Announcement

Collapse
No announcement yet.

can't register - i truly hope this isn't a bug

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • m0rgulvale
    replied
    i made the change. i will revert it before doing any new patched/upgrade to this product to prevent any errors

    next we need a fix for the problem where users cant access password protected boards on iphone.

    Leave a comment:


  • 6impy
    replied
    Originally posted by m0rgulvale View Post
    didn't find it. still want to wait for an official update from vB. things that need to get fixed ASAP would be this, and the bug where members can't access password protected forum areas on iphone.
    Open up your forum's Admin Control Panel.

    On the left menu, scroll down to the bottom and click "Plugins & Products"

    When that menu expands, click "Plugin Manager"

    In your browser, click CTRL-F (or COMMaND-F on Mac) to do a search within the page.

    Type "API Startup" and click Search

    Click [Edit] link on far right for the API Startup plugin.

    Then look for
    "$vbulletin->options['hvcheck_lostpw'] = 0;"

    and below that add
    $vbulletin->options['hv_type'] = 0;

    It's about 20ish lines from the bottom of the file.

    I understand your frustration, but this is an easy fix that anyone can do. Just do it and the update will come soon...

    Leave a comment:


  • m0rgulvale
    replied
    didn't find it. still want to wait for an official update from vB. things that need to get fixed ASAP would be this, and the bug where members can't access password protected forum areas on iphone.

    Leave a comment:


  • MikesSite
    replied
    Were you able to figure it out m0rg?

    Leave a comment:


  • worried
    replied
    I think this is for vB 3 under plugins.

    Leave a comment:


  • m0rgulvale
    replied
    yaeh i saw that , but what specific file is that data in?

    Leave a comment:


  • worried
    replied
    Originally posted by m0rgulvale View Post
    @6impy, i read but not understanding exactly what to do

    http://tracker.vbulletin.com/browse/...#action_113597

    is there php file to patch here? what exact steps to fix the problem

    thx
    Looks like you're editing a plugin called "API Startup."

    Code:
    if (!defined('VB_API'))
    { define('VB_API', false); }
    
    require_once(DIR . '/includes/api/class_core_ext.php');
    require_once(DIR . '/includes/api/functions_api.php');
    
    if (VB_API === true)
    {
    // API disabled
    if (!$vbulletin->options['enableapi'] OR !$vbulletin->options['apikey'])
    { print_apierror('api_disabled', 'API is disabled'); }
    
    define('NOCOOKIES', true);
    
    $vbulletin->input =& new vB_Input_Cleaner_API($vbulletin);
    
    // #############################################################################
    // VB API Request Signature Verification
    global $VB_API_PARAMS_TO_VERIFY, $VB_API_REQUESTS;
    
    if ($VB_API_REQUESTS['api_c'])
    {
    // Get client information from api_c. api_c has been intvaled in api.php
    $client = $db->query_first("SELECT *
    FROM " . TABLE_PREFIX . "apiclient
    WHERE apiclientid = $VB_API_REQUESTS[api_c]");
    
    if (!$client)
    { print_apierror('invalid_clientid', 'Invalid Client ID'); }
    
    // An accesstoken is passed but invalid
    if ($VB_API_REQUESTS['api_s'] AND $VB_API_REQUESTS['api_s'] != $client['apiaccesstoken'])
    { print_apierror('invalid_accesstoken', 'Invalid Access Token'); }
    
    $signtoverify = md5(http_build_query($VB_API_PARAMS_TO_VERIFY, '', '&') . $VB_API_REQUESTS['api_s'] . $client['apiclientid'] . $client['secret'] . $vbulletin->options['apikey']);
    $vbulletin->input->clean_array_gpc('r', array(
    'debug' => TYPE_BOOL,
    ));
    if ($VB_API_REQUESTS['api_sig'] !== $signtoverify AND !($vbulletin->debug AND $vbulletin->GPC['debug']))
    { print_apierror('invalid_api_signature', 'Invalid API Signature'); }
    
    else
    { $vbulletin->apiclient = $client; }
    
    if ($vbulletin->options['enableapilog'])
    { $db->query_write(" INSERT INTO " . TABLE_PREFIX . "apilog (apiclientid, method, paramget, parampost, ipaddress, dateline) VALUES ( $VB_API_REQUESTS[api_c], '" . $db->escape_string($VB_API_REQUESTS['api_m']) . "', '" . $db->escape_string(serialize($_GET)) . "', '" . (($vbulletin->options['apilogpostparam'])?$db->escape_string(serialize($_POST)):'') . "', '" . $db->escape_string(IPADDRESS) . "', '" . TIMENOW . "' ) "); }
    
    // TODO: Disable human verification in this release. enabled it when release API to public
    $vbulletin->options['hvcheck_registration'] = 0;
    $vbulletin->options['hvcheck_post'] = 0;
    $vbulletin->options['hvcheck_search'] = 0;
    $vbulletin->options['hvcheck_contactus'] = 0;
    $vbulletin->options['hvcheck_lostpw'] = 0;
    }
    // api_init is a special method that is able to generate new client info.
    elseif ($VB_API_REQUESTS['api_m'] != 'api_init')
    { print_apierror('missing_api_signature', 'Missing API Signature'); }
    
    // #############################################################################
    // Force sessionhash, cookieuserid, cookiepassword empty so that in init.php
    // $vbulletin->userinfo['userid'] is always 0. Thus we can skip CSRF protection
    unset($vbulletin->GPC['s'], $vbulletin->GPC[COOKIE_PREFIX . 'sessionhash'],
    $vbulletin->GPC[COOKIE_PREFIX . 'userid'], $vbulletin->GPC[COOKIE_PREFIX . 'password']);
    define('SKIP_REFERRER_CHECK', true);
    }
    This adds line

    $vbulletin->options['hv_type'] = 0;

    below

    $vbulletin->options['hvcheck_lostpw'] = 0;

    Leave a comment:


  • m0rgulvale
    replied
    @6impy, i read but not understanding exactly what to do

    http://tracker.vbulletin.com/browse/...#action_113597

    is there php file to patch here? what exact steps to fix the problem

    thx

    Leave a comment:


  • m0rgulvale
    replied
    k ill prob add it then. however i generally like to avoid doing these 1 offs b/c they add up over time and impossible to manage everything. ill give it a shot for now checking the bug page

    Leave a comment:


  • 6impy
    replied
    Originally posted by m0rgulvale View Post
    hi yes i have the latest version. i want to avoid patching individual lines of code and wait for an official update tothe API to be released . using vb3.8.7 here
    It's one line and will take you 5 seconds. Trust me, it's worth it.

    Leave a comment:


  • m0rgulvale
    replied
    hi yes i have the latest version. i want to avoid patching individual lines of code and wait for an official update tothe API to be released . using vb3.8.7 here

    Leave a comment:


  • SteveLV702
    replied
    weird I go into Plugin Manager and no plugin for API so I am unable to do that fix 6impy I am running 4.1.3

    Leave a comment:


  • IBxAnders
    replied
    Morguvale - are you using the latest version of the mobile product on your site?

    Leave a comment:


  • 6impy
    replied
    The issue has been FIXED!

    All you have to do is add one line of code to an API plugin.

    See: http://tracker.vbulletin.com/browse/...#action_113597

    Leave a comment:


  • m0rgulvale
    replied
    is this issue being prioritized? this is about as bad as a bug that it is possible to have. i don't see why apple would even approve an app where you can't register. in fact if i was reviewing my own app i would deny it.

    i expect 1 or 2 day turnaround to fix critical bugs like this (quality control testing should prevent these problems every single time though)

    lets focus our priorities on fixing and preventing bugs, not creating new features.

    usability is the #1 importance

    thanks

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X