Thank you for taking the time to read this.
I run a vBulletin 4.1.x forum, a primarily PHP/MySQL forum software that most of you are doubtless familiar with in one degree or another.
I prefer that my users encrypt their private messages, however since the discussions they are having are purely above-board, I do not wish to *require* that the Private Messages be encrypted. I only wish to encourage good security practice among members.
To this end, I want to be able to add a little bit of code to vBulletin which, upon the user hitting the Send button, checks the Private Message for the ---BEGIN PGP MESSAGE--- text. If that text is not present in the message, I wish the user to be prompted to verify that they are willingly sending an insecure message.
Again, this is not intended to be used as a real security mechanism, but rather just as a training too to hopefully get some people into the habit of using good security practice. The fact that the user could simply insert the ---BEGIN PGP MESSAGE--- text into their message at any point and fool this little PHP hack is irrelevant. This is intended as a seat belt, but not as a seat belt law.
Is there anyone who might be able to provide my fully-PHP-ignorant butt with instructions on how to do this? A friend of mine did it several years ago and so I know that it can be done, however unfortunately I did not pay attention to what he had changed to add those few lines of PHP to vBulletin.
I would be eternally grateful - which, as we all know, these days buys zero ounces of $5/cup coffee, but gratitude and courtesy are becoming a lost art, and I am hoping to appeal to those of us who want to keep helpful tradition alive. Please help me to help my forum members.
Thank you very kindly for any consideration. Please note that if you require any assistance in helping me, for instance small snippits of code from my vBulletin PM module, just say the word and I will be happy to oblige right away. Naturally I will not violate any copyright laws by pasting more than necessary, but I am highly motivated to make this happen. With some of the things going on in less free parts of the world, sadly, just the daily world news is important to get to certain people. That is all that I can say about who you will be helping.
Help with what I think is an easy problem
Moderator: General Moderators
-
x_mutatis_mutandis_x
- Forum Contributor
- Posts: 160
- Joined: Tue Apr 17, 2012 12:57 pm
Re: Help with what I think is an easy problem
I'm not aware of details of "vBulletin" software, but if it's not hard to implement a "checkbox" next to send button asking user if he wants to encrypt the message? Based on which you can either select it by default, and have users uncheck it, in which case you can prompt the user with "are you sure" kind of a message.
Re: Help with what I think is an easy problem
Just my ignorant-of-the-full-situation-2-cents: Requiring PGP encryption in private messages seems like a total pain in the ass. If you want the private information data to be secure, do the hashing on your side.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.