very easy to run custom javascript on their forums - this hole is actually very dangerous - all the users need to fix
And what would happen if we don't?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:20 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06369 seconds
  • Memory Usage 2,322KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (5)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete