posting image in guestbook
Asked Modified Viewed 8,126 times
asked
hi,
first of all i'm very sorry if this is not the right place for this, and sorry if you think this thread subject is misleading (english not my native language).
btw, today some one had posted new entry in my guestbook (i use the official guestbook infusion), the message contain fairly big image which said "Hacked By WolfKid". why is it possible? i was under the impression that the guestbook wont accept HTML tag.
any way this is the backup of so called "hacked" guestbook http://www.mirr0r.org/deface_mirror/?.../?id=21178, i found that link from my webstats :D
this is my guestbook http://donnie.110mb.com/infusions/guestbook/guestbook.php, i've deleted the message and ban the IP.
first of all i'm very sorry if this is not the right place for this, and sorry if you think this thread subject is misleading (english not my native language).
btw, today some one had posted new entry in my guestbook (i use the official guestbook infusion), the message contain fairly big image which said "Hacked By WolfKid". why is it possible? i was under the impression that the guestbook wont accept HTML tag.
any way this is the backup of so called "hacked" guestbook http://www.mirr0r.org/deface_mirror/?.../?id=21178, i found that link from my webstats :D
this is my guestbook http://donnie.110mb.com/infusions/guestbook/guestbook.php, i've deleted the message and ban the IP.
Falk
Falk 146
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct
(¯·._.·(¯°·._.·°º*[ Project Manager ]*º°·._.·°¯)·._.·¯)
- Super Admin, joined since
- Contributed 6,201 posts on the community forums.
- Started 639 threads in the forums
- Answered 12 questions
Its just some idiot trying to scare you, used img bbcode, ignore it.
answered
ah.. the bbcode, that didn't crossed my mind :D
thanks for the fast reply.
btw i'm not worried, because that idiot leave his ip address which turn out to be his DSL modem which (luckily for me) is manageable from web which (luckily for me again) still use it's vendor default password :D
thanks for the fast reply.
btw i'm not worried, because that idiot leave his ip address which turn out to be his DSL modem which (luckily for me) is manageable from web which (luckily for me again) still use it's vendor default password :D
answered
now a different IP posting disgusting image in my guestbook. it become very annoying. how can i disable this bbcode thingy?
I'm sure this can be solved in an other and maybe also easier way, but here is what I did:
The guestbook /infusions/guestbook/guestbook.php use the maincore.php to get the bbcode to work. Maincore.php that is located in root contains, among lots of other things, the [img] and [url] tags that are also used in the forum, shoutbox, etc. So because of this I didn't touch maincore.php that lies in root.
1) But I made a copy of maincore.php and placed the copy of it in the /infusions/guestbook/ folder where you also find guestbook.php , etc.
In the maincore.php copy I then commented out (//) the [img] and [url] tags. I like to comment out because I can then turn if off later if I want, and I can also later see what I have done.
So I changed the copy of maincore.php as follows:
2) Then you just need to tell /infusions/guestbook/guestbook.php that it can not use the maincore.php in root but instead the copy that lies in /infusions/guestbook/
So I changed /infusions/guestbook/guestbook.php like this:
First I commented out like this:
and right after I added this:
I hope you understand all this :)
The guestbook /infusions/guestbook/guestbook.php use the maincore.php to get the bbcode to work. Maincore.php that is located in root contains, among lots of other things, the [img] and [url] tags that are also used in the forum, shoutbox, etc. So because of this I didn't touch maincore.php that lies in root.
1) But I made a copy of maincore.php and placed the copy of it in the /infusions/guestbook/ folder where you also find guestbook.php , etc.
In the maincore.php copy I then commented out (//) the [img] and [url] tags. I like to comment out because I can then turn if off later if I want, and I can also later see what I have done.
So I changed the copy of maincore.php as follows:
Code Download source
[color=red]//[/color]$text = preg_replace('#\[url\]([\r\n]*)(http://|ftp://|https://|ftps://)([^\s\'\";\+]*?)([\r\n]*)\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\2\3</a>', $text);
[color=red]//[/color]$text = preg_replace('#\[url\]([\r\n]*)([^\s\'\";\+]*?)([\r\n]*)\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\2</a>', $text);
[color=red]//[/color]$text = preg_replace('#\[url=([\r\n]*)(http://|ftp://|https://|ftps://)([^\s\'\";\+]*?)\](.*?)([\r\n]*)\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\4</a>', $text);
[color=red]//[/color]$text = preg_replace('#\[url=([\r\n]*)([^\s\'\";\+]*?)\](.*?)([\r\n]*)\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\3</a>', $text);Code Download source
[color=red]//[/color]$text = preg_replace("#\[img\]((http|ftp|https|ftps)://)(.*?)(\.(jpg|jpeg|gif|png|JPG|JPEG|GIF|PNG))\[/img\]#sie","'<img src=\'\\1'.str_replace(array('.php','?','&','='),'','\\3').'\\4\' style=\'border:0px\'>'",$text);2) Then you just need to tell /infusions/guestbook/guestbook.php that it can not use the maincore.php in root but instead the copy that lies in /infusions/guestbook/
So I changed /infusions/guestbook/guestbook.php like this:
First I commented out like this:
Code Download source
[color=red]//[/color]require_once "../../maincore.php";and right after I added this:
Code Download source
require_once "maincore.php";I hope you understand all this :)
answered
hi,
thanks for your reply. i've followed your suggestion and it works. thanks :)
btw i also commented out this line:
which i think a bbcode for embending swf file ??? i hope i'm right.
thanks for your reply. i've followed your suggestion and it works. thanks :)
btw i also commented out this line:
Code Download source
$text = preg_replace('#\[flash width=([0-9]*?) height=([0-9]*?)\]([^\s\'\";:\+]*?)(\.swf)\[/flash\]#si', '<object classid=\'clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\' codebase=\'http://active.macromedia.com/flash6/cabs/swflash.cab#version=6,0,0,0\' id=\'\3\4\' width=\'\1\' height=\'\2\'><param name=movie value=\'\3\4\'><param name=\'quality\' value=\'high\'><param name=\'bgcolor\' value=\'#ffffff\'><embed src=\'\3\4\' quality=\'high\' bgcolor=\'#ffffff\' width=\'\1\' height=\'\2\' type=\'application/x-shockwave-flash\' pluginspage=\'http://www.macromedia.com/go/getflashplayer\'></embed></object>', $text);which i think a bbcode for embending swf file ??? i hope i'm right.
Stupid "hackers" dont know how to make a .swf file so I didn't bother to comment out that line. - Just kidding :D:D. Sounds like a good idea to also comment that line out. Thanks :)
Category Forum
Bugs and Errors - 6Labels
None yet
Statistics
- Views 0 views
- Posts 6 posts
- Votes 0 votes
- Topic users 3 members
0 participants
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions