Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Details »»

Version: , by dabean dabean is offline
Developer Last Online: Dec 2003 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 09-19-2001 Last Update: Never Installs: 33
 
No support by the author.

Signature Image Management System (file based)

Updated: 27 June 2002, 12:22 AM BST

This hack allows users to upload a image or images that they can then use as part of the thier signature. All uploaded images are private to the user that uploaded them.

The hack requires that you have PHP 4.1.0 or newer for the upload functions to work correctly. PHP 4.0.6 can be used with modifications (not recommended).

The scripts can if enabled also prevent users from externally linking to the images they uploaded, please note this is done by HTTP_REFERER checking not all http servers or browsers support this however is more widely supported than Apache's mod_rewrite. Should you wish to stop deep linking then upload a image called badcontent.gif to your forums directory.

Further more instructions are provided in how to get this hack to work if you are using vBulletin's standard sig editor or a advanced sig editor hack.

Version 2.0 Updates
- remote storage support
- sig.php nolonger appears in online.php
- special [sig] vB code is used instead of [img] tags

Version 1.3 Updates
- fixed display bug
- added removal script to main package
- added test template set


Version 1.11 Updates
- Image width & height checking
- Extension checking
- More useful error messages
- Added a missing function

Current Version 1.3
Released 20th sept 2001

Requirements:
- vBulletin 2.0.3
- PHP 4.0.3+ (this hack has not been tested on PHP 3.0.17, it may or may not work)

Optional:
- HTTP Server that supports HTTP_REFERER, (Apache 1.2+, IIS 4+)
- badcontent.gif in your forum directory


Screenshots can be found in the zip file.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #92  
Old 05-22-2002, 12:39 AM
ixian's Avatar
ixian ixian is offline
 
Join Date: Oct 2001
Location: Denver, CO
Posts: 189
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Aha. Forgot about enabling dynamic URL's in img tags. That did the trick.

Still looking through the templates trying to find where to add the $bburl so that when a user clicks the image they get the full url to sig.php, not just sig.php.
Reply With Quote
  #93  
Old 05-22-2002, 02:25 AM
ixian's Avatar
ixian ixian is offline
 
Join Date: Oct 2001
Location: Denver, CO
Posts: 189
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok, I now have this GREAT hack working in 2.2.5. I seriously recommend more of you check it out - my members are going insane over it

First, thank you Dabean for a great hack. The following are some general instructions for readers of this thread, and a couple minor changes which I hope you will update in your file download.

Second, here's what I got to work:

Now displays correctly in 2.2.5

img tag safety is working

When a user clicks on the image, the correct path gets inserted (suprised no one caught this yet).

Works even with php safe mode.

First things first, if you are running in safe mode, make sure vb is set to that in the control panel options (duh). Create a directory on your server, preferably OUTSIDE your web root so it's not directly accesable (I used the main directory right above root). Chmod this directory 777. Now enter the full path to it (local path, not http obviously) in your safe mode options. Even though this hack uploads the images to another directory, you still need a safe mode directory where vb will temporaraly store it before it moves it to the correct one. Trust me on this.

Next, make sure that in addition to bbcode img tags being enabled on your forums, and set to display in your profile (it defaults to ON, but you never know) you turn Dynamic URL's ON. They aren't by default and a lot of people in this thread missed that.

Next, do NOT make the changes suggested earlier in this thread to functions.php! Very important. In a nutshell, starting with 2.2.3 the vb team implimented checks so that only ? or & characters can be used with dynamic URL's, and only if they come from http or https. Problem is, that broke the display part of sig.php - it would only show a link to the image, not the image. The changes suggested earlier got around this, at the expense of security. If you make them, it's possible (I tested) to link to a file on your own server if the person knows the path (getting that is easier than you think - I can't believe the amount of people who still have "display errors" on in their php ini. With that, everytime a script errors on your web server everyone who sees the error will see the full path on your server to the erroring script). THE SAFETY CHECKS DONE IN 2.2.3 AND 2.2.4 that prevented dynamic url's from completly working WERE FIXED IN 2.2.5. So leave functions.php as it is! With 2.2.5 you can use dynamic url's in images (required for this hack) without worrying about some numbnuts trying to execute commands on your server.

Make sure the directory you specify for images (don't use the one you use for safe mode) is chmod to 755, or 777 depending on your server. I also highly recommend putting this directory outside of your web-root as well. If you don't, someone feeling clever could possibly discover the file name sigedit.php gives to their uploaded image. They could then link directly to the image, bypassing, for example, the http_referrer checks (it will also bypass sig.php, if you have mod_rewrite setup to deny hot-linking that way). Putting it outside of your web root in a directory sig.php can read from will effectively stop anyone from having any chance of hot-linking. Of course, if you DO want to serve out images, then don't do this

Now, you need to make a minor change to your _editsignature template that was added when you first installed the sig. Find:

Code:
document.vbform.message.value += "[img]sig.php?imageid="+sigtext+"[/img]"
and change it to:

Code:
document.vbform.message.value += "[img]$bburl/sig.php?imageid="+sigtext+"[/img]"
This assumes you have sig.php located in your forums root directory. If not, you can add the correct subdirectory after $bburl or put the entire static path in there, i.e. http://www.yourhost.com/forums/sig.php? etc.

This fixes the error where a user clicks on the image they just uploaded to add it to their sig - before, it would add [ img ]sig.php?imageid="1"[ img ] , which of course isn't a valid link

Anyway, like I said I have it working just fine with 2.2.5 and my members love it. Thanks again for a great hack.
Reply With Quote
  #94  
Old 06-07-2002, 02:48 AM
sub's Avatar
sub sub is offline
 
Join Date: Apr 2002
Location: Va.
Posts: 23
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

argh! I installed this hack about a month ago, worked like a charm from the get go. But I moved to a new server last week and ever since then I cannot get it to work. This is the error i get:

Warning: Unable to create '/var/www/html/memberspics/uid2iid40.jpg': No such file or directory in /home/virtual/site1/fst/var/www/html/forum/simage.php on line 106

Warning: Unable to move '/tmp/php6oTYq3' to '/var/www/html/memberspics/uid2iid40.jpg' in /home/virtual/site1/fst/var/www/html/forum/simage.php on line 106

pls help? Thanks!
Reply With Quote
  #95  
Old 06-08-2002, 03:12 PM
sub's Avatar
sub sub is offline
 
Join Date: Apr 2002
Location: Va.
Posts: 23
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Scratch that last post, I fixed it. :alien:

Something was wrong with the directory, even when set to CHMOD 777 I still cannot write to it. So deleted that directory and created another, ever since then it works. Thanks!!
Reply With Quote
  #96  
Old 06-12-2002, 02:45 PM
sub's Avatar
sub sub is offline
 
Join Date: Apr 2002
Location: Va.
Posts: 23
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by dabean


2.2.3, is the last release of vB this hack is supported and tested on, however I see no reason why it won't work with 2.2.5 as is.
I believe I?ve found a bug (for 2.2.5), I've been getting reports from my members that some images gets the "X" red box, at first I thought they were smoking some really good stuff as I see an image. Anyhow, past couple days ago I started to notice the "X" red box too so I confirmed with some other members that it's a phenomenon but then certain other members can see the image. I looked into it but cannot find the explanation why it would do such a cruel obsession to tease me. Thanks kindly!
Reply With Quote
  #97  
Old 06-15-2002, 12:47 AM
dabean dabean is offline
 
Join Date: Oct 2001
Posts: 247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by sub


I believe I?ve found a bug (for 2.2.5), I've been getting reports from my members that some images gets the "X" red box, at first I thought they were smoking some really good stuff as I see an image. Anyhow, past couple days ago I started to notice the "X" red box too so I confirmed with some other members that it's a phenomenon but then certain other members can see the image. I looked into it but cannot find the explanation why it would do such a cruel obsession to tease me. Thanks kindly!
Posts 72 to 76 cover known problems on vB 2.2.4 onwards. Post 92 has a nice explaination of why the work around is bad.

It is for that reason that 2.2.3+ are not supported by this hack as it exists currently.
Reply With Quote
  #98  
Old 06-20-2002, 08:18 PM
xug xug is offline
 
Join Date: Oct 2001
Location: The Grand Strand, SC
Posts: 339
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Mutt
I love this hack, but hate how it screws up the who's online page. If a thread has a sig image in it, any member viewing that thread shows up with thier location being the sig script instead of that thread. Any fix???
I'll second this.

My online page shows only links to the sig.php !!

Is there a fix??? Or could somebody make a fix??

Please help us and many others who have this problem.
Reply With Quote
  #99  
Old 06-20-2002, 10:09 PM
dabean dabean is offline
 
Join Date: Oct 2001
Posts: 247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by xug


I'll second this.

My online page shows only links to the sig.php !!

Is there a fix??? Or could somebody make a fix??

Please help us and many others who have this problem.
you need to change sessions.php
find
PHP Code:
if ($templateversion '2.0.1') { // Use location!
    
$location1 ",location='" addslashes($scriptpath) . "'";
    
$location2 ",location";
    
$location3 ",'" addslashes($scriptpath) . "'"
change it to
PHP Code:
if ($templateversion '2.0.1') { // Use location!
  // location fix.
  
if (($updatelocation==True) or (!isset($updatelocation))) {
    
$location1 ",location='" addslashes($scriptpath) . "'";
    
$location2 ",location";
    
$location3 ",'" addslashes($scriptpath) . "'";
  } else {
    
$location1 '';
    
$location2 '';
    
$location3 '';
  } 
then open up sig.php and

change
PHP Code:
$noheader=1
to
PHP Code:
$noheader=1;
// fix session location
$updatelocation=false
Reply With Quote
  #100  
Old 06-24-2002, 12:30 AM
xug xug is offline
 
Join Date: Oct 2001
Location: The Grand Strand, SC
Posts: 339
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by dabean


you need to change sessions.php
find
PHP Code:
if ($templateversion '2.0.1') { // Use location!
    
$location1 ",location='" addslashes($scriptpath) . "'";
    
$location2 ",location";
    
$location3 ",'" addslashes($scriptpath) . "'"
change it to
PHP Code:
if ($templateversion '2.0.1') { // Use location!
  // location fix.
  
if (($updatelocation==True) or (!isset($updatelocation))) {
    
$location1 ",location='" addslashes($scriptpath) . "'";
    
$location2 ",location";
    
$location3 ",'" addslashes($scriptpath) . "'";
  } else {
    
$location1 '';
    
$location2 '';
    
$location3 '';
  } 
then open up sig.php and

change
PHP Code:
$noheader=1
to
PHP Code:
$noheader=1;
// fix session location
$updatelocation=false
I was talking about online.php (or is this to solve that problem?)
Reply With Quote
  #101  
Old 06-24-2002, 12:39 AM
dabean dabean is offline
 
Join Date: Oct 2001
Posts: 247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by xug


I was talking about online.php
The suggested changes solve the cause of the problem.

The last location is stored in the session table in the "location" field to stop sig.php from appearing you NEED to stop the location field from being updated to contain it, the proposed modification above does just that.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:11 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04841 seconds
  • Memory Usage 2,351KB
  • Queries Executed 27 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (8)bbcode_php
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete