vBulletin 3.RC4 and Coppermine: E-Card From Email field? vBulletin 3.RC4 and Coppermine: E-Card From Email field?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

vBulletin 3.RC4 and Coppermine: E-Card From Email field?

Started by jarekn, March 12, 2004, 05:57:49 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

jarekn

Hello,

Is anyone using VBulletin 3 RC4 and coppermine?  
When sending ECard the system currently take the user name and fills it in, is there a way for it to take the Email address and fill it in also?

What would I have to modify?

Thanx

Nibbler

In your bridge file for vb, find:


            $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE userid='" . $session_data['userid'] . "'";
            $result = db_query($sql, $UDB_DB_LINK_ID);
        } else {
            $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE 0";
        }
    } else {
        $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE 0";
    }


change it to:


                       $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup, email as user_email " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE userid='" . $session_data['userid'] . "'";
            $result = db_query($sql, $UDB_DB_LINK_ID);
        } else {
            $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup, email as user_email " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE 0";
        }
    } else {
        $sql = "SELECT userid as user_id, username as user_name, usergroupid as mgroup, email as user_email " . "FROM " . $UDB_DB_NAME_PREFIX . VB_TABLE_PREFIX . VB_USER_TABLE . " " . "WHERE 0";
    }


Please let me know if it works, I cant test it myself.

jarekn

I only had to do two of them as one already had it, and it works GREAT!

Any idea how I would go about it so that the person would not be able to change the from email address?

THANX!

Joachim Müller


jarekn

Works like charm, hehe

               <td valign="top" class="tableb" width="60%">
                        <input type="hidden" class="textinput" name="sender_email"  value="$sender_email" style="WIDTH: 100%;">{$sender_email}<br />
                        $sender_email_warning
                </td>


THANX

futtlui

i think it's very important to prevent users from using any address they want.
unfortunately i don't have vB but phpBB and i don't know how to do this since the phpBB bridge file doesn't contain the code mentioned above...

Does anybody have a solution?

Nibbler

It is practically the same:


$sql = "SELECT user_id, username as user_name, user_level " . "FROM " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_SESSION_TABLE . " " . "INNER JOIN " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_USER_TABLE . " ON session_user_id = user_id " . "WHERE session_id='$session_id' AND session_user_id ='$cookie_uid'";
    } else {
        $sql = "SELECT user_id, username as user_name, user_level " . "FROM " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_USER_TABLE . " " . "WHERE user_id='$cookie_uid' AND user_password='$cookie_pass'";
    }


to:


$sql = "SELECT user_id, username as user_name, user_level, user_email " . "FROM " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_SESSION_TABLE . " " . "INNER JOIN " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_USER_TABLE . " ON session_user_id = user_id " . "WHERE session_id='$session_id' AND session_user_id ='$cookie_uid'";
    } else {
        $sql = "SELECT user_id, username as user_name, user_level, user_email " . "FROM " . $UDB_DB_NAME_PREFIX . PHPBB_TABLE_PREFIX . PHPBB_USER_TABLE . " " . "WHERE user_id='$cookie_uid' AND user_password='$cookie_pass'";
    }