Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
Post Edit History (PEH) Details »
Post Edit History (PEH)
Mod Version: 1.5.0 B 3, by Surviver (Member) Surviver is offline
Developer Last Online: Oct 2018 I like it Show Printable Version Email this Page

This modification is in the archives.
vB Version: 3.6.8 Rating: (20 votes - 4.75 average) Installs: 184
Released: 28 Nov 2006 Last Update: 27 Oct 2007 Downloads: 1264
Not Supported DB Changes Uses Plugins Template Edits Additional Files Translations Is in Beta Stage  

Edithistory (1.5.0 B 3)

What does this Modification?
This Modification saves a version of a post if someone edits it. If there are saved edits for a post, you can view the "Post History" and you are able to restore old posts.
Also you can compare saved versions of a post.

Installation
Installation-Instructions are included in the zip-File

What's new in Version 1.5.0 B 2?

In this version i made a lot of improvement: eg. I've overwritten the code, the Ajax Compare function now works properly (Screen #3) and I implented a function to mass restore posts of a user. (Screen #6)

Screenshots

#1
Attachment 71292

#2
Attachment 71293

#3 (Compare saved version)
Attachment 71294

#4 (Usergroup Permissions)
Attachment 71295

#5
Attachment 71296

#6 (Mass Restore posts of a user)
Attachment 71297

Not translated yet
- Admin Help



I only get a blank page after the update, waht can I do?

See the new FAQ



Regards
Surviver

PS: I'm very sorry about my bad english

PPS:If you use it, please klick install!

Download Now

Only licensed members can download files, Click Here for more information.

Addons

Supporters / CoAuthors

Screenshots

Click image for larger version

Name:	1.jpg
Views:	1006
Size:	15.1 KB
ID:	71292   Click image for larger version

Name:	2.jpg
Views:	942
Size:	13.4 KB
ID:	71293   Click image for larger version

Name:	3.jpg
Views:	772
Size:	13.1 KB
ID:	71294   Click image for larger version

Name:	4.jpg
Views:	543
Size:	25.3 KB
ID:	71295  

Click image for larger version

Name:	5.jpg
Views:	615
Size:	94.9 KB
ID:	71296   Click image for larger version

Name:	6.jpg
Views:	600
Size:	82.3 KB
ID:	71297  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Post Edit History Viewer Lieva vBulletin 3.5 Add-ons 157 07 Nov 2007 23:37

  #46  
Old 10 Dec 2006, 11:14
Nathan2006's Avatar
Nathan2006 Nathan2006 is offline
 
Join Date: Feb 2006
Thanks Surviver,

Updated and working great!

Reply With Quote
  #47  
Old 10 Dec 2006, 12:41
Viper007Bond's Avatar
Viper007Bond Viper007Bond is offline
 
Join Date: Oct 2006
Ran the query, changed the version number in my admin area to 1.2.1 (so the broken upgrade code wouldn't run), and ran the XML you had attached. Everything works now.
Reply With Quote
  #48  
Old 10 Dec 2006, 14:12
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Viper007Bond View Post
Ran the query, changed the version number in my admin area to 1.2.1 (so the broken upgrade code wouldn't run), and ran the XML you had attached. Everything works now.
Cool, and Sorry for my Mistakes
__________________
vBPoint
Reply With Quote
  #49  
Old 11 Dec 2006, 00:12
Protonus Protonus is offline
 
Join Date: Aug 2005
Real name: Jim
Updated, works, thanx!
Reply With Quote
  #50  
Old 14 Dec 2006, 20:56
Jackal von ÖRF's Avatar
Jackal von ÖRF Jackal von ÖRF is offline
 
Join Date: May 2002
At my forums there have been two cases when a user edited all of his messages to remove them from the forums (in one case he had over a thousand messages and it took him two days to edit them). What I've done to them is ban them (removing their right to edit their own posts) and restored all the messages from a backup (takes a couple of hours when writing some SQL scripts manually).

It would be nice if this mod offered the possibility to mass-undo all edits which a user made within a specific time frame. The same way as the prune tools in vB's Admin CP work. It should show all individual edits (before and after editing), when it was done, who edited it, and there should be a checkbox for selecting the edits which should be undone.

It would also be nice for the program to send a PM to the admins/moderators when a user edits many of his old messages in a short time. It should be configurable so, that editing even one old message (for example older than 30 days) would send a PM. Then the moderators could quickly stop the user from editing all of his messages away.

Anyways, thanks for your work. Your script looks promising. I'll try it soon. I first thought about creating a similar script myself, but luckily you had already done the job. (I might even offer some help in adding these features I requested, if I really like your script and I have the time.)

EDIT 1:
I looked quickly through your code (v1.2.1) and noticed the query in \includes\cron\edithistory.php. Wouldn't it look much nicer if it was written like this?

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Or does this have to do with the incompatibility between MySQL 4.0 and 4.1 as mentioned here? In that case how about writing it without the "AS" keyword like this? Also there should be a comment which would tell about the incompatibility and why the SQL had to be written in an ugly way. (In any case format the SQL to have less tabs; indentation of one tab instead of eight.)

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

EDIT 2:
Does the field edithistory.postid have an index at all? I noticed quite many queries use it in the WHERE condition, but I didn't find anywhere an index for it to be created. This might create full scans of the edithistory table...

Also, I noticed the following line of code. Since reason is a text field, the value assigned to it should be quoted in the SQL query. It would be a good habbit to always quote the values, even if you know that they are numeric.

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Also, I noticed from my DB dump of vB3.5.x (first install was 2.3.5 or older) that the editlog.reason field is defined as `reason` varchar(200) NOT NULL default '' but in your code you have the oldreason and newreason fields defined as varchar(255). Could somebody with a clean vB3.6.x install check that what the size should be?

EDIT 3:
As somebody already mentioned, there's no need for the cron job to run more often that once a day or week (I think it's now by default once an hour). It's rare that posts get physically deleted, so most of the time the cron job would do nothing. I hope you have checked that it uses indexes correctly and runs quickly. I'm just a bit worried because checking every postid might take some time for a big board... My board has some 300K posts and also boards with millions of posts exist. It would be better to remove those rows from edithistory when a post gets physically deleted, and not in a cron job.


PS: I think you should tick the boxes "Additional files" and "Is in Beta stage" for this mod. Also I recommend you to write more comments in your code (I didn't notice any).

Last edited by Jackal von ÖRF; 15 Dec 2006 at 00:05. Reason: some comments about the source code
Reply With Quote
  #51  
Old 15 Dec 2006, 13:43
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Jackal von ÖRF View Post
At my forums there have been two cases when a user edited all of his messages to remove them from the forums (in one case he had over a thousand messages and it took him two days to edit them). What I've done to them is ban them (removing their right to edit their own posts) and restored all the messages from a backup (takes a couple of hours when writing some SQL scripts manually).

It would be nice if this mod offered the possibility to mass-undo all edits which a user made within a specific time frame. The same way as the prune tools in vB's Admin CP work. It should show all individual edits (before and after editing), when it was done, who edited it, and there should be a checkbox for selecting the edits which should be undone.
I will see, waht I can do
Originally Posted by Jackal von ÖRF View Post
It would also be nice for the program to send a PM to the admins/moderators when a user edits many of his old messages in a short time. It should be configurable so, that editing even one old message (for example older than 30 days) would send a PM. Then the moderators could quickly stop the user from editing all of his messages away.
This would add 1-2 Querys if you edit a post ... (And not nany user would use ist)
Originally Posted by Jackal von ÖRF View Post

Anyways, thanks for your work. Your script looks promising. I'll try it soon. I first thought about creating a similar script myself, but luckily you had already done the job. (I might even offer some help in adding these features I requested, if I really like your script and I have the time.)

EDIT 1:
I looked quickly through your code (v1.2.1) and noticed the query in \includes\cron\edithistory.php. Wouldn't it look much nicer if it was written like this?

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Or does this have to do with the incompatibility between MySQL 4.0 and 4.1 as mentioned here? In that case how about writing it without the "AS" keyword like this? Also there should be a comment which would tell about the incompatibility and why the SQL had to be written in an ugly way. (In any case format the SQL to have less tabs; indentation of one tab instead of eight.)


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.
Or does this have to do with the incompatibility between MySQL 4.0 and 4.1 as mentioned here? Yes !
Originally Posted by Jackal von ÖRF View Post
EDIT 2:
Does the field edithistory.postid have an index at all? I noticed quite many queries use it in the WHERE condition, but I didn't find anywhere an index for it to be created. This might create full scans of the edithistory table...
I will add it !
Originally Posted by Jackal von ÖRF View Post
Also, I noticed the following line of code. Since reason is a text field, the value assigned to it should be quoted in the SQL query. It would be a good habbit to always quote the values, even if you know that they are numeric.

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.
I will fix it !
Originally Posted by Jackal von ÖRF View Post
Also, I noticed from my DB dump of vB3.5.x (first install was 2.3.5 or older) that the editlog.reason field is defined as `reason` varchar(200) NOT NULL default '' but in your code you have the oldreason and newreason fields defined as varchar(255). Could somebody with a clean vB3.6.x install check that what the size should be?
Why is the size important?
Originally Posted by Jackal von ÖRF View Post
EDIT 3:
As somebody already mentioned, there's no need for the cron job to run more often that once a day or week (I think it's now by default once an hour). It's rare that posts get physically deleted, so most of the time the cron job would do nothing. I hope you have checked that it uses indexes correctly and runs quickly. I'm just a bit worried because checking every postid might take some time for a big board... My board has some 300K posts and also boards with millions of posts exist. It would be better to remove those rows from edithistory when a post gets physically deleted, and not in a cron job.


PS: I think you should tick the boxes "Additional files" and "Is in Beta stage" for this mod. Also I recommend you to write more comments in your code (I didn't notice any).
I will check Additional Files, but it is not really a beta Release.
Maybe it has some bug, but its no relly Beta

Thanky for your feedback !

Greetings Surviver
__________________
vBPoint
Reply With Quote
  #52  
Old 16 Dec 2006, 06:31
Jackal von ÖRF's Avatar
Jackal von ÖRF Jackal von ÖRF is offline
 
Join Date: May 2002
Originally Posted by Surviver View Post
This would add 1-2 Querys if you edit a post ... (And not nany user would use ist)
Another way would be have search functions in the Admin CP, with which it would be possible to search for suspicious mass edits of old messages. For example in the same place where the controls for mass undoing the edits would be. Or some other way to view all edits which the users have done (just like there is the Moderator Log to see all moderation actions). The biggest problem might be, that how a large number of edits could be visualized informatively and effectively in a small space.

The feature of sending automatic PMs is not very important (and might not even be the optimal solution to the problem), so don't worry about implementing it yet. Maybe I'll make a custom tool for analyzing the edit actions. In any case I'll first need to experiment a bit to find a good way to visualize the edits, after I've had the edit history in use for some time and gathered real usage data.

I'll keep you informed if I get some good ideas.

Originally Posted by Surviver View Post
Why is the size important?
Well, since they are VARCHAR fields, I suppose it doesn't take any more space from the database than a VARCHAR(200) would take. So it's not really a problem. Just a matter of style and consistency.

Last edited by Jackal von ÖRF; 16 Dec 2006 at 06:40.
Reply With Quote
  #53  
Old 16 Dec 2006, 13:41
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Jackal von ÖRF View Post
Another way would be have search functions in the Admin CP, with which it would be possible to search for suspicious mass edits of old messages. For example in the same place where the controls for mass undoing the edits would be. Or some other way to view all edits which the users have done (just like there is the Moderator Log to see all moderation actions). The biggest problem might be, that how a large number of edits could be visualized informatively and effectively in a small space.

The feature of sending automatic PMs is not very important (and might not even be the optimal solution to the problem), so don't worry about implementing it yet. Maybe I'll make a custom tool for analyzing the edit actions. In any case I'll first need to experiment a bit to find a good way to visualize the edits, after I've had the edit history in use for some time and gathered real usage data.

I'll keep you informed if I get some good ideas.


Well, since they are VARCHAR fields, I suppose it doesn't take any more space from the database than a VARCHAR(200) would take. So it's not really a problem. Just a matter of style and consistency.
Ok, i will canch it in the new version. Annd i'll add an index
__________________
vBPoint
Reply With Quote
  #54  
Old 08 Jan 2007, 22:01
Jackal von ÖRF's Avatar
Jackal von ÖRF Jackal von ÖRF is offline
 
Join Date: May 2002

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

This has not yet been fixed in v1.2.2. Also, the value needs to be escaped. If only single quotes are added to the query, it will make the database vulnerable to SQL injection attack:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I also found that the rest of your the code is vulnerable to SQL injection attacks. You must ALWAYS escape EVERY parameter that is put to an SQL query:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


I've attached a version of edithistory.php where the above security holes have been fixed.

All users of PEH 1.2.2 (and below) are STRONGLY RECOMMENDED to apply this patch, or disable PEH.


PS: I noticed that there are more detailed instructions for installing PEH at http://www.my-vb.org/board/showthread.php?t=236 (fortunately I can read German, I'm worried about everybody else ). Could you also make the English instructions more detailed? Also, please include the instructions as a text file to the ZIP file, so that it would not be necessary to read this thread for the instructions.
Attached Files
File Type: zip edithistory-1.2.2-quickfix.zip (2.4 KB, 7 views)

Last edited by Jackal von ÖRF; 08 Jan 2007 at 22:31.
Reply With Quote
  #55  
Old 10 Jan 2007, 19:37
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Jackal von ÖRF View Post
Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

This has not yet been fixed in v1.2.2. Also, the value needs to be escaped. If only single quotes are added to the query, it will make the database vulnerable to SQL injection attack:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I also found that the rest of your the code is vulnerable to SQL injection attacks. You must ALWAYS escape EVERY parameter that is put to an SQL query:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


I've attached a version of edithistory.php where the above security holes have been fixed.

All users of PEH 1.2.2 (and below) are STRONGLY RECOMMENDED to apply this patch, or disable PEH.


PS: I noticed that there are more detailed instructions for installing PEH at http://www.my-vb.org/board/showthread.php?t=236 (fortunately I can read German, I'm worried about everybody else ). Could you also make the English instructions more detailed? Also, please include the instructions as a text file to the ZIP file, so that it would not be necessary to read this thread for the instructions.


Thank you, this is MY Mistake. I will attache a complete fixed Version in the first post, i inserted your name as co-author

I'll include the Installation Instructions,. but the Problem is, my English is too bad

I'll give my best

Greetings SUrviver
__________________
vBPoint
Reply With Quote
  #56  
Old 10 Jan 2007, 20:22
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Jackal von ÖRF View Post
Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

This has not yet been fixed in v1.2.2. Also, the value needs to be escaped. If only single quotes are added to the query, it will make the database vulnerable to SQL injection attack:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I also found that the rest of your the code is vulnerable to SQL injection attacks. You must ALWAYS escape EVERY parameter that is put to an SQL query:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


I've attached a version of edithistory.php where the above security holes have been fixed.

All users of PEH 1.2.2 (and below) are STRONGLY RECOMMENDED to apply this patch, or disable PEH.


PS: I noticed that there are more detailed instructions for installing PEH at http://www.my-vb.org/board/showthread.php?t=236 (fortunately I can read German, I'm worried about everybody else ). Could you also make the English instructions more detailed? Also, please include the instructions as a text file to the ZIP file, so that it would not be necessary to read this thread for the instructions.
Update, Thanks again !
__________________
vBPoint
Reply With Quote
  #57  
Old 12 Jan 2007, 09:55
Pottsy Pottsy is offline
 
Join Date: Sep 2006
I tried to update it to 1.2.3 (upload all new files and import xml with "allow overwrite") and got:

Database error in vBulletin 3.6.4:

Invalid SQL:
ALTER TABLE edithistory CHANGE reason oldreason varchar(200);

MySQL Error : Unknown column 'reason' in 'edithistory'
Error Number : 1054
Date : Friday, January 12th 2007 @ 09:50:17 AM
Script : xxxxxxplugin.php?do=productimport
Referrer : xxxxxxx?do=productadd
IP Address : xx.xx.xx.xx
Username : xxxxx
Classname : vb_database



EDIT: Got it working by running query

ALTER TABLE edithistory CHANGE oldreason reason varchar(255);

and then doing the import again.

Last edited by Pottsy; 12 Jan 2007 at 10:13.
Reply With Quote
  #58  
Old 12 Jan 2007, 12:21
TrIn@dOr TrIn@dOr is offline
 
Join Date: Nov 2006
Very nice, perhaps u can add in the explanations that by default NO usergroup can view the historys!! :P
Reply With Quote
  #59  
Old 12 Jan 2007, 13:18
Surviver's Avatar
Surviver Surviver is offline
 
Join Date: Feb 2006
Real name: Julian
Originally Posted by Pottsy View Post
I tried to update it to 1.2.3 (upload all new files and import xml with "allow overwrite") and got:

Database error in vBulletin 3.6.4:

Invalid SQL:
ALTER TABLE edithistory CHANGE reason oldreason varchar(200);

MySQL Error : Unknown column 'reason' in 'edithistory'
Error Number : 1054
Date : Friday, January 12th 2007 @ 09:50:17 AM
Script : xxxxxxplugin.php?do=productimport
Referrer : xxxxxxx?do=productadd
IP Address : xx.xx.xx.xx
Username : xxxxx
Classname : vb_database



EDIT: Got it working by running query

ALTER TABLE edithistory CHANGE oldreason reason varchar(255);

and then doing the import again.
I'll look at this

//I can nnot repoduce the Problem.
It works fine for me

* Altering Table post ...Done!

* Altering Table usergroup ...Done!

* Creating Table edithistory ... Done!

* Altering Table edithistory ...Done!

* Altering Table edithistory ...Done!

* Altering Table edithistory ...Done!

* Altering Table edithistory ...Done!

* Altering Table forum ...Done!

* Altering Table edithistory ...Done!

* Altering Table edithistory ...Done!

* Adding Index postid ...Done!
Originally Posted by TrIn@dOr View Post
Very nice, perhaps u can add in the explanations that by default NO usergroup can view the historys!! :P
This is Default
__________________
vBPoint
Reply With Quote
  #60  
Old 13 Jan 2007, 20:55
Nathan2006's Avatar
Nathan2006 Nathan2006 is offline
 
Join Date: Feb 2006
Thanks Surviver,

Updated and working
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 08:50.

Layout Options | Width: Wide Color: