LAW_FREAK
Prince
Like that one, is it secure to allow them in sigs or not?
I'm asking because I'm not sure if I should allow them(ofcousre not that big)
Is allowing .php images in sigs secure?
- Thread starter LAW_FREAK
- Start date
Like that one, is it secure to allow them in sigs or not?
I'm asking because I'm not sure if I should allow them(ofcousre not that big)
GenMarshall
High Elven ISB Capt & Ghost Agent
I doubt its possible to have images in our signatures since
Reno
The Studio Ghibli Fanatic
CivGeneral said:
Dynamic images can change at the owners whim, perhaps on a rotation, or change with time of day etc. They are typically powered by server-side scripts such as .php .shtml .cgi etc.
They are considered less secure than static images because they may circumnavigate the checks performed by human moderators.
However, it doesn't take much effort to make .gif files, or any other file extension, a script. The actual extension means nothing.
They are considered less secure than static images because they may circumnavigate the checks performed by human moderators.
However, it doesn't take much effort to make .gif files, or any other file extension, a script. The actual extension means nothing.
LAW_FREAK
Prince
I meant does the person have the ability to acess certain variables on you sit(db variables)
php isn't an image, it's a server-side script. However, if you mean linking to another site, it's secure. Images really can't hurt your computer, since the browser reads it as data. (Internet Explorer did have one bug where an invalid jpg could cause windows to crash -- the one Microsoft said was a "hacker gaining control of your computer" -- umm, yeah, Sure Bill --)
There are a few things you should know:
1 - Not everyone likes people stealing their bandwidth. When you link to another server for an image, you're using their bandwidth. If it's a huge image, and/or an often viewed page, that takes up a lot of bandwidth from their site.
2 - Someone might decide to replace that picture on their server with an indecent picture, which could be quite embarrassing, and even against some ISP rules and regulations.
You link to an image the same way you link to files on the CFC file server.
There are a few things you should know:
1 - Not everyone likes people stealing their bandwidth. When you link to another server for an image, you're using their bandwidth. If it's a huge image, and/or an often viewed page, that takes up a lot of bandwidth from their site.
2 - Someone might decide to replace that picture on their server with an indecent picture, which could be quite embarrassing, and even against some ISP rules and regulations.
You link to an image the same way you link to files on the CFC file server.
Code:
[IMG.]http://www.civfanatics.net/uploads9/someimage.jpg[/IMG]LAW_FREAK
Prince
I know its a server side script but you can use it to add text to an image.
I figured out the answer to my question, the script only accesses variables from its server so it is secure.
Here is an example script of what I'm talkiing about
That is what I used for that pic.
This kind of script is common in pictures that give board stats that you see in sigs.
I figured out the answer to my question, the script only accesses variables from its server so it is secure.
Here is an example script of what I'm talkiing about
PHP:
<?php
$image = "banner.gif";
$im = imagecreatefromgif($image);
$tc = ImageColorAllocate ($im, 0, 0, 0);
$ip = getenv('REMOTE_ADDR');
$date = date("F j, Y");
ImageString($im, 2, 4, 8, "Hello $ip", $tc);
ImageString($im, 2, 501, 8, "Today is $date", $tc);
header("Content-Type: image/gif");
Imagepng($im,'',100);
ImageDestroy ($im);
?>This kind of script is common in pictures that give board stats that you see in sigs.
No. The script is executed on it's own server.LAW_FREAK said:
If you allow people to upload files to your server, then you should disable all scripts in the upload directory - you can do this using .htaccess (or ask your webhost)
Similar threads
