vb.org Archive
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   VERY quick avatar/attachment protector (https://vborg.vbsupport.ru/showthread.php?t=41065)

Boofo 07-14-2002 11:04 PM
CJi, I forgot to ask in my last message...you can add more addresses to that, right, if you want some site to be able to link to it? But what would happen, if you did that, if someone linked to the extra site that you allowed in there? Is there any way to stop them from linking to that other site and bypassing it? I have a main site that I use for commercial purposes and I would maybe like to be able to links things to there. But if someone linked to my main site, this wouldn't do me any good, would it?

Velocd 07-15-2002 12:26 AM
A quick check, would this be ok (for the DOMAIN parts):
PHP Code:
$referers = array ('www.mysite.com/forums','mysite.com/forums','aaa.bbb.ccc.ddd'); 

Brainmaster 07-15-2002 12:43 AM
Quote:
PHP Code:
$referers = array ('www.yourforums.com','yourforums.com','aaa.bbb.ccc.ddd'); 

function check_referer($referers){ 
   if (count($referers)){ 
      $found false
      $temp explode('/',getenv("HTTP_REFERER")); 
      $referer $temp[2]; 
      for ($x=0$x count($referers); $x++){ 
         if (ereg ($referers[$x], $referer)) { 
            $found true
         } 
      } 
      if (!$found){ 
      exit;
      } 
         return $found
      } else { 
         return true;
   } 


check_referer($referers); 
In what kind of file must I add this code?

Velocd 07-15-2002 01:12 AM
From post#1:

Quote:
Originally posted by CJi

Place at the top of avatar.php and attachment.php just after:

PHP Code:
<?php

JJR512 07-15-2002 01:41 AM
Question: The instructions say to place right after <?php. There is a similar hack, but to prevent attachment stealing, here: https://vborg.vbsupport.ru/showthrea...threadid=35399 Now this hack says to place the code after require("./global.php");. Is there a difference between either placement? Should I change my installation of that hack to place the code right after <?php, instead of after require("./global.php");?

Actually, upon closer examination, it looks like this version and that version are pretty different. Which one is better? ;)

Boofo 07-15-2002 02:36 AM
Is there any way to have this hack also display a picture or file to the user who is trying to crosslink to let them know that we know they are trying to do it (like in the hack that JJR512 mentioned)?

Boofo 07-15-2002 03:10 AM
Would there also be any way to make this work site-wide or forum specific? I want tp put up a couple of forums with pictures the wife has made in various programs (Bryce 5, PhotShop, etc.) and we want to keep others from linking to them.

Velocd 07-15-2002 03:48 AM
Lol, whenever you post Boofo it's usually in the form of doublepost, try using the edit button :)

More importantly though, I'm more interested in this request as well:

Quote:
Originally posted by JJR512

Actually, upon closer examination, it looks like this version and that version are pretty different. Which one is better? ;)
Any thoughts about this CJi?

PS: And Boofo, in your post above there are options in the cpanel of your site to prevent image stealing or certain directory access, so it shouldn't have to do with vbulletin.

Boofo 07-15-2002 03:57 AM
First of all, how do you spell edit? If I can't spell it, how can I use it? :)

Quote:
Originally posted by Velocd
Lol, whenever you post Boofo it's usually in the form of doublepost, try using the edit button :)

More importantly though, I'm more interested in this request as well:



Any thoughts about this CJi?


But how would that prevent linking from other sites? :)

Quote:
PS: And Boofo, in your post above there are options in the cpanel of your site to prevent image stealing or certain directory access, so it shouldn't have to do with vbulletin.

CJi 07-15-2002 07:34 AM
Velocd: You can't put any path declarations in the array, only a domain or IP address. So you can't add say, www.forums.com/forums/, only www.forums.com.

Bofo: Yep, you can add more, just add more fields to the array seperated by a comma.

JJR512: I can't comment on the other hack, I'm at work at the minute so don't really have time to check over it at the moment, but I'm imagining that the other hack uses some database resources, whereas this one doesn't. By sticking the code right at the top of the script, it cuts out processing time and disk access, as there is no need to include global.php and parse it's contents. This script simply checks where the request comes from, if it isn't known, it bombs right out, if it is allowed, it then goes forth to process the rest of the script. :)

Hope that helps.


All times are GMT. The time now is 11:55 AM.
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01225 seconds
  • Memory Usage 1,749KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_php_printable
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete