vb.org Archive
Page 8 of 13 « First 67 8 910 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.5 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=113)
-   -   Extended Signature Limits (https://vborg.vbsupport.ru/showthread.php?t=95523)

argash 11-18-2005 05:09 PM
anyone?

version2 11-18-2005 07:24 PM
When I try to upload the bitfield xml I get a "Invalid File Specified"

Oblivion Knight 11-18-2005 08:13 PM
Quote:
Originally Posted by bplinson
Really could use sme help on a query to remove the signature from all my users. Anyone have the syntax?
[sql]UPDATE p_usertextfield SET signature = '';[/sql]Replace [high]p[/high] with your table prefix. If you don't use one, remove [high]p_[/high] completely.

monktbd 11-21-2005 11:13 AM
On our site this doesnt seem to work with images stored in the DB as attachments.
It works perfect for external images within the [ img ] tags.
Everything else (counting images, text size,..) works perfect as well.

Does getimagesize return nothing for attachment images?
At least removing the @ in front of the call didnt change or show anything.

Any clues?

NineToez 11-23-2005 05:44 AM
Works awesome on my page (vB 3.5.1)!! Thanks!!

bplinson 11-23-2005 06:26 AM
Working great on www.xlforum.net . The 4600+ members were kinda freaked out for awhile but they understand the reasons behind the restrictions and are happy about them now.

EasyTarget 11-28-2005 09:10 AM
does this require allow_url_fopen to be on/enabled and/or does it support cURL?
(or does it not even use either of those the the image info?)

reason I ask is because my host has the fopen disabled.

Andreas 11-28-2005 09:11 AM
allow_url_fopen is required.

EasyTarget 11-28-2005 09:14 AM
dangit :p

any possibility of adding cURL support?

and if the fopen is disabled do I lose all functionality?

Andreas 11-28-2005 09:20 AM
No cURL support ... too lazy and not required (for me).
image checks won't work, except that it's fine

monktbd 11-28-2005 09:31 AM
Quote:
Originally Posted by monktbd
On our site this doesnt seem to work with images stored in the DB as attachments.
It works perfect for external images within the [ img ] tags.
Everything else (counting images, text size,..) works perfect as well.

Does getimagesize return nothing for attachment images?
At least removing the @ in front of the call didnt change or show anything.

Any clues?
Some more information:

It doesn't work on the test site which runs 3.5.1 in combination with VB Drupal.
It checks attachments from the live site (which is still on a 3.0.x) correctly.

Any settings in VB that i maybe missed to set?

dutchbb 11-28-2005 04:25 PM
I have the 3.5.1 bug when i try to edit usergroups

The bitfield_siglimits.XML gives me this error when I try to upload it:

"Invalid File Specified"

So had to disable this hack :(

Andreas 11-28-2005 04:53 PM
Who told you to import a bitfield XML?

dutchbb 11-28-2005 05:28 PM
someone at vbulletin

so, what to do with this?

Quote:
please use the attached bitfield XML file.

Andreas 11-28-2005 05:36 PM
Upload it to includes/xml - that's it.

dutchbb 11-28-2005 05:41 PM
perfect thank you

007 11-29-2005 12:17 AM
This doesn't seem to stop people from posting links to outside sites, even if the option is set to no for their usergroup. I'm using the latest version too with no luck. Is it working for everybody else?

Andreas 11-29-2005 05:40 AM
It should work. Did you difine which domains should be considered internal?

007 11-29-2005 06:08 AM
Yes I did, but I just realised what the problem was.

[url]google.com[*/url] still works, but not [url]www.google.com[*/url]

Neither one should work, right?

Andreas 11-29-2005 06:10 AM
What did you put as internal?

007 11-29-2005 06:12 AM
(domain).com

And the domain was not google either. :-)

[url]http://google.com[*/url] doesn't work either, which is good, but if they just enter google.com, it works and converts it to a link.

Andreas 11-29-2005 07:07 AM
Replace

PHP Code:
// Check if we have an external URL
if (!($permissions['custompermissions'] & $vbulletin->bf_ugp_custompermissions['canuseexturlsinsig']))
{
    $myparser->parse(convert_url_to_bbcode(strip_bbcode($signature)), 0); 
with
PHP Code:
// Check if we have an external URL
if (!($permissions['custompermissions'] & $vbulletin->bf_ugp_custompermissions['canuseexturlsinsig']))
{
    $myparser->parse(convert_url_to_bbcode($signature), 0); 
and check if this works.

007 11-29-2005 05:59 PM
Nice, that works. Thanks! :)

Any way to make it work for text urls too? You know, if they just type domain.com without URL tags. So people can't even mention outside domains in their sig?

Andreas 11-29-2005 07:34 PM
No. How should the script know if blah.bla is a domain?

007 11-29-2005 07:48 PM
That's a good point. Anyway, at least the outside link setting works perfectly now. Thanks for the help. This hack is extremely useful. :)

Andreas 12-10-2005 03:23 PM
Example Signautre that does fail? Which limits are set?

Andreas 12-10-2005 03:55 PM
The image is 125 (w) x 93 (h), it is used two times.

Worst case: Each image is displayed in one row, eg. total dimensions are 125 (w) x 186 (h), which is over your defined limit of 500 x 100.

Andreas 12-10-2005 04:48 PM
Yes, as you don't have any control about how images are actually being positioned/displayed both worst case scenarios are being considered - which is all images in one line, or all images in one row.

If you have a better idea, let me know :)

I thought about calculating the max. space taken, but that won't work too well, if you define 100x500 (=5000 pixel) one could use a 1x5000 iamge then ...

AWI 12-11-2005 08:00 AM
Been looking for something like this, just installed on 3.5.2 and no probs!

gonkowonko 12-14-2005 05:51 PM
i have just installed this mod and want to limit the members to only 4 lines within their signature, this works but the error message which should tell them that the max lines should be 4 or less i get this

1.Your signature can not be longer than $vboptions[maxsiglines] lines

anyone know how i can change this?? the error message for the font size reads correct just not for the max lines...

Andreas 12-14-2005 06:04 PM
Such a phrase is not being used by this Hack.

gonkowonko 12-14-2005 06:11 PM
done now had a duplicate phrase called the same thing

monktbd 12-15-2005 06:38 AM
Checking the image size for attachment from the 3.5.2 still doesn't work on the beta site.
see also :
this post and this.


getimagesize() fails for attachments.
It doesn't return anything (or more specific it won't pass the ($imginfo = getimagesize($sig) ) if condition.
It doesn't fail for attachments of the live site though (used on the beta site).
parsing of the URLs is fine, so $sig contains the correct URL for the images/attachments.

Both sites are on the same server, on different subdomains.
Has anyone any clues whether this can be a vbulletin issue (wrong settings somewhere) or a server setup problem?

EasyTarget 12-15-2005 03:27 PM
sounds like you're in my boat, your host turns off the allow_url_fopen function for security reasons and supports cURL instead.

vBulletin has said they plan on integrating cURL in the future and Andreas has said this issue doesn't effect him so he doesn't plan on supporting cURL.

Here's a message about it from my webhost. (dreamhost)
Quote:
If you are currently using this (allow_url_fopen) functionality in your PHP code, there is a more powerful and flexible option available. PHP provides excellent support for curl library and its associated functions.

One of our own users has written a short article describing how it is
used and that can be found
here:
http://blog.unitedheroes.net/archives/p/1630/

The official PHP documentation for it is here:
http://us2.php.net/manual/en/ref.curl.php

This change will significantly improve the security of PHP-based applications running on our servers

mkdevo 12-16-2005 11:11 PM
so does this not work with existing sigs, only when modifying?

Andreas 12-16-2005 11:42 PM
Quote:
This change will significantly improve the security of PHP-based applications running on our servers
That's nonsense ;)
Future PHP versions will not support the current behaviour of allow_url_fopen due to its misunderstanding by most webhosts.

EasyTarget 12-17-2005 03:37 AM
well the blog provided some good examples of how its a security risk, add how cURL has some better functions.

here's the last post
Quote:
You?re quite right that (used properly) fopen isn?t a security risk. It simply takes data and puts controls on it to allow you to perform various stream related functions, no execution required.

Where it gets complicated is not with the individual fopen call, but the method that PHP uses to implement that function. Internally PHP has some very clever routines that treat any data stream the same way. The problem is that in order to do this, all streams have to behave in the same way. This means that any stream based function has to behave according to that model.

Where this gets really ugly is the fact that internally, the operations to read a data stream for include() are fundementally the same as the operations for reading a data stream for fopen(). One is benign, the other decidedly not.

The simplest, fastest, and most effective fix is to disallow URLs from behaving like streams. While this does inconvenience clueful people who wish to use fopen() functions for urls, it also means that Joe Notanerd won?t accidentally become a proxy for a cross site scripting attack because he never secured his fpassthru() calls.

The curl functions are there pretty much to isolate the web stream functions from normal file operations, plus, they?ve got a number of features that make them more appealing than standard file operations, and that?s to be expected. The mediums are not the same.

monktbd 12-17-2005 04:06 AM
Quote:
Originally Posted by EasyTarget
sounds like you're in my boat, your host turns off the allow_url_fopen function for security reasons and supports cURL instead.

vBulletin has said they plan on integrating cURL in the future and Andreas has said this issue doesn't effect him so he doesn't plan on supporting cURL.

Here's a message about it from my webhost. (dreamhost)
Thanks but that is not the problem.

allow_url_fopen is turned on, since it works with checking attachments from a VB 3.0.x install (=the current live site) but not for checking attachments for the 3.5.2 install where the sig image limiter is running on (= the current beta site).
Both installs use the same server on different subdomains.
Unless there is a switch/option somewhere in Apache/PHP/MySql that I missed both sites run on the same configuration.

dvn 12-18-2005 02:22 AM
I'm running 3.5.0 and am having trouble with people who were outside the limits *before* the hack was installed. in which case they aren't able to edit their signatures in such a way to be within the limits. my font limit is 14, they've got 16 in their sig, they aren't allowed to change the font size, instead getting a message 'your font is too large'.

is the hack incompatible with 3.5.0?

PennylessZ28 12-22-2005 04:56 PM
bitfield.xml dont' work


All times are GMT. The time now is 09:14 PM.
Page 8 of 13 « First 67 8 910 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01388 seconds
  • Memory Usage 1,825KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (40)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete