Active Link Security

I am no longer giving support for this hack. Use this hack: https://vborg.vbsupport.ru/showthread.php?t=95753 instead. You can take my redirector page and use it though.

Thanks to TC from ElAntro.cl for the PHP code.

Active Link Security 5.2

This hack will allow you to have active links on your forum but with security knowing the place were you are linking to wont know were you users came from. IE. If you click on a link in a post on your web site, the web site you go to will not know were you came from.

Time: < 30 seconds

Files to upload: 1


For vb 3.0.x version: https://vborg.vbsupport.ru/showthread.php?t=70684


No screenshots needed. Also, please click ?install? if you use.

[Valter]

Hi Abe1

If we have "+" inside url it will be changed to " " (space).

For example if link is:
"http://somesite.com/something+something"
redirection page will show "redirecting to
http://somesite.com/something something"
and usually you'll get "404" error.

Do you know why this is happening?


Thanks

[Abe1]

Quote:

Originally Posted by Cybernetec

Hi Abe1

If we have "+" inside url it will be changed to " " (space).

For example if link is:
"http://somesite.com/something+something"
redirection page will show "redirecting to
http://somesite.com/something something"
and usually you'll get "404" error.

Do you know why this is happening?


Thanks

it doesn't work with spaces. I will try to see what I can do. I never realy tried to work on the hack.

[CMX_CMGSCCC]

There's a bug too when you "quick edit" a post, it puts redirector.php inside the URL twice.

-CMX

[RMS-Chef]

Quote:

Originally Posted by CMX_CMGSCCC

There's a bug too when you "quick edit" a post, it puts redirector.php inside the URL twice.
-CMX

...and a 3rd, 4th, 5th...adding it again each time you edit.
I have this issue too. Here is what is happening to me.
Currently running RC3.

Created a thread/post with the text http://www.vbulletin.org

*Submit and works fine with the actual parsed link being: http://www.mysite.com/redirector.php....vbulletin.org

*I then click "EDIT" and add some new text "Edit 1" and click save. Oddly enough, the parsed link is still OK and linking to:
http://www.mysite.com/redirector.php....vbulletin.org

*Click EDIT again and add some more text, "Edit 2" and click save. Now the parsed link is linking to:
http://www.mysite.com/redirector.php....vbulletin.org

*Click EDIT again, add "Edit 3" and click save. Now linking to:
http://www.mysite.com/redirector.php....vbulletin.org

So after the second edit it is adding the extra stuff again and again on each new edit. This also happens the same exact way when I click EDIT, then immediately click GO ADVANCED.

EDIT:
This is not a Quick Edit bug.
This issue seems to be related to the WYSIWYG editor only.
I don't have the above issues if I change to Standard or Basic editors.

[havefun]

i use it with vb code:
(so i only needed redirector.php) THX

tag: ano
code: <div class="smallfont" style="color: red;">Anonymer Link:</div><a title="Anonymer Link" href="http://www.YourUrl.de/redirector.php?url=http://{param}" target="_blank">{param}</a>
{option}: no

example: [ano]www.vbulletin.org[/ano]

=:
Externer Link:
www.vbulletin.org

i modified redirector.php for me (xhtml..):

PHP Code:

<?
foreach ($_GET as $key => $value) {
    $site .= $key."=".$value."&";
}
$site = substr($site, 4, -1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>
<title>Re-directing...</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<meta http-equiv="refresh" content="0; URL=<? echo $site; ?>" />

</head>
<body>

<table cellpadding="0" cellspacing="0" border="0" width="70%" align="center">
<tr>
    <td align="center">
    <div>
        <blockquote>
            <p>&nbsp;</p>
            <p><strong>You are being re-directed to:</strong></p>
            <p><b><i> <? echo $site; ?></i></b></p>
            <div>&nbsp;</div>
        </blockquote>
            
    </div>
    </td>
</tr>
</table>

</body>
</html>

[jugo]

Quote:

Originally Posted by Catlover

Hi, Abe1. I want to ask you to make if you have any chance and time something with this nice product.
For example, if we post link like a anotherdomain.com, vbulletin generates link like a http://forumdomain.com/redirect.php?query=http://anotherdomain.com - That's right, very good, but if you have any ideas how to make something like this: I post link on forumdomain.com and vbulletin don't convert it into redirect.php?query..., so, i can post links on forum's threads without redirect script.

Thank you in advance.

Quote:

Originally Posted by Abe1

Sorry, no way right now.

I fixed mine....

in your plugin manager find:

Active Link Security Hack in bbcode_parse_complete

then replace:

Code:

$text = str_replace('href="http', 'href="redirector.php?url=http', $text);
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);

with:

Code:

if (!eregi('yourdomain.com', $text)) {
$text = str_replace('href="http', 'href="redirector.php?url=http', $text);
}
if (!eregi('yourdomain.com', $parsedtext)) {
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
}

SAVE IT

then find:

in your plugin manager find:

Active Link Security Hack in bbcode_parse_start

then replace:

Code:

$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);

with:

Code:

if (!eregi('yourdomain.com', $parsedtext)) {
$parsedtext = str_replace('href="http', 'href="redirector.php?url=http', $parsedtext);
}

SAVE IT

Done....I tested this and it works...except if the post contains a link in your site...because once it finds your domain name in the post or parsed text it will not run the plugin....sooooooooooooo if anyone can figure that part out...it would be hella cool.

But this worked for me at www.ejuan.com so i figured, i'd share.

[JohnBee]

same trouble here. Links don't resolve properly. "uninstall" sigh...

[Catlover]

Jugo, thank you. I have already resolve this trouble.

[RMS-Chef]

Quote:

Originally Posted by JohnBee

same trouble here. Links don't resolve properly. "uninstall" sigh...

They will if you disable Enhanced WYSIWYG controls.
Right now it's a toss up until Abe or someone else can fix the issue.

Also, this works well with EI and FF by default browser settings but Opera has an option like "Log Referers" that is enabled by default that still passes on referer information.

[CMX_CMGSCCC]

Here's what I'm testing on my forums right now and it seems to be ok with Editing the post with the WYSIWYG controls.

hook: bbcode_parse_start

Code:

$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);

hook: bbcode_parse_complete

Code:

$URLSearch = array("/href\=\"http:\/\/redirector.php\?url\=([a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/", "/href\=\"(http:\/\/[a-zA-Z0-9\.\/\=\?\,\&\:\;]*)\"/");
$URLReplace = array("href=\"redirector.php?url=$1\"", "href=\"redirector.php?url=$1\"");
$text = preg_replace($URLSearch, $URLReplace, $text);
$parsedtext = preg_replace($URLSearch, $URLReplace, $parsedtext);

It should cover url's with characters ./,/=&;:?

If you need more characters, just add them to the $URLSearch = line somewhere inside the [a-zA-Z part of the regular expression, probably after one of the \= for example.

-CMX