<img> tag issue

Posted: Mon Jan 07, 2008 6:39 pm

Hey all,

I have installed the 2.10.01 version of raven nuke at: www.thecrimsonage.com

I love it!

But.. I can't seem to get this to work in the forums:

Code:




[img]http://beta.ulminia.zenutech.com/index.php?p=util-siggen-siggen&mode=signature&member=Ulminia@US-Zangarmarsh[/img]

The above code should generate a nifty WoW signature and instead I get (the same thing I get here as well):
[img]http://beta.ulminia.zenutech.com/index.php?p=util-siggen-siggen&mode=signature&member=Ulminia@US-Zangarmarsh[/img]

Any idea what I need to do to enable <img> tag processing on my forum? I checked /config.php and it has the img tag listed as, allowed. I am not sure if there is a similar place in the forums I actually need to enable this -- or -- if I require a plugin of some sort to add this type of image processing.

Here is my $AllowableHTML array:

Code:




$AllowableHTML = array(


    'a' => array('href' => 1, 'target' => 1, 'title' => array('minlen' => 4, 'maxlen' => 120)),


    'b' => array(),


    'blockquote' => array(),


    'br' => array(),


    'center' => array(),


    'div' => array('align' => 1),


    'em' => array(),


    'font' => array('face' => 1, 'style' => 1, 'color' => 1, 'size' => array('minval' => 1, 'maxval' => 7)),


    'h1'=>array(),


    'h2'=>array(),


    'h3'=>array(),


    'h4'=>array(),


    'h5'=>array(),


    'h6'=>array(),


    'hr' => array(),


    'i' => array(),


    'img' => array('alt' => 1, 'src' => 1, 'hspace' => 1, 'vspace' => 1, 'width' => 1, 'height' => 1, 'border' => 1, 'align' => 1),


    'li' => array(),


    'ol' => array(),


    'p' => array('align' => 1),


    'pre' => array('align' => 1),


    'span' =>array('class' => 1, 'style' => array('font-family' => 1, 'color' => 1)),


    'strong' => array(),


    'strike'=>array(),


    'sub'=>array(),


    'sup'=>array(),


    'table' => array('align' => 1, 'border' => 1, 'cell' => 1, 'width' => 1, 'cellspacing' => 1, 'cellpadding' => 1),


    'td' => array('align' => 1, 'width' => 1, 'valign' => 1, 'height' => 1, 'rowspan' => 1, 'colspan' => 1 ),


    'tr' => array('align' => 1),


    'tt'=>array(),


    'u' => array(),


    'ul' => array(),


);

-- Cheers! Smile

registered · Posted: Mon Jan 07, 2008 7:37 pm

Make sure you understand there is a difference between the img BBCode tag and the img HTML tag.

The forums are a separate piece of software (phpBB) and the AllowableHTML array doesn't apply to it. I think the img BBCode tag does not work if it sees too many "funny" characters. It might be the @ sign in your URL. I've seen it fail like this also.

You could instead enable the <img> HTML tag in your forum and use it instead of the img BBCode tag, but some feel there are some security risks associated with that. See your admin panel / Forums / Config and add img to the HTML list. Make sure HTML is enabled too.

Posted: Mon Jan 07, 2008 7:39 pm

And in case you didn't know, the correct way to use the img HTML tag is:

Code:




<img src="http://beta.ulminia.zenutech.com/index.php?p=util-siggen-siggen&mode=signature&member=Ulminia@US-Zangarmarsh" alt="My Sig" />

but you have to enable it in the forums first.

Posted: Tue Jan 08, 2008 2:48 am

I do understand that the <img /> tag and the [img] bbcode are two separate beasts... But php renders out using html... I should have worded the original question a bit better. Though your answer still applies, the solution lies in the forum configuration and not the "site" configuration.

I had thought that bb2nuke integrated not only the nuke user database, but also profanity filtering and allowable HTML ... I guess it's just the user database that is integrated?

[img]http://www.thecrimsonage.com/roster/addons/siggen/sig.php?member=Kaffeine[/img]

The above sample is an actual guild members signature as generated by my site. The example that I used in the OP was from a different individuals site, as mine was not properly generating the images at the time of the request for help.

But now my sites image generation is up and running properly and still not parsed correctly with the [img][/img] bbcode.

I did find, in the phpbb configuration, where I needed to add "img" to the list of allowed html. It worked, but it's really more of a workaround than a solution. The root of the problem is using [img]*.php[/img]. Anything other than a pure image format just doesn't seem to get parsed correctly.

I've just seen it done on other forums and was hoping it was merely a security setting that had been tweaked off by Raven. Wink

Posted: Tue Jan 08, 2008 8:30 am

Yes, as you said, the [img] BBCode tags don't work right if the URL doesn't look like a "flat" image. This is a problem with phpBB. Well, actually it isn't a problem, they did that by design. They are trying to protect you from cross-site scripting attacks.

You can work around it by using the <img> HTML tag, but the cross-site scripting threat appears. It just depends on whether you want to take that risk and how much you trust your users.

registered · Posted: Tue Jan 08, 2008 2:07 pm

To work around phpBB's image extension limit, you can use Apache's mod_rewrite rules. This is the same process that allows GoogleTap / ShortLinks to work.

Here's one I did (as an example)

http://ic.swcic.net/modules/Characters/images/Ying+Lee.jpg