Wichtig

Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

  • Hi

    also ich habe eine Frage zu diesem hack einem hide hack.Ich verstehe nicht in welcher Zeile ich das einjfügen soll oder soll ich das ersetzen? helft mir bitte ist für VBB.
    ich denke mal die Zahlen in @ sind die lines aber da ist auch immer ein minus Wert.Welchen soll ich denn da nehmen?

    Quellcode

    1. diff -urw public_html.orig/admin/adminfunctions.php public_html/admin/adminfunctions.php
    2. --- public_html.orig/admin/adminfunctions.php Mon Apr 28 02:08:24 2003
    3. +++ public_html/admin/adminfunctions.php Wed May 14 19:51:18 2003
    4. @@ -373,12 +373,27 @@
    5. function generateoptions() {
    6. global $DB_site;
    7. - $settings=$DB_site->query("SELECT varname,value FROM setting");
    8. + function settingescape($value='') {
    9. + $value = str_replace( '\\', '\\\\',$value );
    10. + $value = str_replace( '$', '\$',$value );
    11. + $value = str_replace( '"', '\"',$value );
    12. + $value = addslashes($value);
    13. + return $value;
    14. + }
    15. +
    16. + $settings=$DB_site->query("SELECT varname,value,optioncode FROM setting");
    17. while ($setting=$DB_site->fetch_array($settings)) {
    18. - $setting['value'] = str_replace( '\\', '\\\\', $setting['value'] );
    19. - $setting['value'] = str_replace( '$', '\$', $setting['value'] );
    20. - $setting['value'] = str_replace( '"', '\"', $setting['value'] );
    21. - $template .= "\$$setting[varname] = \"" . addslashes( $setting['value'] ) . "\";\n";
    22. + if ($setting['optioncode']=='intlist') {
    23. + $settinglist = preg_split ("/[\s,;:\|\/]+/", $setting['value']);
    24. + while ( list($key, $val)=each($settinglist) ) {
    25. + if (is_numeric($val)) {
    26. + $val=intval($val);
    27. + $template .= "\$$setting[varname]\[$val\] = 1;\n";
    28. + }
    29. + }
    30. + } else {
    31. + $template .= "\$$setting[varname] = \"" . settingescape( $setting['value'] ) . "\";\n";
    32. + }
    33. }
    34. return $template;
    35. diff -urw public_html.orig/admin/functions.php public_html/admin/functions.php
    36. --- public_html.orig/admin/functions.php Sat May 10 23:23:42 2003
    37. +++ public_html/admin/functions.php Thu May 15 16:22:27 2003
    38. @@ -109,6 +109,7 @@
    39. global $showdeficon,$displayemails,$enablepms,$allowsignatures,$wordwrap,$dateformat,$timeformat,$logip,$replacewords,$postsperday,$avatarenabled,$registereddateformat,$viewattachedimages;
    40. $datecut = time() - $cookietimeout;
    41. + $hide = checkunhide($post['threadid'], $post['dateline']);
    42. if ($counter%2==0) {
    43. $post[backcolor]="{firstaltcolor}";
    44. @@ -136,6 +137,9 @@
    45. }
    46. if ($post[attachmentid]!=0 and $post[attachmentvisible]) {
    47. + if ($hide == 1) {
    48. + $post[attachment] = "<p><blockquote><smallfont>LOCKDOWN:</smallfont><hr>{hide_lockdownattachment}<hr></blockquote>";
    49. + } else {
    50. $post[attachmentextension]=strtolower(getextension($post[filename]));
    51. $post['filename'] = censortext(htmlspecialchars($post['filename']));
    52. if ($post[attachmentextension]=="gif" or $post[attachmentextension]=="jpg" or $post[attachmentextension]=="jpeg" or $post[attachmentextension]=="jpe" or $post[attachmentextension]=="png") {
    53. @@ -147,6 +151,10 @@
    54. } else {
    55. eval("\$post[attachment] = \"".gettemplate("postbit_attachment")."\";");
    56. }
    57. + if ($hide == 2) {
    58. + $post[attachment] = "<p><blockquote><smallfont>LOCKDOWN:</smallfont><hr>$post[attachment]<hr></blockquote>";
    59. + }
    60. + }
    61. } else {
    62. $post[attachment]="";
    63. }
    64. @@ -277,7 +285,7 @@
    65. if ($post[showsignature] and $allowsignatures and trim($post[signature])!="" and ($bbuserinfo[userid]==0 or $bbuserinfo[showsignatures])) {
    66. if (!isset($sigcache["$post[userid]"])) {
    67. - $post[signature]=bbcodeparse($post[signature],0,$allowsmilies);
    68. + $post[signature]=bbcodeparse($post[signature],0,$allowsmilies,3);
    69. eval("\$post[signature] = \"".gettemplate("postbit_signature")."\";");
    70. $sigcache["$post[userid]"] = $post[signature];
    71. } else {
    72. @@ -320,7 +328,7 @@
    73. $post[iplogged]="";
    74. }
    75. - $post[message]=bbcodeparse($post[pagetext],$forum[forumid],$post[allowsmilie]);
    76. + $post[message]=bbcodeparse($post[pagetext],$forum[forumid],$post[allowsmilie],$hide);
    77. //highlight words for search engine
    78. if (isset($highlight) && $highlight != '') {
    79. @@ -681,7 +689,8 @@
    80. }
    81. // ###################### Start bbcodeparse #######################
    82. -function bbcodeparse($bbcode,$forumid=0,$allowsmilie=1) {
    83. +function bbcodeparse($bbcode,$forumid=0,$allowsmilie=1,$hide=3) {
    84. + // $hide == 0 - remove [hide][/hide], $hide == 1 - show lockdown info, $hide ==2 - show hidden text, else - ignore
    85. global $allowhtml,$allowbbcode,$allowbbimagecode,$allowsmilies;
    86. @@ -706,14 +715,14 @@
    87. $dobbcode=$forum[allowbbcode];
    88. }
    89. - return bbcodeparse2($bbcode,$dohtml,$dobbimagecode,$dosmilies,$dobbcode);
    90. + return bbcodeparse2($bbcode,$dohtml,$dobbimagecode,$dosmilies,$dobbcode,$hide);
    91. }
    92. $regexcreated = 0;
    93. $searcharray = array();
    94. $replacearray = array();
    95. $phpversionnum = phpversion();
    96. -function bbcodeparse2($bbcode,$dohtml,$dobbimagecode,$dosmilies,$dobbcode)
    97. +function bbcodeparse2($bbcode,$dohtml,$dobbimagecode,$dosmilies,$dobbcode,$hide=0)
    98. { // parses text for vB code, smilies and censoring
    99. global $DB_site,$wordwrap,$allowdynimg, $bbuserinfo;
    100. @@ -836,8 +845,30 @@
    101. if ($phpversionnum<"4.0.5") {
    102. $bbcode=str_replace("'", "\'", $bbcode);
    103. }
    104. +
    105. + // Do [hide]...[/hide]
    106. + // $hide == 0 - remove [hide][/hide], $hide == 1 - show lockdown info, $hide ==2 - show hidden text, else - ignore
    107. + $hide = intval($hide);
    108. + if ($hide == 1) {
    109. + // Hide - show lockdown msg.
    110. + $search2 = "/(\[hide\])(.*)(\[\/hide\])/siU";
    111. + $replace2 = "</normalfont><blockquote><smallfont>LOCKDOWN:</smallfont><hr>{hide_lockdown}<hr></blockquote><normalfont>";
    112. + } elseif ($hide == 2) {
    113. + // Unhide - show hidden text
    114. + $search2 = "/(\[hide\])(.*)(\[\/hide\])/siU";
    115. + $replace2 = "</normalfont><blockquote><smallfont>LOCKDOWN:</smallfont><hr>\\2<hr></blockquote><normalfont>";
    116. + } elseif ($hide == 0) {
    117. + // Remove hidden tag
    118. + $search2 = "/(\[hide\])(.*)(\[\/hide\])/siU";
    119. + $replace2 = "\\2";
    120. + }
    121. +
    122. $bbcode=preg_replace($searcharray, $replacearray, $bbcode);
    123. + if (isset($search2) && isset($replace2)) {
    124. + $bbcode=preg_replace($search2, $replace2, $bbcode);
    125. + }
    126. +
    127. if($dobbimagecode and ($bbuserinfo[userid]==0 or $bbuserinfo[showimages])) {
    128. // do [img]xxx[/img]
    129. $bbcode = preg_replace("/\[img\](\r\n|\r|\n)*((http|https):\/\/([^;<>\(\)\''.iif($allowdynimg,'','!\*\?\&').']+)|[a-z0-9\/\\\._\- ]+)\[\/img\]/siU", "<img src=\"\\2\" border=\"0\" alt=\"\">", $bbcode);
    130. @@ -860,6 +891,7 @@
    131. }
    132. $bbcode=str_replace("{", "{", $bbcode); // stop people posting replacements in their posts
    133. + $bbcode=str_replace("{hide_", "{hide_", $bbcode); // restore {_hide* replacements
    134. return censortext($bbcode);
    135. @@ -2118,8 +2150,8 @@
    136. }
    137. // ###################### Get Code Buttons #######################
    138. -function getcodebuttons () {
    139. - global $vbcodemode,$vbcode_smilies;
    140. +function getcodebuttons ($forumid=0) {
    141. + global $vbcodemode,$vbcode_smilies,$hideforums;
    142. // set $vbcodemode to an integer, even if cookie is not set
    143. $vbcodemode = number_format($vbcodemode);
    144. @@ -2131,7 +2163,13 @@
    145. eval ("\$vbcode_fontbits = \"".gettemplate("vbcode_fontbits")."\";");
    146. eval ("\$vbcode_colorbits = \"".gettemplate("vbcode_colorbits")."\";");
    147. + $forumid=intval($forumid);
    148. + if ($forumid > 0 && $hideforums['$forumid']==1) {
    149. + $vbcode_colorbits .= '<input type="button" class="bginput" value=" HIDE " title="HIDE" onclick="vbcode(this.form,\'HIDE\',\'\')" onmouseover="stat(\'hide\')">';
    150. + }
    151. +
    152. eval ("\$vbcode_buttons = \"".gettemplate("vbcode_buttons")."\";");
    153. +
    154. return $vbcode_buttons;
    155. }
    156. @@ -2415,6 +2453,74 @@
    157. }
    158. +/*
    159. +$hideforums = array('75' => 1);
    160. +$hideignoreremove = 3;
    161. +$hideunhideadmin = 1;
    162. +$hideunhidemod = 0;
    163. +*/
    164. +// ###################### Start checkunhide #######################
    165. +function checkunhide($threadid=0,$dateline=0,$forumid=0) {
    166. + global $bbuserinfo, $DB_site, $hideforums, $hideignoreremove, $hideunhideadmin, $hideunhidemod;
    167. + static $thread, $reply;
    168. +
    169. + if (!isset($thread)) {
    170. + $thread = array();
    171. + }
    172. + if (!isset($reply)) {
    173. + $reply = array();
    174. + }
    175. +
    176. + $hideignoreremove=intval($hideignoreremove);
    177. + if ($hideignoreremove > 0) {
    178. + $hideignoreremove = 3;
    179. + }
    180. +
    181. + $threadid=intval($threadid);
    182. + $dateline=intval($dateline);
    183. + $forumid=intval($forumid);
    184. +
    185. + if ($threadid == 0) {
    186. + // No given thread, so check if unhide or ignore
    187. + if ($hideforums['$forumid'] == 1) {
    188. + // Unhide
    189. + return 2;
    190. + } else {
    191. + // Ignore
    192. + return $hideignoreremove;
    193. + }
    194. + }
    195. +
    196. + if (empty($thread['$threadid'])) {
    197. + $thread['$threadid'] = verifyid("thread",$threadid,1,1);
    198. + }
    199. +
    200. + $forumid = $thread['$threadid']['forumid'];
    201. + if ($hideforums['$forumid'] != 1) {
    202. + // Thread is not in a forum where hiding is allowed - ignore or remove tag
    203. + return $hideignoreremove;
    204. + }
    205. +
    206. + if (($bbuserinfo['usergroupid']==6 && $hideunhideadmin == 1) ||
    207. + (ismoderator($forumid) && $hideunhidemod == 1)) {
    208. + return 2;
    209. + }
    210. +
    211. + if (!isset($reply['$threadid'])) {
    212. + // Get time of user's last reply in thread
    213. + $lastuserpost = $DB_site->query_first("SELECT MAX(dateline) AS dateline FROM post WHERE threadid='$threadid' AND userid='$bbuserinfo[userid]'");
    214. + $reply['$threadid'] = intval($lastuserpost['dateline']);
    215. + unset($lastuserpost);
    216. + }
    217. +
    218. + if ($reply['$threadid'] >= $dateline && $reply['$threadid'] > 0) {
    219. + // User replied after lockdown - unhide
    220. + return 2;
    221. + } else {
    222. + // Hide, but show lockdown msg.
    223. + return 1;
    224. + }
    225. +}
    226. // ###################### Start doshutdown #######################
    227. $shutdownqueries=array();
    228. diff -urw public_html.orig/admin/options.php public_html/admin/options.php
    229. --- public_html.orig/admin/options.php Mon Apr 28 02:09:10 2003
    230. +++ public_html/admin/options.php Wed May 14 19:52:26 2003
    231. @@ -62,7 +62,7 @@
    232. echo "<tr class='".getrowbg()."'>\n<td width=\"65%\"><p><b>$setting[title]</b><br><font size='1'>$setting[description]</font></p></td>\n<td width=\"35%\">";
    233. - if ($setting[optioncode]=="") {
    234. + if ($setting[optioncode]=="" or $setting[optioncode]=="intlist") {
    235. echo "<input type=\"text\" size=\"35\" name=\"setting[$setting[settingid]]\" value=\"".htmlspecialchars($setting[value])."\">";
    236. } elseif ($setting[optioncode]=="yesno") {
    237. echo "ja<input type=\"radio\" name=\"setting[$setting[settingid]]\" ".iif($setting[value]==1,"checked","")." value=\"1\"> nein <input type=\"radio\" name=\"setting[$setting[settingid]]\" ".iif($setting[value]==0,"checked","")." value=\"0\">";
    238. diff -urw public_html.orig/attachment.php public_html/attachment.php
    239. --- public_html.orig/attachment.php Mon Apr 28 02:21:50 2003
    240. +++ public_html/attachment.php Thu May 15 15:07:24 2003
    241. @@ -27,12 +27,20 @@
    242. $attachmentid=$getforuminfo[attachmentid];
    243. }
    244. -if (!$attachmentinfo=$DB_site->query_first("SELECT filename,filedata,dateline,visible
    245. +if (!$attachmentinfo=$DB_site->query_first("SELECT attachment.filename,attachment.filedata,attachment.dateline,attachment.visible,post.threadid,post.dateline AS postdateline
    246. FROM attachment
    247. - WHERE attachmentid='$attachmentid'")){
    248. + LEFT JOIN post on post.attachmentid = attachment.attachmentid
    249. + WHERE attachment.attachmentid='$attachmentid'")){
    250. $idname='attachment';
    251. eval("standarderror(\"".gettemplate('error_invalidid')."\");");
    252. exit;
    253. +}
    254. +
    255. +// Check if attachment belongs to a post which is hidden for the user
    256. +$hide = checkunhide($attachmentinfo['threadid'],$attachmentinfo['postdateline']);
    257. +if ($hide == 1) {
    258. + eval("standarderror(\"".gettemplate('error_invalidid')."\");");
    259. + exit;
    260. }
    261. if ($attachmentinfo['visible'] == 0) {
    262. diff -urw public_html.orig/newreply.php public_html/newreply.php
    263. --- public_html.orig/newreply.php Mon Apr 28 02:22:12 2003
    264. +++ public_html/newreply.php Wed May 14 20:15:58 2003
    265. @@ -44,6 +44,8 @@
    266. $posttime=vbdate($timeformat,$postinfo[dateline]);
    267. $pagetext=$postinfo[pagetext];
    268. $pagetext = trim(preg_replace("/(\[quote])(.*)(\[\/quote])/siU", "", $pagetext));
    269. + // Remove hidden texts from quotation
    270. + $pagetext = trim(preg_replace("/(\[hide])(.*)(\[\/hide])/siU", "[LOCKDOWN]", $pagetext));
    271. eval("\$message = \"".gettemplate("quotereply",1,0)."\";");
    272. }
    273. }
    274. @@ -126,7 +128,8 @@
    275. if ($preview) {
    276. $previewpost=1;
    277. - $previewmessage=bbcodeparse($message,$threadinfo[forumid],$allowsmilie);
    278. + $hide = checkunhide(0,0,$threadinfo['forumid']);
    279. + $previewmessage=bbcodeparse($message,$threadinfo[forumid],$allowsmilie,$hide);
    280. $toomanyimages = '';
    281. if ($maximages!=0) {
    282. if (countchar($previewmessage,"<img")>$maximages) {
    283. @@ -465,7 +468,7 @@
    284. }
    285. $posts=$DB_site->query("
    286. SELECT IF(post.userid=0,post.username,user.username) AS username,
    287. - post.pagetext,post.allowsmilie,post.userid FROM post
    288. + post.pagetext,post.allowsmilie,post.userid,post.threadid,post.dateline FROM post
    289. LEFT JOIN user ON user.userid=post.userid
    290. WHERE post.visible=1 AND post.threadid='$threadid'
    291. ORDER BY dateline DESC LIMIT " . ($maxposts+1)); // return +1 so that check later will still work
    292. @@ -484,7 +487,8 @@
    293. if ($ignore[$post[userid]]) {
    294. $reviewmessage = $ignoreduser;
    295. } else {
    296. - $reviewmessage = bbcodeparse($post[pagetext],$threadinfo[forumid],$post[allowsmilie]);
    297. + $hide = checkunhide($post['threadid'],$post['dateline']);
    298. + $reviewmessage = bbcodeparse($post[pagetext],$threadinfo[forumid],$post[allowsmilie],$hide);
    299. }
    300. eval("\$threadreviewbits .= \"".gettemplate("threadreviewbit")."\";");
    301. } else {
    302. @@ -541,7 +545,7 @@
    303. $disablesmiliesoption="";
    304. }
    305. if ($bbuserinfo[showvbcode] && $allowvbcodebuttons) {
    306. - $vbcode_buttons = getcodebuttons();
    307. + $vbcode_buttons = getcodebuttons($threadinfo['forumid']);
    308. }
    309. getforumrules($foruminfo,$permissions);
    310. diff -urw public_html.orig/newthread.php public_html/newthread.php
    311. --- public_html.orig/newthread.php Mon Apr 28 02:22:16 2003
    312. +++ public_html/newthread.php Wed May 14 20:03:45 2003
    313. @@ -71,7 +71,8 @@
    314. if ($preview) {
    315. // preview? yes:
    316. $previewpost=1;
    317. - $previewmessage=bbcodeparse($message,$foruminfo[forumid],$allowsmilie);
    318. + $hide = checkunhide(0,0,$foruminfo['forumid']);
    319. + $previewmessage=bbcodeparse($message,$foruminfo[forumid],$allowsmilie,$hide);
    320. $toomanyimages = '';
    321. if ($maximages!=0) {
    322. if (countchar($previewmessage,"<img")>$maximages) {
    323. @@ -433,7 +434,7 @@
    324. $disablesmiliesoption="";
    325. }
    326. if ($bbuserinfo[showvbcode] && $allowvbcodebuttons)
    327. - $vbcode_buttons = getcodebuttons();
    328. + $vbcode_buttons = getcodebuttons($foruminfo['forumid']);
    329. getforumrules($foruminfo,$permissions);
    330. diff -urw public_html.orig/printthread.php public_html/printthread.php
    331. --- public_html.orig/printthread.php Mon Apr 28 02:22:24 2003
    332. +++ public_html/printthread.php Wed May 14 19:06:22 2003
    333. @@ -104,7 +104,8 @@
    334. }
    335. }
    336. - $post['message']=bbcodeparse($post['pagetext'],$foruminfo['forumid'],$post['allowsmilie']).$post['signature'];
    337. + $hide = checkunhide($post['threadid'], $post['dateline']);
    338. + $post['message']=bbcodeparse($post['pagetext'],$foruminfo['forumid'],$post['allowsmilie'],$hide).$post['signature'];
    339. eval("\$postbits .= \"".gettemplate("printthreadbit")."\";");
    340. diff -urw public_html.orig/search.php public_html/search.php
    341. --- public_html.orig/search.php Mon Apr 28 02:22:34 2003
    342. +++ public_html/search.php Thu May 15 16:10:56 2003
    343. @@ -919,6 +919,11 @@
    344. $postdone[$searchresult[postid]]=1;
    345. $searchresult[postdate]=vbdate($dateformat,$searchresult[postdateline]);
    346. $searchresult[posttime]=vbdate($timeformat,$searchresult[postdateline]);
    347. +
    348. + if ($hideforums["$searchresult[forumid]"] == 1) {
    349. + // Remove hidden stuff if lockdown is enabled
    350. + $searchresult['pagetext']=preg_replace("/(\[hide\])(.*)(\[\/hide\])/siU", "[hide]...[/hide]", $searchresult['pagetext']);
    351. + }
    352. if ($ignore[$searchresult[postuserid]]) {
    353. $searchresult['pagetext'] = $ignoreduser;
    354. diff -urwN public_html.orig/hide-settings.txt public_html/hide-settings.txt
    355. --- public_html.orig/hide-dbchanges.txt Thu Jan 01 01:00:00 1970
    356. +++ public_html/hide-dbchanges.txt Wed May 14 21:03:35 2003
    357. @@ -0,0 +1,7 @@
    358. +INSERT INTO settinggroup VALUES (33, 'Hide Hack Einstellungen', 75);
    359. +INSERT INTO setting VALUES (NULL, 33, 'Hide Forenliste', 'hideforums', '75', 'Mit Leerzeichen getrennte Liste von Foren-IDs, in denen der Hide-Hack angeschaltet ist.', 'intlist', 1);
    360. +INSERT INTO setting VALUES (NULL, 33, 'Ingoriere [hide]?', 'hideignoreremove', '1', 'Ignoriere [hide] in Foren, in denen der Hidehack ausgeschaltet ist?<br>\r\n"Nein" entfernt die [hide] Tags, "ja" stellt sie unverändert dar.', 'yesno', 2);
    361. +INSERT INTO setting VALUES (NULL, 33, 'Unhide bei Admins?', 'hideunhideadmin', '0', '"Ja" zeigt den Admins den versteckten Text, ohne dass diese geantwortet haben müssen.', 'yesno', 3);
    362. +INSERT INTO setting VALUES (NULL, 33, 'Unhide bei Moderatoren?', 'hideunhidemod', '0', '"Ja" zeigt den Moderatoren des Forums den versteckten Text, ohne dass diese geantwortet haben müssen.', 'yesno', 4);
    363. +INSERT INTO replacement VALUES (NULL, '-1', '{hide_lockdown}', 'You must reply to view the hidden text.');
    364. +INSERT INTO replacement VALUES (NULL, '-1', '{hide_lockdownattachment}', 'Attachment Locked down! Reply to see the hidden text.');
    Alles anzeigen
  • Bist schon ne ganze Weile dabei (Aug 2003) und immer noch so ein bescheidener Threadtitel *grrr* das muss doch nicht sein.

    Zu deinem Prob, einfach Backup machen und ausprobieren, HACKs einbauen beruht oft auf "try-n-error" ;) und das nächste mal bitte ein aussagekräftiger Titel.

    Vielen Dank.
    Jone

    //edit habs mir mal genauer angeschaut, meine theorie:

    PHP-Quellcode

    1. diff -urw public_html.orig/admin/adminfunctions.php public_html/admin/adminfunctions.php
    2. --- public_html.orig/admin/adminfunctions.php Mon Apr 28 02:08:24 2003
    3. +++ public_html/admin/adminfunctions.php Wed May 14 19:51:18 2003
    4. @@ -373,12 +373,27 @@


    --- steht für die datei "public_html.orig/admin/adminfunctions.php"

    die zahlen nach dem @@ stehn wohl für die linie. also nach jedem
    -- oder
    ++ stehen die zeichen für eine neue datei ;).

    Also heißt "@@ -373"
    Linie 373 in der Datei: urw public_html.orig/admin/adminfunctions.php public_html/admin/adminfunctions.php

    hoff habs verständlich rüberbringen können.
  • das habe ich schon kapiert und habe es auch schon hingeschreiben aber manchmal steht da auch sowas z.B

    PHP-Quellcode

    1. @@ -465,7 +468,7 @@
    welche Zeile nehme ich denn dann??
    und was ist bei den minus werten? die sollen weg oder wie?
    und soll ich das Zeug einfach nur einfügen oder ersetzen?