[img] tag problem.

Anthony · Postby **Anthony** » Tue Aug 26, 2008 9:05 pm

Can someone tell me whats wrong with this code.

I want to add the image below.
https://madnessred.darkevo.org/grad.php? ... nvertModv2

So I use this code.

Code: Select all

[img]https://madnessred.darkevo.org/grad.php?mode=5&per=90&text=InvertModv2[/img]

And get this result.

Why doesn't t work?

Postby **Franch88** » Tue Aug 26, 2008 9:11 pm

You should already know why, it's easy to understand...

The BBcode IMG works only with links directed to an image file, in .jpg, .png, .gif and .bmp file extension. You have to get the direct link to the image file.
What you're trying to do is to use the IMG code for a link not directed to an image file; that is a PHP link that brings to that picture.
Check the IMG BBcode help for another explaining.

Anthony · Postby **Anthony** » Tue Aug 26, 2008 9:28 pm

why is that limit in place??, it seems a bit odd coz forums like mmarchive will display that kind of link fine.

also the real image is just plain

its all done via php.

also you are blocking the mmarchive screens by doing this.

Postby **Franch88** » Tue Aug 26, 2008 9:44 pm

So the "Invert Mod v2" write is added by the PHP script; you have to make a picture of the final result and then make the IMG BBcode of it.

That link from MMArchive doesn't work inside the IMG BBcode because it's ever a PHP script link. The link to use in the IMG BBcode must be like this one.

Code: Select all

[img]https://www.mm2x.com/images/logo.jpg[/img]

matt1314 · Postby **matt1314** » Tue Aug 26, 2008 10:06 pm

That's the same thing I've figured out, too. Before I wasn't able to embed screens into a forum reply from Photobucket.

That's the problem happened to me:

1. I wrote this before:

Code: Select all

[img]https://s300.photobucket.com/albums/nn22/Matvey_2008/?action=view&current=Picture.jpg[/img]

2. But I must remove the underlined part of the link, then it'll be directed to the image:

3. So the correct direct link without the underlined part would be like this:

Code: Select all

[img]https://s300.photobucket.com/albums/nn22/Matvey_2008/Picture.jpg[/img]

Maybe that helps you.

Postby **Franch88** » Tue Aug 26, 2008 10:11 pm

That works with your Photobucket link because after deleted that link part you'll get the direct link to the image.
Those other links are PHP script links, and if you try to do pretty the same thing as that Photobucket link, you won't get nothing.

Anthony · Postby **Anthony** » Tue Aug 26, 2008 11:04 pm

So the "Invert Mod v2" write is added by the PHP script; you have to make a picture of the final result and then make the IMG BBcode of it.

That link from MMArchive doesn't work inside the IMG BBcode because it's ever a PHP script link. The link to use in the IMG BBcode must be like this one.

Code: Select all
[img]https://www.mm2x.com/images/logo.jpg[/img]

yes Franch, I get how it doesn't work, by why I meant what is the point. It seems to be WAY over complicating things. All that needs to be done is a simlpe string replace which changes

Code: Select all

[img]

to

Code: Select all

<img src="

Thats a 3 line php script, what script that the forum uses is somehow detecting if it is a php script and not a real image and then parsing the bbc as text if it is a php image.

I just don't see the point.

Also the idea of the links like the one I have is that premieraly it is a percentage indicator.

https://madnessred.darkevo.org/grad.php?mode=1&per=75

And example of where it is used is here.

https://www.mmarchive.com/forums/viewtop ... 197&p=2214

Postby **Gafaddict** » Fri Aug 29, 2008 2:51 am

There's a perfectly good security reason behind this. If you embed a PHP script via the image tag, you can quite literally execute any command you want "behind-the-scenes" of the script and make it appear as an image.

For example, if you were to execute some sort of harmful command and follow it by the code that creates your gradient, neither the site nor the browser wouldn't notice because all they take into account is the fact that its file type is, apparently, an image. That's what the script told the browser. Nevertheless that harmful code is executed. So to prevent this phpBB by default doesn't allow PHP-generated images to be embedded.

The only reason it's disabled on MMArchive is because of the fact that my watermarked thumbnails are in a PHP script.

Anthony · Postby **Anthony** » Fri Aug 29, 2008 8:32 pm

but php is generated on the server. So an nasty scripts would be run on the host server.

So if I coded a virus in, the virus would be run on my server and I would get the virus not you.

Try this code

[lt]?php include("https://madnessred.darkevo.org/includes/countdown.php"); ?[gt]

If you try that code you will see that it doesn't work because you can't read the source code from a server. The code is executed on the server and only the output is displayed.

In theory yes the output is displayed so you could hide some nasties in the created code but that seems a very strange way as the outputed code is just an image so could be saved a standard image and included that way,