Previous Thread
Next Thread
Print Thread
Rate Thread
Page 1 of 6 1 2 3 4 5 6
#202951 05/04/2004 6:21 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
Modification Name: UBB.Uploader

Author(s): Brett

Description: Adds a link to topic forms to allow the user to upload files to the server. A link is also added the avatar popup to allow the user to upload a custom avatar. In the upload popup, the user has the ability to delete previously uploaded files through an 'upload manager'.

All of these settings are controlled through the CP. (primary settings -> general), where the admin can set what user groups can upload files and/or avatars, how big of files they can upload, and how many each group can store. The admin can also set the type of files/avatars that can be uploaded, and the upload paths.

Also added is a field to the properties of each forum details to allow or turn off file uploads. And a field is added to each profile to override user group settings to either allow or completely block a user.

Files are loaded to the uploads_dir/user_number. You can put it into a new directory, as it will attempt to create it, as long as the parent directory exists.


A little bonus, (gizzy's idea wink ), was the ability, through upload manager, to go into other user directories and delete files in there. Right now, only administrators have the privilages. To change it, go to the ManagePage function, and change the "$user_profile[8] eq 'Administrator'" part.

Demo: http://www.pavioni.com/ubb/ultimatebb.php

Download Link: https://www.ubbdev.com/ubb/upload/00006378/Uploader6.7.zip

If your behind a firewall/router; it may be blocking the ability for the server reading your referer, thus disabling the uploader. Click below for a version without the referer check.

[ link removed, link above does the job ]

Credits: Allen Ayres, LK and freeTV, and Ely_M, Ian Spence(for some of the manager code laugh )

A somewhat strict security precaution was added to prevent users from impersonating fields, like forum numbers. This is done through the user referal. It will strip/shred it, and the user coming from the host or a valid forum number, it will give an error. If it smells a foreign host, it'll pull posthackdetails. You can't also just call ubb_upload.cgi through the address bar.

In other words, it won't function without a referer. If you encounter problems with it, when it's not supposed to error out. Please post here if you do.


To test it out on my board.
username: ubbtest
password: test

Sponsored Links
Joined: Jul 2003
Posts: 6
mmg Offline
Junior Member
Offline
Junior Member
Joined: Jul 2003
Posts: 6
Brett,
Thanks for doing this hack. I tried to upload something (target.gif) at your site, but received the following error: "You are trying to upload something with an illegal extentsion. The currently allowed are: gif, and you tried to upload a zip, txt, tar.gz, tar file."

I used the login you provided and registered there to test it, but still received the same error.

Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
I didn't have gif in my regular extentsion list. I just put it in there. Try it now. smile

Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
Unable to parse your referer. Are you sure you clicked on it through the forums?

smile Quite sure, clicked through quick reply

Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
I altered something that might have done that 10 minutes ago. Redownload ubb_upload.cgi, and reupload it. smile

Sponsored Links
Joined: Jan 2000
Posts: 5,806
Likes: 10
UBB.Dev / UBB.Wiki Owner
Time Lord
Online Tapedshut
UBB.Dev / UBB.Wiki Owner
Time Lord
Joined: Jan 2000
Posts: 5,806
Likes: 10
hehe, idea by Gizzy :-x... I still say being able to publish extensions through a UI would be good frown .


UBB.Dev - Putting Dev into UBB.threads
Company: VNC Web Services - UBB.threads Scripts and Scripting, Install and Upgrade Services, Site and Server Maintenance.
Forums: A Gardeners Forum, I Find Rocks, Scouters World, and UGN Security
UBB.Threads: My UBB Themes, My UBB Scripts
Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
reupload? This was on your forums, can't install this till tonight tipsy .

PS. No credit for the person who's file manager you said you based yours on? frown

#202958 05/04/2004 10:00 AM
Joined: Jul 2003
Posts: 6
mmg Offline
Junior Member
Offline
Junior Member
Joined: Jul 2003
Posts: 6
Brett,
The upload worked great this time. Thanks again for doing the mod.

#202959 05/04/2004 10:07 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
np, smile

Ian found a minor bug as it wouldn't parse through the extended spider links properly. I have updated ubb_upload.cgi. I have double checked all 3 kinds of spider options from the cp and all work correctly for me. The only file to upload is the ubb_upload.cgi.

#202960 05/04/2004 10:51 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
Hi Brett,

when I want to upload somethin I get this error

Unable to detect referer. You must click the upload link directly to upload files.

What have I to do?


Webmaster of d-talk & Kabel-Forum.com
Sponsored Links
#202961 05/04/2004 10:54 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
You can't go to the ubb_upload.cgi file directly. It has to be clicked from on the board. Like the reply/topic pages.

#202962 05/04/2004 10:55 AM
Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
did you upload the new ubb_upload.cgi?

#202963 05/04/2004 11:01 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
Hi Brett I have clicked at the link at the new topics page....

Ian I have uploaded the new file...


Webmaster of d-talk & Kabel-Forum.com
#202964 05/04/2004 11:05 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
Could i get a link to your board w/test username & password?

#202965 05/04/2004 11:05 AM
Joined: Oct 2001
Posts: 572
Member
Offline
Member
Joined: Oct 2001
Posts: 572
I will let you know if this works with 6.6 hopefully tonight.

#202966 05/04/2004 11:10 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
http://www.d-talk.tv/cgi-bin/ultimatebb.cgi

Username: Testuser

password: CCTK86


Webmaster of d-talk & Kabel-Forum.com
#202967 05/04/2004 11:21 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
I was able to open it up without issues. Do you have a firewall installed?

#202968 05/04/2004 11:24 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
Yes a router.... frown

I get the same error at your board...


Webmaster of d-talk & Kabel-Forum.com
#202969 05/04/2004 11:28 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
ok, what i can do is release a version without this check since i know some routers/firewalls can block servers from reading the referer. It will still have the same features.

I will still leave the original download available.

#202970 05/04/2004 11:29 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
How long does it take to release this new version? :rolleyes:


Webmaster of d-talk & Kabel-Forum.com
#202971 05/04/2004 11:33 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7

#202972 05/04/2004 11:54 AM
Joined: May 2001
Posts: 684
Code Monkey
Offline
Code Monkey
Joined: May 2001
Posts: 684
Great Work Brett!

Thank you very much!!! thumbsup


Webmaster of d-talk & Kabel-Forum.com
Joined: Mar 2000
Posts: 21,079
Likes: 3
I type Like navaho
Offline
I type Like navaho
Joined: Mar 2000
Posts: 21,079
Likes: 3
Thanks Brett for the great mod laugh


- Allen wavey
- What Drives You?
Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
laugh Works great. I love the ability to delete other members files.

Joined: Jan 2000
Posts: 5,806
Likes: 10
UBB.Dev / UBB.Wiki Owner
Time Lord
Online Tapedshut
UBB.Dev / UBB.Wiki Owner
Time Lord
Joined: Jan 2000
Posts: 5,806
Likes: 10
Dare I say it, I like it more than flare wink ... At least I'm already authenticated when I click upload file form :x...


UBB.Dev - Putting Dev into UBB.threads
Company: VNC Web Services - UBB.threads Scripts and Scripting, Install and Upgrade Services, Site and Server Maintenance.
Forums: A Gardeners Forum, I Find Rocks, Scouters World, and UGN Security
UBB.Threads: My UBB Themes, My UBB Scripts
Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
Brett, something I added that really made the Admin manager easier was the following.

FIND:
Code
				<a href="$vars_config{CGIURL}/ubb_upload.cgi?ubb=manager;f=$real_forum;p=$f">$url/$f</a>
REPLACE WITH:
Code
				<a href="$vars_config{CGIURL}/ubb_upload.cgi?ubb=manager;f=$real_forum;p=$f">$f (<i>~ . &GetPubName($f) . qq~</i>)</a>
That way you can see the public name of the member's who folder that is. I'm sure I'm not the only one who doesn't have member numbers memorized

Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
Very nice. I like it laugh

I just put it to grab the publics names list instead of opening each profile, because it would stress on a high board on getpubname, but added it. wink (Uploaded both zips, with only ubb_upload.cgi changed)

Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
Is anyone else having problem using this with IE 6?

I get the referer error in IE, but not in Firefox

Joined: Dec 2003
Posts: 49
User
Offline
User
Joined: Dec 2003
Posts: 49
It works fine for me so far, however when I "Submit Changes" in Primary Settings, I get the error below at the top of the page and I need to submit twice before the changes take effect.

Error
Form validation errors:

: You did not enter a value for this field


I checked and the vars_misc.cgi file has undef instead of say no or 2 or some such for boxes I didn't check (like the fact I'm not using it for avatars). Is that the problem?

I also have the Recycle Bin hack installed, but I didn't have the problem before the Uploader hack.

Joined: Dec 2003
Posts: 49
User
Offline
User
Joined: Dec 2003
Posts: 49
Quote
Originally posted by Ian Spence:

Is anyone else having problem using this with IE 6?

I get the referer error in IE, but not in Firefox
I was using IE and got the error, so I used the non-referer version.

#202981 05/07/2004 12:20 AM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
I'm starting to wonder if it's worth it, because some user out there is gonna have a firewall or router to block the ref. I think any future version will have it as an on/off switch, defaulted to off.

Joined: May 2001
Posts: 58
Member
Offline
Member
Joined: May 2001
Posts: 58
Great, finally!!

One detail - could you remove the case sensitivity? Or do i have to specify both in the config? (Haven´t installed it yet)

picture.jpg works but picture.JPG doesn´t

For my non-technical users. wink

Joined: Jan 2000
Posts: 5,806
Likes: 10
UBB.Dev / UBB.Wiki Owner
Time Lord
Online Tapedshut
UBB.Dev / UBB.Wiki Owner
Time Lord
Joined: Jan 2000
Posts: 5,806
Likes: 10
That's standard with all unix hosts; where a letter makes it differant period.

IE:
PiCtUrE.jpg isn't the same as picture.jpg; should show with the same name as uploaded, if the extension is JPG theil need to rename it to jpg.


UBB.Dev - Putting Dev into UBB.threads
Company: VNC Web Services - UBB.threads Scripts and Scripting, Install and Upgrade Services, Site and Server Maintenance.
Forums: A Gardeners Forum, I Find Rocks, Scouters World, and UGN Security
UBB.Threads: My UBB Themes, My UBB Scripts
#202984 05/07/2004 11:07 PM
Joined: Aug 2001
Posts: 103
Member
Offline
Member
Joined: Aug 2001
Posts: 103
Form validation errors:

: You did not enter a value for this field
: You did not enter a value for this field

Is it typical to have these errors show up when making the changes in the control panel?

Even though the errors are there, the hack does work on the bulletin board. I'm just curious if I am missing something when I hacked the board.

#202985 05/07/2004 11:32 PM
Joined: May 2001
Posts: 1,042
Likes: 7
Brett Offline OP
Moderator
OP Offline
Moderator
Joined: May 2001
Posts: 1,042
Likes: 7
Did you add/upload the changes in cp2_lib.cgi?

Joined: Dec 2003
Posts: 49
User
Offline
User
Joined: Dec 2003
Posts: 49
I'm having that error.

I just checked and rechecked with a fresh download of the hack, I did make the change to cp2_lib.cgi and I still get the error.

Joined: Jan 2003
Posts: 3,456
Likes: 2
Master Hacker
Offline
Master Hacker
Joined: Jan 2003
Posts: 3,456
Likes: 2
make sure you fill in EVERYTHING. Every textbox must be filled in, even if you just put 0 in it

Joined: Aug 2001
Posts: 103
Member
Offline
Member
Joined: Aug 2001
Posts: 103
Yes, every field has a value.

#202989 05/08/2004 10:15 PM
Joined: Dec 2003
Posts: 49
User
Offline
User
Joined: Dec 2003
Posts: 49
D'Oh! Now it all makes sense.

Joined: Aug 2001
Posts: 103
Member
Offline
Member
Joined: Aug 2001
Posts: 103
any possible updates on the errors we're getting?

Page 1 of 6 1 2 3 4 5 6

Link Copied to Clipboard
Donate Today!
Donate via PayPal

Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.

Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
Recommended Hosts
We have personally worked with and recommend the following Web Hosts:
Stable Host
bluehost
InterServer
Visit us on Facebook
Member Spotlight
Bill B
Bill B
Issaquah, WA
Posts: 87
Joined: December 2001
Forum Statistics
Forums63
Topics37,545
Posts293,796
Members13,838
Most Online5,166
Sep 15th, 2019
Today's Statistics
Currently Online 253
Topics Created 0
Posts Made 0
Users Online 1
Birthdays 19
Top Posters
AllenAyres 21,079
JoshPet 10,369
LK 7,394
Lord Dexter 6,708
Gizmo 5,806
Greg Hard 4,625
Top Posters(30 Days)
isaac 20
Top Likes Received
isaac 44
Gizmo 10
Brett 7
Morgan 2
Top Likes Received (30 Days)
isaac 4
The UBB.Developers Network (UBB.Dev/Threads.Dev) is ©2000-2020 VNC Web Services

 
Powered by UBB.threads™ PHP Forum Software 7.7.5
(Snapshot build 20200916.dev)
Responsive Width:

PHP: 5.4.45 Page Time: 0.091s Queries: 95 (0.037s) Memory: 3.6599 MB (Peak: 4.0658 MB) Data Comp: Zlib Server Time: 2020-09-21 02:35:44 UTC
Valid HTML 5 and Valid CSS