Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
IMG and URL security Details »»
IMG and URL security
Version: 1.00, by bosal bosal is offline
Developer Last Online: Sep 2015 Show Printable Version Email this Page

Category: Forum Display Enhancements - Version: 3.6.7 Rating:
Released: 02-21-2007 Last Update: Never Installs: 5
Code Changes  
No support by the author.

This is a so called "hack". I wanted that my users with IE web browser don't get "IE explit" in IMG tags.

My problem was bigger, becouse I couldn't disable IMG tags, and teach users to use FF.

This hack is just a little file integrated addon. It works to IMG tags, and URL tags just fine.

Install

So, backup file: yoursite.com/forum/includes/class_bbcode.php. When you have a safty cope, you can begin with editing the file.

In class_bbcode.php find:

URL hack

Code:
	* Handles a [url] tag. Creates a link to another web page.
then scroll down till you see:
Code:
		// remove double spaces -- fixes issues with wordwrap
		$rightlink = str_replace('  ', '', $rightlink);

		// standard URL hyperlink
		return "<a href=\"$rightlink\" target=\"_blank\">$text</a>";
now you must replce the this code with:

Code:
		// remove double spaces -- fixes issues with wordwrap
		$rightlink = str_replace('  ', '', $rightlink);

		// URL hack
		if ( preg_match("#^http://([a-z0-9\-_\.]*)goodsite\.com/?(/(.*))?$#i" ,"$rightlink") 		){
		return "<a href=\"$rightlink\" target=\"_blank\">$text</a>"; 
		}
		else if ( preg_match("#^http://([a-z0-9\-_\.]*)goodsite2\.com/?(/(.*))?$#i" ,"$rightlink") ){
		return "<a href=\"$rightlink\" target=\"_blank\">$text</a>"; 
		else {
		return "<a href=\"$rightlink\" target=\"_blank\">$text</a> <strong>[Warning, this link can be a Virus link]</strong>"; 
}
Just replace the goodsite\.com with the site you know it's secure. Eg. yoursite

What it do ?

When posting, an URL like: goodsite.com it shows like http://goodsite.com
It works on: enything.etc.goodsite.com/enything, in all ways.
When you post a site like: hacksite.com it shows like http://hacksite.com [Warning, this link can be a Virus link]

Ok the second part is with a IMG tag, it's the same way. When you post a secure Image the image just shows, but when you post a Image, that isn't in the if () else () script, it shows only a link and a warning. I show this example with imageshac.us that is secure to me

IMG hack

In the same file find:
Code:
	* Handles a match of the [img] tag that will be displayed as an actual image.
Scroll down, and select:
Code:
		// remove double spaces -- fixes issues with wordwrap
		$link = str_replace('  ', '', $link);

		return '<img src="' .  $link . '" border="0" alt="" />';
replace it with:

Code:
		// remove double spaces -- fixes issues with wordwrap
		$link = str_replace('  ', '', $link);
		if ( preg_match("#^http://([a-z0-9\-_\.]*)imageshack\.us/?(/(.*))?$#i" ,"$link") ){
		return '<img src="' .  $link . '" border="0" alt="" />';
		}
		else if ( preg_match("#^http://([a-z0-9\-_\.]*)photobucket\.com/?(/(.*))?$#i" ,"$link") ){
		return '<img src="' .  $link . '" border="0" alt="" />';
		}
		else {
		return "<a href=\"$link\" target=\"_blank\">$link</a> <strong>[Warning, this link can be a Virus link]</strong>"; 
		}

Thats all, comments plax :P

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #12  
Old 02-24-2007, 03:46 PM
Zia's Avatar
Zia Zia is offline
 
Join Date: Dec 2005
Location: golpo.net
Posts: 931
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

interesting idea..
but there might be a need to add multiple trusted site or good site..
like with imageshack ,photobucket or more others.
every time need to edit the template ? lengthy
Reply With Quote
  #13  
Old 02-24-2007, 06:27 PM
bosal's Avatar
bosal bosal is offline
 
Join Date: Feb 2005
Location: Poland
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

yep maybe when i have some time I make this like a plugin
Reply With Quote
  #14  
Old 02-25-2007, 03:04 AM
Zia's Avatar
Zia Zia is offline
 
Join Date: Dec 2005
Location: golpo.net
Posts: 931
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

:P when u will have some time ?
Reply With Quote
  #15  
Old 02-25-2007, 11:39 AM
bosal's Avatar
bosal bosal is offline
 
Join Date: Feb 2005
Location: Poland
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't know
Reply With Quote
  #16  
Old 12-29-2007, 02:20 PM
masoud_sun masoud_sun is offline
 
Join Date: Nov 2007
Location: I R A N
Posts: 10
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice! Thanks!

Good
Reply With Quote
  #17  
Old 05-31-2012, 01:06 PM
bulbasnore bulbasnore is offline
 
Join Date: Dec 2004
Posts: 95
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Wanted to say, we use this to restrict images to our gallery, which is moderated.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:15 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.11202 seconds
  • Memory Usage 2,265KB
  • Queries Executed 21 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (6)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (6)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete