vb.org Archive - View Single Post

#8 06-11-2001, 12:35 AM

in member.php:

find:

Code:

<?php

and insert after:

Code:

/************************************************************************
 stuff for img size
************************************************************************/
define(GIF_SIG, "\x47\x49\x46"); 
define(JPG_SIG, "\xff\xd8\xff"); 
define(PNG_SIG, "\x89\x50\x4e\x47\x0d\x0a\x1a\x0a"); 
define(JPG_SOF0, "\xc0");
define(JPG_SOF1, "\xc1");
define(JPG_SOF2, "\xc2");
define(JPG_SOF3, "\xc3"); 
define(JPG_SOF5, "\xc5");
define(JPG_SOF6, "\xc6"); 
define(JPG_SOF7, "\xc7"); 
define(JPG_SOF9, "\xc9"); 
define(JPG_SOF10, "\xca"); 
define(JPG_SOF11, "\xcb"); 
define(JPG_SOF13, "\xcd"); 
define(JPG_SOF14, "\xce"); 
define(JPG_SOF15, "\xcf"); 
define(JPG_EOI, "\xd9");
define(JPG_SOS, "\xda");
define(RD_BUF, 512); 
//***********************************************************************

find:

Code:

  // check that nothing illegal is in the signature
  $signature=censortext($signature);

and insert after:

Code:

//************************************************
// rats sig checking shizynit

   $imgcount = substr_count($signature, "<img src=");
   $sigstart = 0;
   $sigend = strlen($signature);
   $tmpsig = $signature;
   $totalsigsize = 0;

//   $signature .= "<!-- imgcount: $imgcount -->";

   for($i = 0; $i < $imgcount; $i++) {

	if(ereg("<img src=\"(.*)\"(.*)>", $tmpsig, $img)) {
	  $img[2] = substr($img[2], 0, strlen($img[2]) - 1);
//	  $signature .= CheckSigImageSizes($img[2]);
	  CheckSigImageSizes($img[2]);
	  $sigstart = strpos($tmpsig,"<img src") + strlen($img[2]);
	}

	if(ereg("<img src=(http[s]*:[/]+)([-a-z0-9_\./]*)>", $tmpsig, $img)) {
	  if(substr_count($img[2], " ") > 0) {
	    $tmp = explode(" ", $img[2]);
//	    $signature .= CheckSigImageSizes("http://".$tmp[0]);
	    CheckSigImageSizes("http://".$tmp[0]);
	    $sigstart = strpos($tmpsig, "<img src") + strlen($tmp[2]) + 7;
	  } else {		
//	    $signature .= CheckSigImageSizes("http://".$img[2]);
	    CheckSigImageSizes("http://".$img[2]);
	    $sigstart = strpos($tmpsig,"<img src") + strlen($img[2]) + 7;
	  }
	}

	$tmpsig = substr($signature, $sigstart, $sigend - $sigstart);
   }
//************************************************

and if you're feeling adventurous you can try adding

Code:

//************************************************
// remove width and height params
//strip height tags
$signature=ereg_replace("[:space:]?height=\"[0-9]+\"","",$signature);
$signature=ereg_replace("[:space:]?height=[0-9]+","",$signature);
//strip width tags
$signature=ereg_replace("[:space:]?width=\"[0-9]+\"","",$signature);
$signature=ereg_replace("[:space:]?width=[0-9]+","",$signature);
//************************************************

after the above.

then find (should be right at the bottom):

Code:

  // parse this next line with eval:
  $sendtoname=$destuserinfo[username];
  eval("standardredirect(\"".gettemplate("redirect_sentemail")."\",\"usercp.php?s=$session[sessionhash]\");");
}

and under it add:

Code:

// img size stuff
function GetURLImageSize( $urlpic ){ 
   $fd= @fopen($urlpic,"r"); 
   if($fd){  
      #read in 1k, enough for GIF,PNG. 
      #continue to read from file, if the JPG chunk exceeds this 
      $imgData = fread( $fd,RD_BUF ); 
    
      if( substr($imgData,0,3)==GIF_SIG ){  
         $dim =unpack ("v2dim",substr($imgData,6,4) ); 
         $width=$dim["dim1"]; $height=$dim["dim2"]; 
         $type = 1; 
      } elseif( substr($imgData,0,8)==PNG_SIG ){  
         $dim =unpack ("N2dim",substr($imgData,16,8) ); 
         $width=$dim["dim1"]; $height=$dim["dim2"];       
         $type = 3; 
      } elseif( substr($imgData,0,3)==JPG_SIG ){            
         ################# JPG CHUNK SCAN #################### 
         $imgPos = 2; $type = 2; $buffer = RD_BUF-2; 
         while($imgPos < strlen($imgData)) { 
            /* synchronize to the marker 0xFF */ 
            $imgPos=strpos(&$imgData,0xFF,$imgPos)+1; 
            $marker = $imgData[$imgPos]; 
            do { $marker = ord($imgData[$imgPos++]); } while ($marker == 255); 
            /* find dimensions of block */ 
            switch (chr($marker)) { 
              /* Grab width/height from SOF segment (these are acceptable chunk types) */ 
              case JPG_SOF0:  case JPG_SOF1:  case JPG_SOF2: 
              case JPG_SOF3:  case JPG_SOF5:  case JPG_SOF6: 
              case JPG_SOF7:  case JPG_SOF9:  case JPG_SOF10: 
              case JPG_SOF11: case JPG_SOF12: case JPG_SOF13: 
              case JPG_SOF14: case JPG_SOF15:      
              $dim =unpack ("n2dim",substr($imgData,$imgPos+3,4) ); 
              $height=$dim["dim1"]; $width=$dim["dim2"]; 
              break 2; //found it so exit 
            case JPG_EOI: 
            case JPG_SOS: 
              return FALSE;    /* End loop in case we find one of these markers */ 
            default:            /* We're not interested in other markers */ 
              $skiplen = (ord($imgData[$imgPos++])<<8)+ord($imgData[$imgPos++])-2; 
              /* if the skip is more than what we've read in, read more */ 
              $buffer -= $skiplen; 
              if( $buffer<512 ){ #if the buffer of data is too low,read more file. 
                  $imgData .= fread( $fd,$skiplen+1024 ); 
                  $buffer += $skiplen+1024; 
              }; 
              $imgPos += $skiplen; 
              break; 
            }; //endif check marker type 
         }; //endif loop through JPG chunks 
      }; //endif chk for valid file types 
      
      # got the pic dimensions, close the file 
      fclose ($fd); 

      return array( $width,$height,$type ); 
    } else { 
      return array( '','','' ); 
    }; //endif valid file pointer chk 
}; // end function 

function CheckSigImageSizes($imageurl) {
	global $totalsigsize;

	//change this stuff
	$max_singleimgsz = 20000;	//20k
	$max_totalimgsz = 20000;	//20k
	$max_imgwidth = 300;		//300px wide
	$max_imgheight = 200;		//200px tall

	$imginfo = GetURLImageSize( $imageurl );
	$url=parse_url($imageurl); 
	$imgPath = $url[path];
	$imgHost = $url[host]; 
	$fp = fsockopen($imgHost, 80, &$errno, &$errstr, 30); 
	if(!$fp) { 
//	   echo "ERROR: $errno: $errstr"; 
	} else { 
	   fputs($fp,"HEAD $imgPath HTTP/1.0\nHost: $imgHost\n\n"); 
	   while(!feof($fp)) { 
	      $response .= fgets($fp,128); 
	   } 
	   fclose($fp); 
	} 
	$imgSz = ereg_replace("(.*)(Content-Length: )([0-9]*)(.*)","\\3",$response); 
	if($imgSz > $max_singleimgsz) //filesize in bytes
	{
	   eval("standarderror(\"".gettemplate("error_sigsizetoobig")."\");");
	   exit;
	}
	if($imgSz + $totalsigsize > $max_totalimgsz) //filesize in bytes
	{
	   $totalsigsize += $imgSz;
	   eval("standarderror(\"".gettemplate("error_sigtotalsizetoobig")."\");");
	   exit;
	}
	if($imginfo[0] > $max_imgwidth) //width
	{
	   eval("standarderror(\"".gettemplate("error_sigdemtoobig")."\");");
	   exit;
	}
	if($imginfo[1] > $max_imgheight) //height
	{
	   eval("standarderror(\"".gettemplate("error_sigdemtoobig")."\");");
	   exit;
	}
	$totalsigsize += $imgSz;
//return "\n<!-- $imageurl ($imgSz) - $imginfo[0] x $imginfo[1] -->";
}

change the vars at the top of the CheckSigImageSizes function to define your max sizes and that takes care of the image res and filesize stuff.

as for single user sig disabling open showthread.php and find:

Code:

    if ($post[showsignature] and $allowsignatures and trim($post[signature])!="" and ($bbuserinfo[userid]==0 or $bbuserinfo[showsignatures])) {

and change it to :

Code:

    if ($post[showsignature] and $allowsignatures and trim($post[signature])!="" and ($bbuserinfo[userid]==0 or $bbuserinfo[showsignatures]) and $post[username]!="Bad Boy One" and $post[username]!="Bad Boy Two") {

as necessary.

attached txt incase this gets formatted weird :P

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01242 seconds Memory Usage 1,820KB Queries Executed 12 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (9)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_attachment (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: