[2.0.10] HTML BBcode MOD

The cleanup is complete. This forum is now read only.

Rating:

Excellent!
33
87%
Very Good
2
5%
Good
1
3%
Fair
2
5%
Poor
0
No votes
 
Total votes: 38

ShadowTek
Registered User
Posts: 66
Joined: Thu Jul 22, 2004 8:21 am
Contact:

Post by ShadowTek » Sat Sep 16, 2006 2:32 am

Hi, is this mod safe if only I use it (the board admin) or can it still be hacked (sorry for the dumb question)

spoonium
Registered User
Posts: 2
Joined: Fri Sep 08, 2006 12:22 pm

Post by spoonium » Wed Sep 20, 2006 12:26 pm

@recoha and Ryan O

If you have a backup copy of your admin_board.php located in the same directory as the altered admin_board.php, and it's name is very similar to it (like admin_board.ori.php as in my case), the board will access the old backup copy instead of the new, altered one.
Rename the backup copy to admin_board.ori or something like this, then at least this error margin is solved. If it doesn't help, good luck searching the thread, there have been some questions like this already.

markus_petrux
Former Team Member
Posts: 1887
Joined: Wed Apr 23, 2003 7:11 am
Location: Girona, Catalunya (Spain)
Contact:

Post by markus_petrux » Fri Sep 22, 2006 4:21 am

ShadowTek wrote: Hi, is this mod safe if only I use it (the board admin) or can it still be hacked (sorry for the dumb question)

With this MOD authorized users are enabled to enter anything as if you had access to the templates, that's mainly HTML, but you could also enter javascript or whatever.

Now, if those enabled to use this MOD aren't 100% truested, they could do bad things, yes. If you don't trust'em, don't allow this MOD for them.

If you are the owner of the board, you could also enter anything on any PHP or template file, so this MOD doesn't add any hole for you, as long as the only one enabled is you.

For tips on the kind of bad that one could do, google for "cross site scripting" (aka XSS).
EasyMOD Standards | MOD Template Actions | MODs in Development Rules
Useful information for MOD Authors | MOD Queue Stats | Search MODs
Write SQL/DDL portable to all SQL servers supported by phpBB!
Get EasyMOD 0.3.0! | Suport al phpBB en Català!
8)

User avatar
Roks
Registered User
Posts: 119
Joined: Thu Sep 14, 2006 1:15 am

Post by Roks » Fri Oct 27, 2006 10:58 pm

I have posted this question earlier also here in the forum, but didn't get reply and was asked to post in the MODs support.

My simple query is: I want to enable posting of HTML, PHP, Javascript etc. Codes in my forum, same as here on this forum in Posting and PMs. But whenever I do post HTML, PHP ect Codes using any of the following tags, all the codes gets stripped off.

['code], ['html], ['php]

So, I had installed:

1. html_bbcode_mod_v1_1_4
2. php systax highlighter Beta 2.0

For testing, I have given permissions to Administraor Group. But even though it's still stripping off all codes, like pre-installation.

Can anyone advice?

User avatar
Roks
Registered User
Posts: 119
Joined: Thu Sep 14, 2006 1:15 am

Post by Roks » Sun Oct 29, 2006 10:35 pm

Nobody there to respond. :?:

User avatar
cbrain
Registered User
Posts: 244
Joined: Tue Aug 01, 2006 11:39 am
Location: UK

easyMOD

Post by cbrain » Tue Oct 31, 2006 5:26 pm

Like I say in all my other posts, is this easyMOD compatible?

User avatar
cbrain
Registered User
Posts: 244
Joined: Tue Aug 01, 2006 11:39 am
Location: UK

Post by cbrain » Thu Nov 02, 2006 6:47 pm

*coughs*

User avatar
igorw
Former Team Member
Posts: 8024
Joined: Fri Dec 16, 2005 12:23 pm
Location: {postrow.POSTER_FROM}
Name: Igor Wiedler

Post by igorw » Thu Nov 02, 2006 6:58 pm

Not sure if it is with the latest version. I'd rather install it manually if i were you. ;)
Igor Wiedler | area51 | GitHub | trashbin | Formerly known as evil less than three

User avatar
Roks
Registered User
Posts: 119
Joined: Thu Sep 14, 2006 1:15 am

Post by Roks » Sat Nov 04, 2006 11:11 pm

Don't install with EM, install it manually and it'll work.

Candylover
Registered User
Posts: 6
Joined: Thu Nov 09, 2006 1:08 am

Post by Candylover » Mon Nov 27, 2006 2:43 am

Ok guys

Well I am thick, I have tried to install this MOD using that mod instaler program and I get this error.

Code: Select all

Critical Error

FIND FAILED: In file [includes/bbcode.php] could not find:

$EMBB_widths = array(''
$EMBB_values = array(''

MOD script line #267 :: FAQ :: Report
Could someone prehaps point me in the right direction of what I can do? Thnkas

[PT]BlueDragon
Registered User
Posts: 60
Joined: Wed Mar 02, 2005 3:25 pm

Post by [PT]BlueDragon » Fri Dec 01, 2006 11:58 pm

hi, i have instaled it correctly i'm sure... but, when i put some code on it...

the the post apears blank... and if i edit it...

Code: Select all

[html]<object><param><param><param><param><embed></embed></object>[/html]

purple2d
Registered User
Posts: 5
Joined: Mon Apr 03, 2006 11:50 pm

SQL?

Post by purple2d » Sat Dec 02, 2006 7:32 am

Hi, I'm so very new to this whole thing, so bare with me. =)
I am hoping to get html to work on my forums, but am a little confused about the instalation proccess. It seems that using EM for this is not the best way to go. I'm pretty good with search and replace but the first line:

#
#-----[ SQL ]-------------------------------------------------
#
# REMINDER --- Make backups BEFORE installing MODs
#
INSERT INTO phpbb_config (config_name, config_value) VALUES ('bbcode_html_group', '-1');
#


seems to be SQL query. (with the tag and all)
Is this so? I have no clue about SQL. Am I misunderstanding the instructions here? If this is not a query what exactly am I supposed to be doing? Where can I find phpbb_config to replace the values?
Any help would be appreciated.
Thanks!

[PT]BlueDragon
Registered User
Posts: 60
Joined: Wed Mar 02, 2005 3:25 pm

Re: SQL?

Post by [PT]BlueDragon » Sat Dec 02, 2006 1:33 pm

purple2d wrote: Hi, I'm so very new to this whole thing, so bare with me. =)
I am hoping to get html to work on my forums, but am a little confused about the instalation proccess. It seems that using EM for this is not the best way to go. I'm pretty good with search and replace but the first line:

#
#-----[ SQL ]-------------------------------------------------
#
# REMINDER --- Make backups BEFORE installing MODs
#
INSERT INTO phpbb_config (config_name, config_value) VALUES ('bbcode_html_group', '-1');
#


seems to be SQL query. (with the tag and all)
Is this so? I have no clue about SQL. Am I misunderstanding the instructions here? If this is not a query what exactly am I supposed to be doing? Where can I find phpbb_config to replace the values?
Any help would be appreciated.
Thanks!



hi, you have to go to your MySql administration and insert that tag into the query tool

purple2d
Registered User
Posts: 5
Joined: Mon Apr 03, 2006 11:50 pm

Re: SQL?

Post by purple2d » Sat Dec 02, 2006 10:23 pm

[PT]BlueDragon wrote: hi, you have to go to your MySql administration and insert that tag into the query tool


Thanks so much! I will now go wrangle with my server to figure out how to do that. =)

markus_petrux
Former Team Member
Posts: 1887
Joined: Wed Apr 23, 2003 7:11 am
Location: Girona, Catalunya (Spain)
Contact:

Post by markus_petrux » Sat Dec 02, 2006 10:25 pm

@Candylover: see the author notes, you need to install de multiple bbcode mod, the buttons organizer mod is also recommended.

@purple2d: Yes, you need to execute that SQL statement. The KB has some articles that you may wish to look at, on how to install MODs, use phpMyAdmin, etc.

@[PT]BlueDragon: that's hard to tell. this mod should allow you to enter any HTML, as far as you are authorized to do so. Maybe there's another MOD breaking what this one is supposed to do, or a missing step installing...
EasyMOD Standards | MOD Template Actions | MODs in Development Rules
Useful information for MOD Authors | MOD Queue Stats | Search MODs
Write SQL/DDL portable to all SQL servers supported by phpBB!
Get EasyMOD 0.3.0! | Suport al phpBB en Català!
8)

Post Reply

Return to “[2.0.x] MOD Database Cleanup”