The Arcive of Official vBulletin Modifications Site.

Zip Attachments · **Released**: 11-15-2005

This extension allows your users to decide if they want an attachment to be zipped up upon upload. The file(s) are zipped before VB checks the size limit. It always annoyed me when I have to post a text document and it is too big for that extension setting. Zipping a text file greatly reduces the size.

This extension should also save space in your attachments database as all new files will be compressed with the zip method.

Installation is simple:

1. Upload the zip.lib.php file to your forums directory.

2. Upload the xml file as a plugin.

3. Tiny edit to template newattachment.

4. Click Install

I will support here as I have time.

This modification is FREE of charge, but if you wish to reward me for my work, and encourage future modifications by me, please donate below:

FleaBag · #12 11-16-2005, 04:51 PM

Yeah this is nice!

puertoblack2003 · #13 11-16-2005, 05:14 PM

love it ******INSTALLED**********

Snake · #14 11-16-2005, 06:25 PM

Nice!

theArchitect · #15 11-16-2005, 08:22 PM

Quote:

Originally Posted by Jafo232

There really isn't one. Your users currently have the right to upload zip files I assume? If so, there really is no difference.

You are correct that this hack is not a security risk as most forums will allow the uploading of .zip files.

I think that OK was saying was that .zip files in general can be a security risk. Just as when you get a virus e-mail with a .zip file in it and the recipient thinks, "what is in the .zip file". They open it and hey presto a virus leaps out at them.

akanevsky · #16 11-16-2005, 10:29 PM

Where did you get this version of zip.lib.php from?

Jafo232 · #17 11-16-2005, 11:59 PM

Quote:

Originally Posted by Psionic Vision

Where did you get this version of zip.lib.php from?

http://www.weberdev.com/get_example-4066.html

akanevsky · #18 11-17-2005, 12:27 AM

Quote:

Originally Posted by Jafo232

http://www.weberdev.com/get_example-4066.html

Thanks

silurius · #19 11-17-2005, 12:44 AM

Based on what I am reading in this thread, my assumption is that this hack does not actually look at the file types being uploaded prior to zipping them up into an archive? Even if this is true it's still a great hack.

I still think some overview of general .zip security considerations may be in order, even if this particular hack doesn't fundamentally alter anything.

Jafo232 · #20 11-17-2005, 04:39 AM

Quote:

Originally Posted by silurius

Based on what I am reading in this thread, my assumption is that this hack does not actually look at the file types being uploaded prior to zipping them up into an archive? Even if this is true it's still a great hack.

I still think some overview of general .zip security considerations may be in order, even if this particular hack doesn't fundamentally alter anything.

That may be the case, but unless your unzip utility is a trojan, unzipping files will not cause you to be infected.

If you already allow the zip extension, then this extension is for you, otherwise, wait until I release the version that scans files for virii..

Jafo232 · #21 11-17-2005, 04:43 AM

Quote:

Originally Posted by silurius

Based on what I am reading in this thread, my assumption is that this hack does not actually look at the file types being uploaded prior to zipping them up into an archive?

The unmodified version of XB does not check file types IN a zip file, but yet accepts them.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.07029 seconds Memory Usage 2,305KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (5)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (6)navbar_link (120)option (1)pagenav (1)pagenav_curpage (2)pagenav_pagelink (11)post_thanks_box (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (11)post_thanks_postbit_info (10)postbit (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!