Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Member Archives
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
[PHP] and [CODE] tags parsing Details »»
[PHP] and [CODE] tags parsing
Version: , by Till Till is offline
Developer Last Online: Aug 2007 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 06-12-2002 Last Update: Never Installs: 0
 
No support by the author.

Hi,

one of my staff members posted on vbulletin.com's support forums asking about why vB puts a space in certain code when displayed inside the code/php-vB-tags.

For example:
Code:
<a href="javascript:window.open(...);">Link</a>
Since they said it was put there by design (hehe, "It's not a bug, it's a feature!"), I was wondering if someone on here could explain how someone could possibly exploit that.

Never heard of anything like that.

Is there a hack to get the code parsed the more "correct" way?

Till

P.S.
If anyone is interested in the thread:
http://www.vbulletin.com/forum/showt...threadid=48055

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 06-12-2002, 02:17 PM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is by design, not a bug.

To remove this protection, open /admin/functions.php and delete this code:
Code:
          "/javascript:/si",
(appears twice)
And also remove this code:
Code:
          "java script:",
(appears twice as well)
Reply With Quote
  #3  
Old 06-12-2002, 04:36 PM
Till Till is offline
 
Join Date: May 2002
Posts: 51
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by FireFly
This is by design, not a bug.

To remove this protection, open /admin/functions.php and delete this code:
Code:
          "/javascript:/si",
(appears twice)
And also remove this code:
Code:
          "java script:",
(appears twice as well)
Thanks for your help.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:01 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06158 seconds
  • Memory Usage 2,208KB
  • Queries Executed 16 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (3)post_thanks_box
  • (3)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit_info
  • (2)postbit
  • (3)postbit_onlinestatus
  • (3)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete