1
gnomonet
img src not working in articles/forums
  • 2004/4/19 20:42

  • gnomonet

  • Just popping in

  • Posts: 3

  • Since: 2004/4/19


hi all I´m having problems with some image´s src...

in my intalation cometas.info same img src does not work, for example, i´ll try to reproduce the same here:
1st image: does not work:
[img]http://www.mira-mira.org/_comun/img.aspx?txt_copy=www.mira-mira.org&VFilePath=%2Ffotos%2F2003%5Fzurrioladiapos%2F02%2Ejpg&Width=150&Height=150&Quality=75&ShellThumbnails=Falso&AllowStretch=Falso[/img]

2nd image: does work:
Resized Image

some idea??
thanks


2
Mithrandir
Re: img src not working in articles/forums

I am guessing that .aspx is not a valid image extension

3
gnomonet
Re: img src not working in articles/forums
  • 2004/4/19 22:35

  • gnomonet

  • Just popping in

  • Posts: 3

  • Since: 2004/4/19


'img' tag could be wathever kind of url that reply with a valid img format as raw. that aspx returns a well formed JPG. it´s used to restrict image size and weight. like a thumbnail generator.

try it in your browser.
copy /paste


that url works in phpbb

my XOOPS that i´m triying to migrate from phpbb is runing in a w2000 machine, but it does´nt seem to work here, neither.

it´s like XOOPS does not know how to manage that.

could yo tell me where in the program is that filter for the img tag processing???
thanks.





4
phppp
Re: img src not working in articles/forums
  • 2004/4/19 22:43

  • phppp

  • XOOPS Contributor

  • Posts: 2857

  • Since: 2004/1/25


yes
it is filtered
& is forbidden in [img] decode

should be corrected ...

5
Dave_L
Re: img src not working in articles/forums
  • 2004/4/19 22:49

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Method MyTextSanitizer::xoopsCodeDecode in class/module.textsanitizer.php.

The problem may be this:

le="color: #000000"><?php $patterns[] = "/[img]([^"()?&'<>]*)[/img]/sU";


It doesn't allow certain potentially unsafe characters in the URL.

6
gnomonet
Re: img src not working in articles/forums
  • 2004/4/19 23:05

  • gnomonet

  • Just popping in

  • Posts: 3

  • Since: 2004/4/19


thanks a lot.

somebody knows a horrible unsafe thing with the & character in an Url... of a img src tag ?

the idea is to allow that for the img src tag only.

there is a lot of galleries that use & in the pic´s urls, and the users copy and paste their urls into the forums and articles.


sorry for my horrible english...
i´m from spain..


7
Dave_L
Re: img src not working in articles/forums
  • 2004/4/19 23:19

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Allowing & (and ?) might be ok.

But I've seen exploits that use the img tag to run a script for malicious reasons. Embedded tags are especially problematic, because they get executed automatically, without the viewer even knowing about it.

Login

Donat-O-Meter

Stats
Goal: $15.00
Due Date: Jul 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $15.00
Make donations with PayPal!

Latest GitHub Commits