MyBB Hacks

MyBB Hacks > Modifications > My Profile Tweets [v 1.0]
Full Version: My Profile Tweets [v 1.0]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Imran

09-22-2010, 03:42 AM
Originally I have posted my first plugin at MyBBz.net . But I love to share it with Zinga's forum too. So here it is. - Original Thread
What ?
1. This plugin fetch Tweets of Users from his / her twitter ID in their own Profiles.
2. Comes with 3 settings.
3. Of course an Enable / Disable option.
4. Default Twitter ID. Its twitter ID from where the tweets shall be fetch.
5. How Many Tweets ?. Its a number of tweets to be shown in Profiles.
6. Detail: After Installation, every User of your forum receives a link in his / her User Control Panel, where they can manage / edit their twitter ID. If they don't have any twitter ID, they can register too. (By default a link has been provided in User CP). If the link didn't appear, follow the instructions provided in the Troubleshooting below... The link leads them to another page within UserCP where Users are able to manage , edit or update their twitter ID. Smile

A .png image of twitter has been added in the Package, to play / edit it.


Screenshots:
[Image: attachment.php?aid=214]

[Image: attachment.php?aid=215]

[Image: attachment.php?aid=216]

License:
http://www.mybbz.net/license.php

Read Me:
A "READ ME.txt" file attached inside the folder.

Download:
[attachment=210]

Troubleshooting:
If link didn't appear then don't worry, Go to AdminCP > Templates > User Control Panel Templates > "usercp_nav_misc" and find;

Code: 
</tbody>

and see if

Code: 
{$mptlink}

is present. If yes, then it should be OK, but if the link still not see in UserCP then replace {$mptlink} with the following;

Code: 
<tr>
<td class="trow1 smalltext">
<img src="images/mpt.gif">&nbsp;&nbsp;<a href="usercp.php?action=mpt">My Profile Twitter</a>
</td>
</tr>

save the template. It should be fine now. If the problem persist, then you can post on this thread. Smile
Thank You !

ZiNgA BuRgA

09-22-2010, 09:18 AM
Thanks for the effort and sharing!

Just a few issues, which I feel is important, that I found:

PHP Code: 
		$values = htmlspecialchars($mybb->input['mpt']);

		$uid = $mybb->user[uid];
		if ($db->query("UPDATE ".TABLE_PREFIX."users SET mpt='$values' WHERE uid='$uid'"))
		{
			redirect("usercp.php","Congratulations, Your Profile Twitter ID has been successfully Updated !");
		}

You should run $values through $db->escape_string, not htmlspecialchars.  Otherwise, this plugin is vulnerable to SQL injection.  htmlspecialchars should only be used at display time, however, as you're inserting this directly into Javascript, you really need more sanitisation over this variable.
$uid = $mybb->user[uid]; should be $uid = $mybb->user['uid'];  You have some other instances of dropping quotes around array indicies in templates - all of these should have quotes around them.
In general, you should use $db->update_query, instead of $db->query for updates, unless you have some special circumstance, in which case, you should use $db->write_query

You shouldn't be escaping $ characters in find_replace_templatesets replacements, since you're using single quote strings.
Also, this is actually incorrect:

PHP Code: 
"gid"			=> "NULL",

Simply don't set these ID fields on DB insertion.

This is probably a bit convoluted:

PHP Code: 
	$enable = $mybb->settings['my_profile_tweets_enable'];

	$uid = $memprofile['uid'];
	$query = $db->simple_select("users", "*", "uid='$uid'");
	$mpt = $db->fetch_field($query, "mpt");

	if (empty($mpt))
	{
		$mpt = $mybb->settings['my_profile_tweets_default'];
	}

	if ($enable != "0")
	{
		eval("\$my_profile_tweets = \"".$templates->get("my_profile_tweets")."\";");
	}

Try this instead:

PHP Code: 
	if(!$mybb->settings['my_profile_tweets_enable']) return;

	$mpt = $memprofile['mpt'];
	if(empty($mpt)) $mpt = $mybb->settings['my_profile_tweets_default'];
	$uid = $memprofile['uid'];
	eval("\$my_profile_tweets = \"".$templates->get("my_profile_tweets")."\";");


Hope that helps Smile

Imran

09-22-2010, 04:04 PM
Thanks for the valuable suggestions Yumi. I'm going to edit plugin file and will post final results later on. Its a first plugin created myself so mistakes may happen Tongue

Kind regards,

RateU

09-23-2010, 03:38 AM
Thanks for sharing, Imran Smile

Imran

09-23-2010, 07:10 AM
No problem RateU Smile
I'm actually learning from you guys Smile Thanks for your anticipation.
MyBB Hacks > Modifications > My Profile Tweets [v 1.0]
Reference URL's