Signature Control Hack:
Status: VERY hacky, requires manual editing of code
Purpose: If you have ever had a user decide to upload a 1.5MB image into their sig, you know exactly what I am talking about here. If you have ever had someone upload a sig image more than 800 pixels wide, you know what I am talking about. This hack regulates and controls signatures, forcing the users to play nice.
Restrictions: Will be marked in bold.
File:
http://felocity.org/files/MOD_XOOPS2_edituser.php_SigController.zip (6,042 bytes)
$user_sig = substr($user_sig,0,500);This sets the maximum sig length (including tags) to 500 characters
if (count($temp_sig_array) > 2) {We split the sig on the IMG tag, and there should only be one open img tag
if (count($temp_sig_array) > 1) {This is used only if there is an image (1 img tag) and helps us isolate the image's URL
$localfile = 'XOOPS DIRECTORY/uploads/'.$xoopsUser->getVar('uid').'-'.$time.'-'.basename($filename);This is where your file is stored locally. It is used for the reading function.
while (!feof($fd) && $bytecount < 75001) {Read 1 more byte than your maximum allowed size (this way we can test file size)
if (filesize($localfile) <= 75000)Test if the locally stored image is greater than the alotted size.
if ( $sigimgwidth > 650 || $sigimgheight > 300 )Test the image dimensions of the local file to make sure it complies.
It isn't as confusing as it sounds. Maybe someone can come back and clean it up a bit. This was written in a hurry to address a serious need. Ideally, I would like to write this a bit cleaner into the core as a set of user options, but that will come with time.
Cheers and happy hacking!
Manual Update
(insert) line 79 in edituser.php
[color=009900][font=Courier]
// MOD RJH 05-12-2004
// we do some special things to our sig field here
// not only do we truncate at 500 characters, but we
// only allow 1 image tag
// explode on every opening image tag
[b]$user_sig = substr($user_sig,0,500);[/b]
$temp_sig_array = explode("[img]",$user_sig);
// temp sig array had better only have 2 parts...
// else they put a second img tag in there
[b]if (count($temp_sig_array) > 2) {[/b]
$errors[] = "Only one IMG tag is allowed in the sig";
}
@unlink($temp_sig_array);
// only bother to look for size checking stuff if there
// are no errors yet. (prevents overloading)
if (count($errors) == 0) {
$temp_sig_array = explode("[img]",$user_sig);
[b]if (count($temp_sig_array) > 1) {[/b]
$temp_img_location_arr = explode("[/img]",$temp_sig_array[1]);
$filename = $temp_img_location_arr[0];
// Get remote avatar size [R. 17.04.2002]
// Download the file
$retvar="NULL";
$time = time();
$localfile = '[b]XOOPS DIRECTORY[/b]/uploads/'.$xoopsUser->getVar('uid').'-'.$time.'-'.basename($filename);
$fd = @fopen($filename,"rb");
if ($fd)
{
/* This is the tricky part:
The filesize() function does not work on a remote file system.
This means we need to download the file to local storage before we
can check filesize. As it is quite possible that some weirdos may
specify a remote file with a filesize bigger than 200 megabytes,
we do not want to download the entire file. If we can read just 1
byte more than allowed, it's simply too big.
*/
clearstatcache();
$imgdata = '';
$bytecount = 0;
[b]while (!feof($fd) && $bytecount < 75001) {[/b]
$imgdata .= fread($fd, 1024);
$bytecount = $bytecount + 1024;
}
// $imgdata = fread($fd, 75001);
// echo $imgdata;
$fl = @fopen($localfile,"wb");
if ($fl)
{
$fp=@fwrite($fl,$imgdata);
@fclose($fl);
if ($fp != -1)
{
[b]if (filesize($localfile) <= 75000)[/b]
{
$retvar = $localfile; // Filesize within size limits
// echo filesize($localfile).'
'.$localfile.'
'.$filename;
// exit;
}
else
{
$retvar = 'SIZE'; // File is too big
}
}
else
{
@unlink($localfile);
message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__);
}
}
else
{
@unlink($localfile);
message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__);
}
fclose($fd);
}
$tmp_filename=$retvar;
// echo $temp_img_location.'
'.filesize($tmp_filename);
// exit;
// Get avatar size, check the values and invalidate them, if necessary
if ($tmp_filename!='NULL' && $tmp_filename!='SIZE') list($sigimgwidth, $sigimgheight) = getimagesize($tmp_filename);
if (!isset($sigimgwidth) || $sigimgwidth==0) $sigimgwidth=2*650;
if (!isset($sigimgheight) || $sigimgheight==0) $sigimgheight=2*300;
// Delete the tempfile
@unlink($tmp_filename);
// Now compare the image dimension with phpBB config and print error message, if necessary
[b]if ( $sigimgwidth > 650 || $sigimgheight > 300 )[/b]
{
$errors[] = "Your image is larger than the maximum allowed 650 x 300 and 75kb";
}
}
}
// now this sig is okay. Heh
// END MOD RJH 05-12-2004
[/font][/color]
