Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
if() vBCode - Private Post Text Hack Details »»
if() vBCode - Private Post Text Hack
Version: 1.00, by Slynderdale Slynderdale is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 02-02-2003 Last Update: Never Installs: 23
 
No support by the author.

Important News: This hack is now out of beta testing and is now in alpha.

What this hack does, is add a if() vB Code where you can enter formulas that if true, the user will be able to see the private text in the post, if it shows up false, its hidden from the users sight. This hack doesnt use any queries at all. Also the if() vB Code also supports other vB Codes inside of it.

The formulas can contain both functions and varibles such as $bbuerinfo[userid] or strtolower(), you can add a list of allowed functions to it and all others functions that arent allowed are removed from the code to prevent security issues.

All security issues and exploits have now been fixed. This hack has settings where you can allow all users to use it or just allow admins to use it. Theres also a setting that you can change to allow admins to see all the private text in posts even if they normaly cant see it.

The code part of the vB Code ( if(code) ) uses the same syntax as php script, so if you wanna check if a varible equals something, you must use == instead of =, also all varibles from $bbuserinfo also have there own varible, what i mean by this is that $bbuserinfo[username] is also $bbusername and $bbuserinfo[posts] is also $bbposts, with these specail varibles, it is optional to add a $ in front of it, so $bbusername and bbusername will both work.

Also theres a feature where admins can see the forumula that was used next to the text "Private Text:", it is shown is (code used here), other members will just see "Private Text:".

Examples of the If() vB Code:
[if($bbuserid>0)]Thank you for joining![/if]
[if(bbuserid>0)]Thank you for joining![/if]

[if($bbusername=="Admin")]Whats up?[/if]
[if(bbusername=="Admin")]Whats up?[/if]

[if($ourtimenow>=$post[dateline]+((7*24)*60*60))]Text To Display 1 week from this post[/if]

[if(bbuserid>0 and bbposts>100)]Keep up the posting [/if]

[if(bbusergroupid==6 or bbusergroupid==7)]Important Text[/if]



Important: New Update as of March 16th
I recoded the doif function and fixed it up and added editable options for and also a bug that Nuclion encountered:
Admin Only
Admin can read all private text
Allowable functions that you can use
Certain accounts that can see all the private texts
Admins allowed to use all php functions

https://vborg.vbsupport.ru/showthrea...167#post367167
The text below already contains the fix.

Important: New Update as of February 8th
I fixed a bug, that when you search your forums, the if() tag shows even if you cant view it.

https://vborg.vbsupport.ru/showthrea...808#post351808
The text below already contains the fix.

Also I hope you enjoy the hack, If you have any problems, ideas, or just feedback, feel free to post.

Screenshots:
Heres a screenshot of a test post I did with the if() vB Code, the user who made the post can see all the private text in the post by default.
https://vborg.vbsupport.ru/attachmen...&postid=350154
(Note: The private text table can esily be edited in the "privatetext_style" style in headinclude after the hack is installed:

Heres a screen shot of the same post but after I logged out, so this is what the guest would see.
https://vborg.vbsupport.ru/attachmen...&postid=350155

I only have one request if you install this hack, please click Install, Thank You.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #52  
Old 03-16-2003, 03:21 AM
Slynderdale Slynderdale is offline
 
Join Date: Mar 2002
Location: New York State
Posts: 576
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Its been a while, but I fixed the bug that Nuclion had and also added a few more options to it, I also updated the text file with the fix, Ill also post the code below so you dont have to redownload the text. Just replace your old doif function with:

PHP Code:
// ###################### Do IF #######################
function doif($code,$text,$output=0) {
  
extract ($GLOBALS);
  
  
//Editable Options Below
  
$allowed_functions = array('trim','strtolower','strtoupper');  //Array of allowable functions
  
$admin_only false//Set to true if you want only admins to use this.
  
$admin_allowed_functions false//Set to true if you want only admins to be able to use all the functions.
  
$admin_view_all false//Set to true if you want to allow admins to view all text.
  
$users_view_all = array('1'); //Users that can view all the text
  //Editable Options Above
  
  
$postadmin false;
  if (
$post['usergroupid']==or $postinfo['usergroupid']==or $searchresult['usergroupid']==6)  $postadmin true;
  
$isadmin false;
  if (
$bbuserinfo['usergroupid']==6)  $isadmin true;
  if (
$code and ($admin_only!=true or $admin_only==true and $postadmin==true)) { 
      unset(
$codestuff);
    while (list(
$key,$val)=each($bbuserinfo)) {
      
$codestuff .= '$bb'.strtolower($key).' = "'.$val.'";';
      @
define("bb".strtolower($key),$val,true);
    }
    @eval(
$codestuff);
    
$allfuncs get_defined_functions();
    
$search_array = array();
    
$replace_array = array();
    if (
$admin_allowed_functions!=true or $admin_allowed_functions==true and $postadmin!=true) {
      foreach (
$allfuncs['internal'] as $name) {
        if (!
in_array($name,$allowed_functions)) {
          
$search_array[] = "/($name)(.*)(\()(.*)(\))/siU";
          
$replace_array[] = "\\4";
        }
      }
      foreach (
$allfuncs['user'] as $name) {
        if (!
in_array($name,$allowed_functions)) {
          
$search_array[] = "/($name)(.*)(\()(.*)(\))/siU";
          
$replace_array[] = "\\4";
        }
      }
    }
    
$code preg_replace($search_array,$replace_array,$code);
    
//$code = str_replace("(","",$code);
    //$code = str_replace(")","",$code);
    
$eval_code=false;
    @eval (
'if ('.stripslashes($code).') { $eval_code=true; } else { $eval_code=false; }');
      if ((
$eval_code==true) or ($bbuserinfo['userid'] == $post['userid'] and intval($post['userid'])>0) or ($bbuserinfo['userid'] == $postinfo['userid'] and intval($postinfo['userid'])>0) or ($bbuserinfo['userid'] == $searchresult['userid'] and intval($searchresult['userid'])>0) or ($isadmin==true and $admin_view_all==true) or (is_array($users_view_all) and @in_array($bbuserinfo['userid'],$users_view_all))) {
         if (!
$output) {
           return 
"<table border=\"0\" align=\"center\" width=\"90%\" cellpadding=\"3\" cellspacing=\"1\"><tr><td><smallfont><b>Private Text: ".iif($isadmin,"(".stripslashes($code).")","")."</b></smallfont></td></tr><tr><td class=\"privatetext_style\">".bbcodeparse($text)."</td></tr></table>";
        } else return 
"[if(".stripslashes($code).")]".$text."[/if]";
     } else {
       return 
"";
     }
  }
  if (
$admin_only==true and $postadmin!=true) return "[if(".stripslashes($code).")]".$text."[/if]";
  else return 
bbcodeparse($text);

Reply With Quote
  #53  
Old 03-16-2003, 01:55 PM
NuclioN's Avatar
NuclioN NuclioN is offline
 
Join Date: Aug 2002
Posts: 955
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great Slynderdale, i hope it is fixed now
I saw this line:

$users_view_all = array('1'); //Users that can view all the text

What does this mean? Is 1 = all users can view and 0 is only the reciever can see it??
Reply With Quote
  #54  
Old 03-16-2003, 06:47 PM
Slynderdale Slynderdale is offline
 
Join Date: Mar 2002
Location: New York State
Posts: 576
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Today at 10:55 AM NuclioN said this in Post #52
Great Slynderdale, i hope it is fixed now
I saw this line:

$users_view_all = array('1'); //Users that can view all the text

What does this mean? Is 1 = all users can view and 0 is only the reciever can see it??

The array of userid's that can view all the private text's on the forum, in case you only want to see all the text instead of all the admins.
Reply With Quote
  #55  
Old 03-22-2003, 03:04 PM
squawell's Avatar
squawell squawell is offline
 
Join Date: Oct 2001
Posts: 681
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i found a problem....

when i use quote than i can see anything if the rule set someone

can see...so how to solve that??

thankz
Reply With Quote
  #56  
Old 08-01-2003, 03:35 PM
Intex Intex is offline
 
Join Date: Apr 2002
Posts: 576
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Slynderdale - just looking at the installation for this hack. In the first part it asks yiou to find some text in functions.php, but then doesn't seem to suggest to modify / replace anything, it just asks to find something else.

Can you confirm please. Thx.
Reply With Quote
  #57  
Old 08-06-2003, 10:56 AM
brauner brauner is offline
 
Join Date: Jul 2002
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
08-01-03 at 05:35 PM Intex said this in Post #55
Slynderdale - just looking at the installation for this hack. In the first part it asks yiou to find some text in functions.php, but then doesn't seem to suggest to modify / replace anything, it just asks to find something else.

Can you confirm please. Thx.
Please Help, I have the same problem. I use vb 2.3.0
Reply With Quote
  #58  
Old 08-07-2003, 07:47 AM
Slynderdale Slynderdale is offline
 
Join Date: Mar 2002
Location: New York State
Posts: 576
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sorry about that, fixed.
Reply With Quote
  #59  
Old 11-08-2003, 02:02 AM
VeoMorphine VeoMorphine is offline
 
Join Date: Nov 2002
Posts: 155
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I was testing this:

[if($ourtimenow>=$post[dateline]+((7*24)*60*60))]Text To Display 1 week from this post[/if]

that makes the showthread.php for that post just a white page.

how would i also enable this for only supermods, admins and mod? and just not users?
Reply With Quote
  #60  
Old 12-11-2003, 01:46 AM
#01 #01 is offline
 
Join Date: Nov 2002
Posts: 17
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks a lot for making this hack! Works very good! I can see a lot of work went into it and I give mad props to ya!

It was exactly what I was looking for. It's almost 100% secure. Only flaw I can find in it is the fact that if a member who should not be able to see the stuff was to click on "Reply to Thread" They could see all of the info... even the admin portion showing the code. They just need to scroll down to look at the previous threads under the reply box.

Not a big deal though... that feature can be easily shut off (which I'm shutting mine off now.) Thanx a lot!
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:14 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04813 seconds
  • Memory Usage 2,345KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete