Bravo List
Register
Go Back   > Bravo List > Source Code > Active Trackers > Torrent Trader > Mods & Themes
Reply
  #1  
Old 31st October 2012, 23:06
wMan wMan is offline
Banned
 
Join Date: Feb 2008
P2P
Posts: 1,433
Thumbs up TorrenttTrader-v2.06 ajshoutchat
before you add this mod you must have the mod by ajshoutbox by cooly
ok here is the staffshoutchat
spank-d


first you need to add the SQL

PHP Code:
--
-- 
Table structure for table `ajshoutchat`
--

CREATE TABLE IF NOT EXISTS `ajshoutchat` (
  `
idmediumint(9NOT NULL AUTO_INCREMENT,
  `
uidmediumint(9NOT NULL,
  `
datedatetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `
nametinytext NOT NULL,
  `
texttext NOT NULL,
  
UNIQUE KEY `id` (`id`)
ENGINE=MyISAM DEFAULT CHARSET=utf8

--
-- 
Dumping data for table `ajshoutchat`
--



-- -------------------------------------------------------- 
@admincp.php fined

PHP Code:
if (!$action){
    
stdhead("Admin CP");
    
navmenu();
    
stdfoot();

replace with

PHP Code:
if (!$action){
    stdhead("Admin CP");
    navmenu();
if ($CURUSER["class"] >= 1){
    begin_frame("<strong><center>STAFF CHAT</center></strong>");
    require_once("backend/smilies.php");
    require_once("shoutfunstaff_new.php");
 function quickbbshout(){
echo "<table align=center border=0 cellpadding=0 cellspacing=2><tr>";

echo "<td width=22><a href=\"javascript:bbshout('[b]', '[/b]')\"><img src=images/bbcode/bbcode_bold.gif border=0 alt='Bold' id=button1></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[i]', '[/i]')\"><img src=images/bbcode/bbcode_italic.gif border=0 alt='Italic'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[u]', '[/u]')\"><img src=images/bbcode/bbcode_underline.gif border=0 alt='Underline'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[url]', '[/url]')\"><img src=images/bbcode/bbcode_url.gif border=0 alt='Url'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[img]', '[/img]')\"><img src=images/bbcode/bbcode_image.gif border=0 alt='Img'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[blink]', '[/blink]')\"><img src=images/bbcode/bbcode_blink.gif border=0 alt='blink'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[align=center]', '[/align]')\"><img src=images/bbcode/bbcode_center.gif border=0 alt='center'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[align=left]', '[/align]')\"><img src=images/bbcode/bbcode_left.gif border=0 alt='left'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[align=right]', '[/align]')\"><img src=images/bbcode/bbcode_right.gif border=0 alt='right'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[video]', '[/video]')\"><img src=images/bbcode/bbcode_video.gif border=0 alt='video'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[audio]', '[/audio]')\"><img src=images/bbcode/bbcode_audio.gif border=0 alt='audio'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('<<<@!1!@>>>')\"><img src=images/bbcode/bbcode_quote.gif border=0 alt='quote'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[code]', '[/code]')\"><img src=images/bbcode/bbcode_code.gif border=0 alt='code'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[list]', '[/list]')\"><img src=images/bbcode/bbcode_list.gif border=0 alt='list'></a></td>";

echo "<td width=22><a href=\"javascript:bbshout('[email]', '[/email]')\"><img src=images/bbcode/bbcode_email.gif border=0 alt='email'></a></td>";

echo "</tr></table><table align=center border=0 cellpadding=0 cellspacing=2><tr>";

echo "<td>
<select name='color' size='0.5' onChange=\"javascript:bbcolor()\">
<option selected='selected'>Color</option>
<option value=skyblue style=color:skyblue>sky blue</option>
<option value=royalblue style=color:royalblue>royal blue</option>
<option value=blue style=color:blue>blue</option>
<option value=darkblue style=color:darkblue>dark-blue</option>
<option value=orange style=color:orange>orange</option>
<option value=orangered style=color:orangered>orange-red</option>
<option value=crimson style=color:crimson>crimson</option>
<option value=red style=color:red>red</option>
<option value=firebrick style=color:firebrick>firebrick</option>
<option value=darkred style=color:darkred>dark red</option>
<option value=green style=color:green>green</option>
<option value=limegreen style=color:limegreen>limegreen</option>
<option value=seagreen style=color:seagreen>sea-green</option>
<option value=deeppink style=color:deeppink>deeppink</option>
<option value=tomato style=color:tomato>tomato</option>
<option value=coral style=color:coral>coral</option>
<option value=purple style=color:purple>purple</option>
<option value=indigo style=color:indigo>indigo</option>
<option value=burlywood style=color:burlywood>burlywood</option>
<option value=sandybrown style=color:sandybrown>sandy brown</option>
<option value=sienna style=color:sienna>sienna</option>
<option value=chocolate style=color:chocolate>chocolate</option>
<option value=teal style=color:teal>teal</option>
<option value=silver style=color:silver>silver</option>
</select></td>";
echo "<td>
<select name='font' size='0.5' onChange=\"javascript:bbfont()\">
<option selected='selected'>Font</option>
<option value=arial>Arial</option>
<option value=comic sans ms>Comic</option>
<option value=courier new>Courier New</option>
<option value=tahoma>Tahoma</option>
<option value=times new roman>Times New Roman</option>
<option value=verdana>Verdana</option>
</select></td>";
echo "<td>
<select name='size' size='0.5' onChange=\"javascript:bbsize()\">
<option selected='selected'>Size</option>
<option value=1>1</option>
<option value=2>2</option>
<option value=3>3</option>
<option value=4>4</option>
<option value=5>5</option>
<option value=6>6</option>
<option value=7>7</option>
</select></td>";

echo "</tr></table>";
}
  function smile() {

    print "<div align='center'><table cellpadding='1' cellspacing='1'><tr>";

    global $smilies, $count;
    reset($smilies);

    while ((list($code, $url) = each($smilies)) && $count<16) {
          print("\n<td><a href=\"javascript: SmileIT('".str_replace("'","\'",$code)."')\">
                <img border=\"0\" src=\"images/smilies/$url\" alt=\"$code\" /></a></td>");

          $count++;
    }

    print '<td>&nbsp<a href="javascript:show_hide(\'sextra\');"></a></td></tr></table></div>';
  }
function smileextra() {

  global $smilies;
  reset($smilies);
  
    # getting smilies
    while (list($code, $url) = each($smilies)) {
        print("\n<a href=\"javascript: SmileIT('".str_replace("'","\'",$code)."')\">
               </a>");

        $count++;
    }

}

?>
<script src="/ajshoutchat.js" language="JavaScript" type="text/javascript"></script>
<center>
<table align=center class=table_col1 width=98%><tr>
<td align=center>
<div id="chat">

  <div id="chatoutput">

      <ul id="outputList">

        <li>
          <span class="name"><b><?php echo $site_config[SITENAME];?> Ajax Chat:</b></span><h2 style='padding-left:20px;'>Welcome!</h2>

            <center><div class="loader"></div></center>

          </li>

      </ul>

  </div>

</div>

</td>
</tr>
      </table>
<div id="shoutheader">
<font size='1'><center><b><font color=yellow>Shoutbox Rules: English Only, No Swearing, Personal Attacks, No Outside Links,  No Abuse, No Spamming, Publishing Serials, Cracks, ETC</font><br><b><b><font color=white>Member</font> | <font color=#8E35EF>Power User</font> | <font color=#008000>VIP</font> | <font color=#153E7E>Uploader</font> |<font color=#FF8040>Moderator</font> | <font color=#0FDDAF>Super Moderator</font> | <font color=#FF0000>Boss</font>   <br><br></b></center> 
      <form id="chatForm" name="chatForm" onsubmit="return false;" action="">
      <input type="hidden" name="name" id="name" value="<?php echo $CURUSER["username"?>" />
      <input type="hidden" name="uid" id="uid" value="<?php echo $CURUSER["id"?>" />
<table align=center class=table_col1 width=99%><tr>
<td align=center>
      <div align=center><?php echo smile();?></div><br />
      <input type="text" size="145" maxlength="500" name="chatbarText" id="chatbarText" onblur="checkStatus('');" onfocus="checkStatus('active');" /> 
      <input onclick="sendComment();" type="submit" id="submit" name="submit" value="Send"/>
      &nbsp;
      <a href="javascript: PopMoreSmiles('chatForm','chatbarText');">
      <img src="images/smile.gif" border="0" class="form" title="smilies" align="top" alt="" /></a>

      <a href="javascript: Pophistory()">
      <img src="images/quote.gif" border="0" class="form" title="History/Moderate" align="top" alt="" /></a>
      <br />
      <br />
      <div align=center><?php echo quickbbshout();?></div>
</td>
</tr>
      </table>
      
    </form>

</div>
<script language="JavaScript">

function show_hide(sextra)
{
  if(document.getElementById(sextra))
  {
    if(document.getElementById(sextra).style.display == 'none')
    {
      document.getElementById(sextra).style.display = 'inline';
    }
    else
    {
      document.getElementById(sextra).style.display = 'none';
    }
  }
}
function show_hide(sextra1)
{
  if(document.getElementById(sextra1))
  {
    if(document.getElementById(sextra1).style.display == 'none')
    {
      document.getElementById(sextra1).style.display = 'inline';
    }
    else
    {
      document.getElementById(sextra1).style.display = 'none';
    }
  }
}
</script>
</center>
<?php
end_block
();
}
    
stdfoot();
}
@admincp.php Add

PHP Code:
<td align="center"><a href=admincp.php?action=clearShoutchats><img src="images/admin/clearshout.png" border=0 width=32 height=32><BR>Clear SaffShoutbox</a><BR></td
@admincp.php Add at the end tag

PHP Code:
 if ($action == "clearShoutchats") {
    
stdhead("Clear Shoutchats");
    
navmenu();
        
begin_frame("Clear shoutchat"center);
            if (
$yes == "yes") {
                
$res mysql_query("TRUNCATE `ajshoutchat`");
                if (
$res) echo "<center>Site Shoutchats cleared";
            } else {
                echo 
"<div align=center>Are you sure you want to clear the Shoutchats?<br>";
                echo 
"<a href='admincp.php?action=clearShoutchats&yes=yes'><b>Yes</b></a></div>";
            }
    
end_frame();
    
stdfoot(); 
Add the Contents backend/staff.php too the backend FOLDER
Add the all Contents of ajshoutchat too the root Dir
Attached Thumbnails
staff.png  
Attached Files
File Type: rar ajshoutchat.rar (14.0 KB, 168 views)

Last edited by wMan; 31st October 2012 at 23:23.
Reply With Quote
The Following User Says Thank You to wMan For This Useful Post:
MoGwAi (25th March 2013)
  #2  
Old 6th November 2016, 21:33
anaxu anaxu is offline
Member
 
Join Date: Sep 2016
P2P
Posts: 4
Exclamation
Its not working on 2.08 how to use on 2.08?
Reply With Quote
  #3  
Old 30th April 2017, 17:55
EagleLake EagleLake is offline
Senior Member
 
Join Date: Aug 2011
France
Posts: 31
Default shout ajax
update no tested
Attached Files
File Type: rar ajshoutchat.rar (13.9 KB, 37 views)
Reply With Quote
  #4  
Old 4th November 2018, 19:29
BamBam0077 BamBam0077 is offline
Banned
 
Join Date: Jul 2013
P2P
Posts: 410
Default
SQL injection
getstaffshout.php

Code:
$sql =  "SELECT c.* FROM ajshoutchat c left join users u on c.uid=u.id left join groups g on g.group_id=u.class WHERE c.id > ".$lastID." ORDER BY c.id DESC LIMIT 25";
Use mysql_real_escspe_string() around variable else you can SQL injection to change id hope that helps if you still use this script also I only checked one or two scripts so far skimming through page of course if anymore SQL injection I will inform you via post
Reply With Quote
  #5  
Old 4th November 2018, 20:50
Napon Napon is offline
Banned
 
Join Date: Feb 2016
P2P
Posts: 522
Default
old code bamabam
Reply With Quote
  #6  
Old 4th November 2018, 23:13
BamBam0077 BamBam0077 is offline
Banned
 
Join Date: Jul 2013
P2P
Posts: 410
Default
Even if old code or not someone should have shared security flaws because people just grab shit and don't check for security breaches, this SQL injection makes the hacker change your id so say it was id #1 commented in shoutbox hello crew #2 replied welcome back you could change which one commented into the chat.
Reply With Quote
  #7  
Old 4th November 2018, 23:20
Napon Napon is offline
Banned
 
Join Date: Feb 2016
P2P
Posts: 522
Default
this one of my old mod i did long ago
Reply With Quote
Reply

Tags
ajshoutchat , torrentttraderv206

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 21:32. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.