View Full Version : Active Link Security
I am no longer giving support for this hack. Use this hack: 95753 instead. You can take my redirector page and use it though.
Thanks to TC from ElAntro.cl for the PHP code.
Active Link Security 5.2
This hack will allow you to have active links on your forum but with security knowing the place were you are linking to wont know were you users came from. IE. If you click on a link in a post on your web site, the web site you go to will not know were you came from.
Time: < 30 seconds
Files to upload: 1
For vb 3.0.x version: 70684
No screenshots needed. Also, please click ?install? if you use.
ThePimp
06-24-2005, 10:46 PM
Hmm... Interesting. Does this in effect act as an outlink filter? Part of why I ask is that if someone posts http://www.website.com it is interpreted as an outgoing link to the Google spiders and most other SE scrapers, but if they come across a dynamic link such as link.php?url=http://www.website.com, it doesn't get indexed as an outlink, and will help your PR.
Is that what this mod does? If not, maybe I'm misunderstanding the purpose of this.
Hmm... Interesting. Does this in effect act as an outlink filter? Part of why I ask is that if someone posts http://www.website.com it is interpreted as an outgoing link to the Google spiders and most other SE scrapers, but if they come across a dynamic link such as link.php?url=http://www.website.com, it doesn't get indexed as an outlink, and will help your PR.
Is that what this mod does? If not, maybe I'm misunderstanding the purpose of this.
I'm not sure what your saying.
What I know this DOES do is does not let the web site you go to know were you came from. Lots if notall web site keep track of were users came from. The hack will prevent them from knowing the people came from your web site.
Here is an example:
Click here (http://network-tools.com/analyze). Look at: "You linked from here (if you linked from another web page):"
Now, click here (http://www.c4p.cn/links.php?url=http://network-tools.com/analyze). Now look again there.
ThePimp
06-25-2005, 10:10 AM
Here is an example:
Click here (http://network-tools.com/analyze). Look at: "You linked from here (if you linked from another web page):"
Now, click here (http://www.c4p.cn/links.php?url=http://network-tools.com/analyze). Now look again there.
Right, I see what you are saying. I have a feeling that I'm correct about what I posted above. This is a good hack if it works out like I think it will. I'll do some SE testing with it and see what I can come up with. If I have favorable results, I'll let you know.
ThePimp
06-26-2005, 12:17 PM
I was just thinking about this script, it would be a nice addition to add click tracking to it. Where when someone clicks an outgoing link from your site, the script logs the click, and where you can view different traffic stats in the AdminCP.
OUT CLICKS:
25 http://www.google.com
12 http://www.yahoo.com
10 http://www.vbulletin.org
etc...
Possibly browser sniffing, resolution tracking etc...
Just an idea.
Since the recommended code to find does not appear in RC1 you should look for this:
// standard URL hyperlink
and add the replacement code above it. At least this is how I got it to work.
Since the recommended code to find does not appear in RC1 you should look for this:
// standard URL hyperlink
and add the replacement code above it. At least this is how I got it to work.
Yes, this is correct although I will be looking into make this hack a plugin.
Andreas
07-27-2005, 11:29 PM
Yes, this is correct although I will be looking into make this hack a plugin.
Hookname: bbcode_create
$this->tag_list['no_option']['url']['callback'] = 'handle_external';
$this->tag_list['no_option']['url']['external_callback'] = 'handle_bbcode_secure_url';
$this->tag_list['option']['url']['callback'] = 'handle_external';
$this->tag_list['option']['url']['external_callback'] = 'handle_bbcode_secure_url';
if (!function_exists('handle_bbcode_secure_url'))
{
function handle_bbcode_secure_url(&$parser, $text, $link = null)
{
$rightlink = trim($link);
if (empty($rightlink))
{
// no option -- use param
$rightlink = trim($text);
}
$rightlink = str_replace(array('`', '"', "'", '['), array('`', '"', ''', '['), $parser->strip_smilies($rightlink));
if (!preg_match('#^[a-z0-9]+://#si', $rightlink))
{
$rightlink = "http://$rightlink";
}
if (!trim($link) OR $text == $rightlink)
{
$tmp = unhtmlspecialchars($rightlink);
if (vbstrlen($tmp) > 55 AND $this->is_wysiwyg() == false)
{
$text = htmlspecialchars_uni(substr($tmp, 0, 36) . '...' . substr($tmp, -14));
}
}
// remove double spaces -- fixes issues with wordwrap
$rightlink = str_replace(' ', '', $rightlink);
// standard URL hyperlink
return "<a href=\"links.php?url=$rightlink\" target=\"_blank\">$text</a>";
}
}
Hookname: bbcode_create
$this->tag_list['no_option']['url']['callback'] = 'handle_external';
$this->tag_list['no_option']['url']['external_callback'] = 'handle_bbcode_secure_url';
$this->tag_list['option']['url']['callback'] = 'handle_external';
$this->tag_list['option']['url']['external_callback'] = 'handle_bbcode_secure_url';
if (!function_exists('handle_bbcode_secure_url'))
{
function handle_bbcode_secure_url(&$parser, $text, $link = null)
{
$rightlink = trim($link);
if (empty($rightlink))
{
// no option -- use param
$rightlink = trim($text);
}
$rightlink = str_replace(array('`', '"', "'", '['), array('`', '"', ''', '['), $parser->strip_smilies($rightlink));
if (!preg_match('#^[a-z0-9]+://#si', $rightlink))
{
$rightlink = "http://$rightlink";
}
if (!trim($link) OR $text == $rightlink)
{
$tmp = unhtmlspecialchars($rightlink);
if (vbstrlen($tmp) > 55 AND $this->is_wysiwyg() == false)
{
$text = htmlspecialchars_uni(substr($tmp, 0, 36) . '...' . substr($tmp, -14));
}
}
// remove double spaces -- fixes issues with wordwrap
$rightlink = str_replace(' ', '', $rightlink);
// standard URL hyperlink
return "<a href=\"links.php?url=$rightlink\" target=\"_blank\">$text</a>";
}
}
Looking at this code, I had to take a double look. What the hell is this? Then I figured it out. Your a clown!
I just started looking though the code for a way to do it. Your sounds great but too easy. I'll look around a drop more before releasing something.
Hookname: bbcode_create
$this->tag_list['no_option']['url']['callback'] = 'handle_external';
$this->tag_list['no_option']['url']['external_callback'] = 'handle_bbcode_secure_url';
$this->tag_list['option']['url']['callback'] = 'handle_external';
$this->tag_list['option']['url']['external_callback'] = 'handle_bbcode_secure_url';
if (!function_exists('handle_bbcode_secure_url'))
{
function handle_bbcode_secure_url(&$parser, $text, $link = null)
{
$rightlink = trim($link);
if (empty($rightlink))
{
// no option -- use param
$rightlink = trim($text);
}
$rightlink = str_replace(array('`', '"', "'", '['), array('`', '"', ''', '['), $parser->strip_smilies($rightlink));
if (!preg_match('#^[a-z0-9]+://#si', $rightlink))
{
$rightlink = "http://$rightlink";
}
if (!trim($link) OR $text == $rightlink)
{
$tmp = unhtmlspecialchars($rightlink);
if (vbstrlen($tmp) > 55 AND $this->is_wysiwyg() == false)
{
$text = htmlspecialchars_uni(substr($tmp, 0, 36) . '...' . substr($tmp, -14));
}
}
// remove double spaces -- fixes issues with wordwrap
$rightlink = str_replace(' ', '', $rightlink);
// standard URL hyperlink
return "<a href=\"links.php?url=$rightlink\" target=\"_blank\">$text</a>";
}
}
I get an error when I run this: parse error, expecting `')'' in eval()'d code on line 17.
Andreas
07-28-2005, 06:08 AM
Looking at this code, I had to take a double look. What the hell is this? Then I figured it out. Your a clown!
Well, if you find another way - let me know, as I don't see one :)
Does work fine for me without parse errors.
Well, if you find another way - let me know, as I don't see one :)
Does work fine for me without parse errors.
So far I didn't. I kept this hack as a code hack right now and updated the installation information.
Hack has been updated.
2 changes.
1) No longer a code hack. This is now a plug-in with one file upload
2) links.php was changed to redirector.php
@KirbyDE, did I comeout with a much easier plugin? (and no errors) :)
Hack has been updated.
2 changes.
1) No longer a code hack. This is now a plug-in with one file upload
2) links.php was changed to redirector.php
@KirbyDE, did I comeout with a much easier plugin? (and no errors) :)
I removed the download just now since I just realized a small problem.
I removed the download just now since I just realized a small problem.
All fixed now :) You can download now guys.
???`S?LV?R???`
08-05-2005, 11:50 PM
It doesn't show any title in the Plugin System Title area
It doesn't show any title in the Plugin System Title area
Did you import into Products or into plugins? You should import into products and 2 plugins will be added.
Andreas
08-07-2005, 12:51 AM
@KirbyDE, did I comeout with a much easier plugin? (and no errors) :)
Really nice solution :)
Unfortunately I can't use it, as I need special markup (Image in front of the URL) for external Links.
Very useful .. installed and working with no problems.
Clicked install.
Bro_Joey_Gowdy
08-15-2005, 07:29 PM
*Rowdy clicks install*
Catlover
08-19-2005, 11:25 AM
Hi, Abe1. I want to ask you to make if you have any chance and time something with this nice product.
For example, if we post link like a anotherdomain.com, vbulletin generates link like a http://forumdomain.com/redirect.php?query=http://anotherdomain.com - That's right, very good, but if you have any ideas how to make something like this: I post link on forumdomain.com and vbulletin don't convert it into redirect.php?query..., so, i can post links on forum's threads without redirect script.
Thank you in advance.
Hi, Abe1. I want to ask you to make if you have any chance and time something with this nice product.
For example, if we post link like a anotherdomain.com, vbulletin generates link like a http://forumdomain.com/redirect.php?query=http://anotherdomain.com - That's right, very good, but if you have any ideas how to make something like this: I post link on forumdomain.com and vbulletin don't convert it into redirect.php?query..., so, i can post links on forum's threads without redirect script.
Thank you in advance.
Links to your direct website should be put into [post] and [thread] tags.
Catlover
08-19-2005, 09:05 PM
Sure, but if i have portal (non-vb) and forum on one domain...
Sure, but if i have portal (non-vb) and forum on one domain...
Sorry, no way right now.
Gizmo5h1t3
08-24-2005, 07:00 AM
okies, installed this, but now, when i click on a link in RC2 that a member has cut n pasted from somewhere else, i get this prompt, then obviously a "page cannot be displayed message".
any ideas as to whats goin on here??
You are being re-directed to:
http://redirector.php?url=http://redirector.php?url=http://redirector.php?url=http://redirector.php?url=http://news.bbc.co.uk/sport1/hi/football/teams/a/aston_villa/default.stm
buger, as its not allowing it to show up properly on here, just hover over the url, for the full display of what i get on my screen...
its just repeating itself over and over....
typed in links in posts are fine, just links that are copied and pasted from elsewhere....are goosed.
okies, installed this, but now, when i click on a link in RC2 that a member has cut n pasted from somewhere else, i get this prompt, then obviously a "page cannot be displayed message".
any ideas as to whats goin on here??
You are being re-directed to:
http://redirector.php?url=http://redirector.php?url=http://redirector.php?url=http://redirector.php?url=http://news.bbc.co.uk/sport1/hi/football/teams/a/aston_villa/default.stm
buger, as its not allowing it to show up properly on here, just hover over the url, for the full display of what i get on my screen...
its just repeating itself over and over....
typed in links in posts are fine, just links that are copied and pasted from elsewhere....are goosed.
No clue. Check to make sure this doesn't overlay with another hack.
Catlover
08-24-2005, 06:17 PM
I have same trouble.
Abe1, i have a way for 3.0.7, may be i can pm you and it will help you?
I have same trouble.
Abe1, i have a way for 3.0.7, may be i can pm you and it will help you?
Same as Gizmo5h1t3?
Catlover
08-25-2005, 08:42 AM
Same as Gizmo5h1t3?
yeah :( double links and i don't understand...sometimes i saw normal redirect links, sometimes it's not normal.
Well, as i already say i have solution for 3.0.X versions, but i don't know how to port it to the newest vb. If you want i can pm you with some descriptions.
Valter
08-27-2005, 01:55 AM
Hi Abe1
If we have "+" inside url it will be changed to " " (space).
For example if link is:
"http://somesite.com/something+something"
redirection page will show "redirecting to
http://somesite.com/something something"
and usually you'll get "404" error.
Do you know why this is happening?
Thanks
Hi Abe1
If we have "+" inside url it will be changed to " " (space).
For example if link is:
"http://somesite.com/something+something"
redirection page will show "redirecting to
http://somesite.com/something something"
and usually you'll get "404" error.
Do you know why this is happening?
Thanks
it doesn't work with spaces. I will try to see what I can do. I never realy tried to work on the hack.
CMX_CMGSCCC
09-30-2005, 03:39 PM
There's a bug too when you "quick edit" a post, it puts redirector.php inside the URL twice.
-CMX
RMS-Chef
10-03-2005, 04:10 AM
There's a bug too when you "quick edit" a post, it puts redirector.php inside the URL twice.
-CMX
...and a 3rd, 4th, 5th...adding it again each time you edit.
I have this issue too. Here is what is happening to me.
Currently running RC3.
Created a thread/post with the text http://www.vbulletin.org
*Submit and works fine with the actual parsed link being: http://www.mysite.com/redirector.php?url=http://www.vbulletin.org
*I then click "EDIT" and add some new text "Edit 1" and click save. Oddly enough, the parsed link is still OK and linking to:
http://www.mysite.com/redirector.php?url=http://www.vbulletin.org
*Click EDIT again and add some more text, "Edit 2" and click save. Now the parsed link is linking to:
http://www.mysite.com/redirector.php?url=http://redirector.php?url=http://www.vbulletin.org
*Click EDIT again, add "Edit 3" and click save. Now linking to:
http://www.mysite.com/redirector.php?url=http://redirector.php?url=http://redirector.php?url=http://www.vbulletin.org
So after the second edit it is adding the extra stuff again and again on each new edit. This also happens the same exact way when I click EDIT, then immediately click GO ADVANCED.
EDIT:
This is not a Quick Edit bug.
This issue seems to be related to the WYSIWYG editor only.
I don't have the above issues if I change to Standard or Basic editors.
havefun
10-03-2005, 10:27 AM
i use it with vb code:
(so i only needed redirector.php) THX
tag: ano
code: <div class="smallfont" style="color: red;">Anonymer Link:</div><a title="Anonymer Link" href="http://www.YourUrl.de/redirector.php?url=http://{param}" target="_blank">{param}</a>
{option}: no
example: www.vbulletin.org
=:
Externer Link:
www.vbulletin.org (http://www.YourUrl.de/redirector.php?url=http://www.vbulletin.org)
i modified redirector.php for me (xhtml..):
<?
foreach ($_GET as $key => $value) {
$site .= $key."=".$value."&";
}
$site = substr($site, 4, -1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Re-directing...</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<meta http-equiv="refresh" content="0; URL=<? echo $site; ?>" />
</head>
<body>
<table cellpadding="0" cellspacing="0" border="0" width="70%" align="center">
<tr>
<td align="center">
<div>
<blockquote>
<p> </p>
<p><strong>You are being re-directed to:</strong></p>
<p><b><i> <? echo $site; ?></i></b></p>
<div> </div>
</blockquote>
</div>
</td>
</tr>
</table>
</body>
</html>
Hi, Abe1. I want to ask you to make if you have any chance and time something with this nice product.
For example, if we post link like a anotherdomain.com, vbulletin generates link like a http://forumdomain.com/redirect.php?query=http://anotherdomain.com - That's right, very good, but if you have any ideas how to make something like this: I post link on forumdomain.com and vbulletin don't convert it into redirect.php?query..., so, i can post links on forum's threads without redirect script.
Thank you in advance.
Sorry, no way right now.
I fixed mine....
in your plugin manager find:
Active Link Security Hack in bbcode_parse_complete
then replace:
$text = str_replace('href="http', 'href="redirector.php?url=http', $text);
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
with:
if (!eregi('yourdomain.com', $text)) {
$text = str_replace('href="http', 'href="redirector.php?url=http', $text);
}
if (!eregi('yourdomain.com', $parsedtext)) {
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
}
SAVE IT
then find:
in your plugin manager find:
Active Link Security Hack in bbcode_parse_start
then replace:
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
with:
if (!eregi('yourdomain.com', $parsedtext)) {
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
}
SAVE IT
Done....I tested this and it works...except if the post contains a link in your site...because once it finds your domain name in the post or parsed text it will not run the plugin....sooooooooooooo if anyone can figure that part out...it would be hella cool.
But this worked for me at www.ejuan.com so i figured, i'd share.
JohnBee
10-05-2005, 10:56 AM
same trouble here. Links don't resolve properly. "uninstall" sigh...
Catlover
10-05-2005, 12:21 PM
Jugo, thank you. I have already resolve this trouble.
RMS-Chef
10-05-2005, 04:34 PM
same trouble here. Links don't resolve properly. "uninstall" sigh...
They will if you disable Enhanced WYSIWYG controls.
Right now it's a toss up until Abe or someone else can fix the issue.
Also, this works well with EI and FF by default browser settings but Opera has an option like "Log Referers" that is enabled by default that still passes on referer information.
CMX_CMGSCCC
10-05-2005, 05:40 PM
Here's what I'm testing on my forums right now and it seems to be ok with Editing the post with the WYSIWYG controls.
hook: bbcode_parse_start
$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);
hook: bbcode_parse_complete
$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$text = preg_replace($URLSearch, $URLReplace, $text);
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);
It should cover url's with characters ./,/=&;:?
If you need more characters, just add them to the $URLSearch = line somewhere inside the [a-zA-Z part of the regular expression, probably after one of the \= for example.
-CMX
Jugo, thank you. I have already resolve this trouble.
What solution did YOU use?? I would like to know.... :nervous:
I am no longer giving support for this hack. Use this hack: 95753 instead. You can take my redirector page and use it though.
RMS-Chef
10-06-2005, 05:12 PM
Bah, that one relies on 3rd party sites. I like to keep things in house.
Thanks though for this so far Abe.
RMS-Chef
10-06-2005, 05:13 PM
Here's what I'm testing on my forums right now and it seems to be ok with Editing the post with the WYSIWYG controls.
hook: bbcode_parse_start
$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);
hook: bbcode_parse_complete
$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$text = preg_replace($URLSearch, $URLReplace, $text);
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);
It should cover url's with characters ./,/=&;:?
If you need more characters, just add them to the $URLSearch = line somewhere inside the [a-zA-Z part of the regular expression, probably after one of the \= for example.
-CMX
Just plain old did not work for me.
Replaced the code in the 2 plugins and it seemed to stop working at all.
Bah, that one relies on 3rd party sites. I like to keep things in house.
Thanks though for this so far Abe.
You can use that hack with my redirector page.
bigmonay2k
10-17-2005, 02:37 PM
this hack sound good I amgoing to install it.
MyGamez
03-16-2006, 08:01 AM
/me Clicks Installs Very Nice Thank You
SevgimBoard
10-17-2009, 08:38 AM
thank you
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.