Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Very bad things happen to people who use Mass PM
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-16-2001, 03:19 AM
ender ender is offline
 
Join Date: Oct 2001
Posts: 25
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I did this message:
This is your name: $username
This is your password: $password

And I sent that to every single member of my message board.

Guess what?

This is what it gave to everyone:
This is your name: Ender
This is your password: **** [accually it was the password displayed]

As you all can imagine I was overjoyed my pass was released to the public for about 20 mins before I realized it.

THIS IS A VERY BAD THING! AHHH!
Reply With Quote
  #2  
Old 02-16-2001, 04:59 AM
Guest
  
Posts: n/a
Default
Are you sure it sent YOUR username/password to them?
Reply With Quote
  #3  
Old 02-16-2001, 07:42 AM
Guest
  
Posts: n/a
Default
The MASS PM feature is a hack and you will have to take this up with them.

Can Someone move this to the Hacking forum?
Reply With Quote
  #4  
Old 02-16-2001, 07:59 AM
Guest
  
Posts: n/a
Default
neither of the hacks ever said that you could give out user variables, in fact mine explicitly states in a discussion with Me2Be i think that you can't. What you have done is just sent your variables which are in your cookie/session tag. It would not be hard to be able to do what you want but it was not something I added into the hack.
Reply With Quote
  #5  
Old 02-18-2001, 05:06 AM
Guest
  
Posts: n/a
Default
No no, I'm not like pissed. I realized that it was a hack when I d/led it. I'm just stating this so it could possibly be fixed, and so that no one else has this happen. Is it now a bad thing to post bugs within hacks?
Reply With Quote
  #6  
Old 02-18-2001, 11:07 AM
Guest
  
Posts: n/a
Default
no of course not but it is not really a bug, you were trying to use a feature you assumed was there but is not and by doing so had unforseen consequences. Nethertheless i can see how the mistake can happen and the next version (which is going to be PMTools) will ensure it does not.
Reply With Quote
  #7  
Old 02-19-2001, 02:58 PM
Guest
  
Posts: n/a
Default
Quote:
Originally posted by ender
I did this message:
This is your name: $username
This is your password: $password

This is what it gave to everyone:
This is your name: Ender
This is your password: **** [accually it was the password displayed]
I modified the hack by chris and added the \$username, \$password, \$email function to the MassPM and it will send each user THEIR OWN username,password,email NOT yours...

HACK found at http://www.vbulletin.com/forum/showt...?threadid=8742
Reply With Quote
  #8  
Old 02-28-2001, 12:52 PM
Guest
  
Posts: n/a
Default
you know I had only one question when reading this

If you are sending a user their password through PM then they have already used their password to sign on so I would hope they have a clue what they typed in to get on the forum to check the PM that will tell them what their password is that they just entered to get there

Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 04:44 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04175 seconds
  • Memory Usage 2,207KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (1)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete