vb.org Archive
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)
-   -   Stop Users from Cross-linking Attachments (https://vborg.vbsupport.ru/showthread.php?t=35399)

Guru 03-13-2002 01:48 AM
I want guests to be able to see the images and attachments... that's what we're selling. What I don't want is people using my bandwidth to post signature pics on other boards.

ixian 06-02-2002 08:52 AM
Just a little test from me.....

https://vborg.vbsupport.ru/

Guru 06-02-2002 05:09 PM
Quote:
Originally posted by ixian
Just a little test from me.....

http://www.maximumgamer.com/forums/a...=&postid=44037
You may want to fix the spelling of your site name in the substitute image...

ixian 06-02-2002 05:28 PM
Quote:
Originally posted by Guru


You may want to fix the spelling of your site name in the substitute image...
Ya, as you can tell I whipped one up in like 20 seconds:) Need to find a better substitute anyway.

Danny 06-04-2002 08:43 PM
<a href="http://www.golden-springs.com/forums/attachment.php?s=&postid=1813" target="_blank">http://www.golden-springs.com/forums...s=&postid=1813</a>

JZarate 06-05-2002 12:42 AM
<a href="http://www.seles-online.com/forums/attachment.php?postid=1" target="_blank">http://www.seles-online.com/forums/a...t.php?postid=1</a>

This hack works great. Thanks.

Jujubee 06-23-2002 11:34 PM
Seems like any referer-based functionality is being broken as each day passes. My IE6 users have no referer so they get blocked too. Various firewall packages also hide the referer. :(

Seems like we're going to have to use sessions/cookies to get this to work right... ugh.

DR2000 06-24-2002 08:00 PM
A slight variation for those who are interested:

I have a forum set up so guests wouldn't be able to see the attachments, and attachments themselves are shown right in the thread (not with a link).

So the following change in code does the following:
- all guest see an specified image instead of an attachment.
- whoever tries to link to your attachment image from the different site will not be able to show it. the replacement image is going to show up instead of whatever is in attachment for all unregged people.

Find this in attachment.php:
PHP Code:
$permissions=getpermissions($getforuminfo[forumid]);
if (!$permissions[canview] or !$permissions[cangetattachment]) {
  show_nopermission();

and replace show_nopermissions(); with this:

PHP Code:
  header("Location: http://www.4adrive.com/img/attachment.jpg");
  exit; 
So here's how it should end up looking:
PHP Code:
$permissions=getpermissions($getforuminfo[forumid]);
if (!$permissions[canview] or !$permissions[cangetattachment]) {
  header("Location: http://www.4adrive.com/img/attachment.jpg");
  exit;

Of course replace the url of the image to whatever you want displayed there.

I use the following image:
https://vborg.vbsupport.ru/

Jujubee 06-24-2002 08:29 PM
Thanks for the tip DR2000 -- I'll make those changes myself now. :)

And maybe you should note that the
Admin -> User Groups -> Modify -> Unregistered -> Can download attachments

should be set to 'No'.

BTW, 'member' is misspelled in your graphic. :p

DR2000 06-24-2002 09:36 PM
Quote:
Originally posted by Jujubee

BTW, 'member' is misspelled in your graphic. :p
Yish! Thanks for telling me. I was using that image for ages, and never knew. :)

Smoothie 07-15-2002 03:19 AM
Nice! The actual image doesn't show unless unregistered users click the attachment link. Is that how it should be?

BabyU 07-16-2002 11:05 AM
Will this work with smilies too? I have the worst time with people linking to them on other boards.

chrissysdaddy 07-16-2002 07:34 PM
This looks like a great hack. I am having a major problem though. as soon as I add ANYTHING to the attachment.php script, I get broken links! I tryed lust adding this line;

echo "test";

but as soon as I do, I get broken links instead of the attachments.

I AM CONFUSED! Can someone help me pull my head out of my a**?

BabyU 07-24-2002 04:14 PM
ugh

Guru 07-24-2002 11:33 PM
This hack won't work for smilies. They are simply little gif files. You would have to use the .htaccess method for those.

Adding
PHP Code:
echo "test"
will break the mime type. It needs to be an image.

Follow the instructions, which will replace the image with the "broken" image, and end the script (and, it supplies the correct data for the type).

wolffenstein 08-13-2002 06:29 AM
pardon my ignorance for not even looking at the code before i posted this, but does this work with the "attachments as files" hack?

Guru 08-13-2002 11:43 PM
I don't know what that hack does, exactly, but given the name (... as files), it seems that it may not. Perhaps someone who knows more about that hack will comment?

wolffenstein 08-14-2002 02:41 AM
this description should help. click here

Rapdis 09-08-2002 09:19 PM
OK... im doing sumfing wrong, please help, i have ova 70 users linking one image, please help asap, costing me too much.

i added the code exactly,

and i am testing it at http://www.majorfm.com/testrapdis.htm

the image still shows, please explain?

I have attached my attachment.php for reference.

Rapdis 09-08-2002 09:47 PM
wen i view the page in MS Frontpage, it shows the correct image i want it replaced with, but wen uploaded, it shows the attachment! this really should be standard in VB, what a security alert and a half, this mistake cost me £155, 12 gb off excess bandwidth, so what can i do? doesnt seem to work.

Check the attachment, for what i see in frontpage.

Guru 09-08-2002 10:38 PM
I see a small red "X" You may be seeing a cached image in your browser. Try "Refresh."

SgtSling 09-10-2002 01:14 PM
ok this is working for me..
I can't see attachment images on other websites...
BUT...

All mp3 files cannot be downloaded from my domain. For some reason when you click to download it downloads the .gif

Does anyone know?

Rapdis 09-10-2002 10:42 PM
thanks guru... u were right

Ritsui 09-11-2002 03:38 PM
If you're on a win32 server, use "rb" in place of just "r" in your call to fopen. I'm sure this will be irrelevant to 99% of everyone on the planet, but since my forum has both Linux and Windows servers, I made a version that works on both:
PHP Code:
if (! strstr($checkurl"domain")) {
  // what server, Linux or Win32?
  $svr 'lin';
  if (!file_exists("/etc/fstab")) { $svr 'win';} 

  // Substitute our Logo
  header("Content-Type: image/gif"); 
  if ($svr == 'win') {
    $readflag 'rb';    // binary read flag for windows server
    $imgfile "c:\\pathto\\image.jpg";
  }
  else {
    $readflag 'r'// standard read flag
    $imgfile "/pathto/image.jpg";
  }
  $image fread(fopen($imgfile,$readflag),10000); 
  echo $image
  fclose($image);
  exit; 


Guru 09-11-2002 11:23 PM
Thanks for the addition. That's cool. I added a link to this post with a note in the original hack.

groovesalad 09-15-2002 08:34 PM
Quote:
Originally posted by DR2000
A slight variation for those who are interested:

I have a forum set up so guests wouldn't be able to see the attachments, and attachments themselves are shown right in the thread (not with a link).

So the following change in code does the following:
- all guest see an specified image instead of an attachment.
- whoever tries to link to your attachment image from the different site will not be able to show it. the replacement image is going to show up instead of whatever is in attachment for all unregged people.

Find this in attachment.php:
PHP Code:
$permissions=getpermissions($getforuminfo[forumid]);
if (!$permissions[canview] or !$permissions[cangetattachment]) {
  show_nopermission();

and replace show_nopermissions(); with this:

PHP Code:
  header("Location: [url]http://www.4adrive.com/img/attachment.jpg[/url]");
  exit; 
So here's how it should end up looking:
PHP Code:
$permissions=getpermissions($getforuminfo[forumid]);
if (!$permissions[canview] or !$permissions[cangetattachment]) {
  header("Location: [url]http://www.4adrive.com/img/attachment.jpg[/url]");
  exit;

Of course replace the url of the image to whatever you want displayed there.

I use the following image:
http://www.4adrive.com/img/attachment.jpg
How do I get this image to show up without a link?

omniweapon 09-29-2002 03:39 PM
Did anyone notice if you place this code in your avatar.php script, it'll prevent your avatars from being hotlinked too? Awesome!

omniweapon 09-30-2002 03:50 AM
O.....kay. I now have about 6 users saying they can't see the attachments or avatars absolutely anywhere. Even linked on the board. But it works fine for everyone else. I'm confused now.

Guru 09-30-2002 11:25 PM
Some of our users that use IE 6.0 have reported that problem. Are you running the latest vBulletin?

omniweapon 10-05-2002 10:05 PM
Quote:
Originally posted by Guru
Some of our users that use IE 6.0 have reported that problem. Are you running the latest vBulletin?
Yep. vBulletin 2.2.8. And it seems to be an issue with AOL users mainly.

BigCheeze 10-19-2002 03:16 PM
Seems to work perfect in 2.28! Great hack! Thanks!!

exTracT 10-19-2002 04:48 PM
I run 2.28 and Cannot seem to get this to work with trilOByte's Welcome panel hack. the code works so i cannot hotlink the avatar, but in the welcome panel it also shows my logo instead of the users avatar. any help would be awsome! thanks

// Cross-link hack by Guru 2/24/2002
// Check that we aren't linked somewhere else
$url = parse_url($HTTP_REFERER);
$checkurl = strtolower($url["host"]);
if (false === strpos($checkurl, "wpgrevscene") ||
false === strpos($checkurl, "winnipegrevscene")) {
// Remove this code if you just want to break the image
// Substitute my Logo
header("Content-Type: image/gif");
$filename = "/home/wpgrevsc/www/images/wpgrev.gif";
$image = fread(fopen($filename,"r"),100000);
echo $image;
fclose($image);
// End Substitute my Logo

exit;
}

SpeedStreet 11-16-2002 10:49 PM
Will this also work if you place it somewhere for smilies?

Where the heck would it go?

Guru 11-17-2002 03:07 AM
I have no clue for the last two questions. Anyone?

FWC 11-17-2002 04:03 AM
Quote:
Originally posted by SpeedStreet
Will this also work if you place it somewhere for smilies?

Where the heck would it go?
An .htaccess file in the smilies directory would do the trick. Something along the lines of:
Code:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://yourdomian.com.* [NC]
RewriteCond %{HTTP_REFERER} !^http://youripaddress.* [NC]
RewriteRule [^/]+.(gif|jpg)$ - [F]

Guru 11-17-2002 07:25 PM
After a brief amount of thought, of course smilies can't be protected by this code. They are individual files, served up by your host.

SpeedStreet 11-18-2002 01:26 PM
FWC,

That worked perfectly! Thanks for the help!

Does anyone know if there is a way to also protect an IIS server the same way, I don't use it for my vb server, but some of my web pages are hosted on Win2k.

FWC 11-19-2002 03:27 AM
Quote:
Originally posted by SpeedStreet
FWC,

That worked perfectly! Thanks for the help!

Does anyone know if there is a way to also protect an IIS server the same way, I don't use it for my vb server, but some of my web pages are hosted on Win2k.
You're welcome. :)

I can't help you with IIS, though. Don't know of the equivalent to mod_rewrite.

trainer 12-19-2002 04:54 PM
is there a way to put a link at the top and bottom of the attachment...

Image Found at Mysite.com

or Visit Mysite.com

as part of the attachment

350Chevy 01-11-2003 07:09 PM
http://www.ls6.com/forums/attachment.php?postid=157722

test


All times are GMT. The time now is 01:27 PM.
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01749 seconds
  • Memory Usage 1,838KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (8)bbcode_php_printable
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete