In btit v.1.x hacking your tracker was meanly copy and past work; in xbtit v.2 the major work must be done by releaser of hacks, as tracker's admin your only job will be to upload a folder and click a button
I'll try to make a little “how to” using my best english

<hack>
  <title>Signature on (Internal) Forum</title>
  <author>Original author: Ksami</author>
  <version>1.0</version>
  <!-- usercp.profile.php -->
  <file>

    <name>"$DEFAULT_ROOT/user/usercp.profile.php"</name>

$avatar=htmlspecialchars(AddSlashes($_POST["avatar"]));

    <operation>
      <search><![CDATA[$avatar=htmlspecialchars(AddSlashes($_POST["avatar"]));]]></search>

           $signature=AddSlashes(htmlspecialchars($_POST["signature"]));

      <action>"add"</action>
      <where>"after"</where>
      <data><![CDATA[           $signature=AddSlashes(htmlspecialchars($_POST["signature"]));]]></data>
    </operation>
  </file>
</hack>

And so on for all operations and files hack engine need to edit.

As we saw above the modification.xml, which is the main (only in most case) part to create/edit, have some sections, each section have a specific scope, we will now see in the detail each one:

This section indicate the hack begin/end, a modification.xml can handle more than one hack, but if you have to install more than one hack, it's much better to use more modification.xml (one for each hack)

Well this is easy to understand, here you put the hack's title which will appear into admincp hack's list.

As above, the hack's author's name (yourself?), will be visualized into admincp hack's list.

The hack's version, will be displayed in admincp hack's list too.

This can be repeated as many time as the number of file hack engine need to edit files.

You need to specify full path+file name, some path's variable already defined (they will allow you to change all files in each folder):

• $DEFAULT_ROOT: point to tracker's root
• $DEFAULT_STYLE_PATH: point to default style folder (root/style/xbtit_default)
• $DEFAULT_LANGUAGE_PATH: point to default language folder (root/language/english)

then supposing tracker's root is /var/www/mytracker, $DEFAULT_ROOT/details.php will point to /var/www/mytracker/details.php

If you are executing a SQL query, then use then name of “database” (example: <name>“database”</name>)

This is multiple section too, it must be repeated as much time as the number of operation we will need to do on the single file.

You'll have to specify the string searched in the opened file. Multi row text MUST by specified as
<![CDATA[…the searched string will go here (without commas)…]]>
It's better if you always use CDATA.
not required in action's case: sql and copy.

You'll have to specify the string to put in the opened file. Multi row text MUST by specified as
<![CDATA[…the insert string will go here (without commas)…]]>
It's better if you always use CDATA.

In this section you must tell the engine where the file or the string must be added. Available values are:

• before: the <data> part will be added before the <search> part
• after: the <data> part will be added after the <search> part
• path+file name: the <data> file will be copied using this reference, same default path available as for <name> section

not required in action's case: sql and remove

available actions are:

• add: the <data> part will be added
• remove: the <search> part will be delete
• replace: the <data> part will replace the <search> part
• copy: the file specified will be copied using the <where> destination
• sql: tha <data> part will be executed as query

That's all. We hope you'll enjoy this new hack system:

• As developer, because hack distribution will be more capillary and admin without php knowledge will able to use your hacks too.
• As admin, because installing hacks was never so easy!

Have Fun!