ThreadBoard ArchivesSite FeaturesActiveworlds SupportHistoric Archives |
Image Merror Script (Community)
Image Merror Script // CommunitypineriverSep 24, 2003, 9:29pm
This is a very simple php script that lets you use tripod images on aw 3.4
and wont put the "Image Hosted By Tripod" watermark. also it will work for other servers that dont show up on 3.4, but on 3.3. This would be helpful for tourists, not saying that tourists are poorer then citizens mind you. Script Code <? $image = $HTTP_GET_VARS["url"]; readfile($image); ?> Call to action command : create picture http://hostname/account/php.php?url=http://some account.tripod.com/some image.jpg The php dose have to be hosted on a 3.4 compatible server I put it up on my server for a while http://www.solarisdx.net/pineriver/php.php?url= anduinSep 24, 2003, 10:04pm
[View Quote]
And also should not be posted on the Active Worlds forums for that same
reason. -- Anduin - GoreanScribe - The Ultimate Gorean Resource (http://www.goreanscribe.com) - GorHost - Cheap & Reliable Hosting for Goreans (http://www.gorhost.com) anduinSep 25, 2003, 12:28am
[View Quote]
Never said he should. Not everyone has the same codes in their life.
It's simply common sense and common courtesy. -- Anduin - GoreanScribe - The Ultimate Gorean Resource (http://www.goreanscribe.com) - GorHost - Cheap & Reliable Hosting for Goreans (http://www.gorhost.com) pineriverSep 25, 2003, 1:31am
I did not know that this was against TOS, I though if ppl had images on
Tripod, they could use this until they found a better host. I have heard of ppl who want to put pictures up on aw, but coudn't because they did not have the right type of server. I better read up more on it before I start tampering with ideas like this again. [View Quote] joemanSep 25, 2003, 1:42am
Did you ever think that tripod might have put those images there for a
reason? To prevent image linking off of the persons original site to save them massive amounts of bandwidth. Now, putting images in AW is linking them, and has nothing to do with the persons website. Adding these things to the community forum will just encourage people to break the TOS, and serves no one. Perhaps someone should notify the Tripod abuse department about this script, or types like it, so they can keep an extra eye out. -Joe [View Quote] mrbruceSep 25, 2003, 7:25am
whats the point of tripod allowing images in the first place? its a
web-based site, is their intentions that I can put an image on thier site for only me to look at? Ferther more if i visit someones tripod webpage which is web-based, does that mean I'm breaking the TOS??????? All sorts of websites allow us to make a homepage along with images, what's the point in this if anyone other than me looking at the damned thing is in violation of some stupid TOS!?!? Lets get real here, people say our path hosting service is a ripe off because we ask a fee for it for band-width, we offer over 200,000 objects and images ranging from 1 Kb to 100 Kb in size and those are both downloaded by large numbers of people, but how many people are realisticly viewing one measly 1 Kb JPG image from tripod????????? MrBruce [View Quote] anduinSep 25, 2003, 8:56am
[View Quote]
MrBruce,
Please calm down, hit a few returns and give us some breathing space with some paragraphs. You're completely wrong when you said the things above. Other people *can* view your web site as well as images. The only restriction is that the person viewing it *must* be viewing it from that page and not from another source and not just a straight URL to an image. Tripod is for web pages, not for FTP hosting of photo's. If you want photo's, you can use MSN's photo sharing communities for such business. Or, you can get your FREE site at www.awnewbie.com/freehosting.html - stop your complaining MrBruce. You use to be such a different person a few months ago, and now you seem to have turned completely into a 12 year old, female child. -- Anduin - GoreanScribe - The Ultimate Gorean Resource (http://www.goreanscribe.com) - GorHost - Cheap & Reliable Hosting for Goreans (http://www.gorhost.com) count draculaSep 25, 2003, 9:16am
I hate pages on Tripod and especially Fortunecity. Often when I visit those
pages I get this stupid default picture instead of the one that suppose to be there. I do not know if this is a bug in my old browser or simply because those hosts has a crappy system. All systems that makes things work, even tho they might be against some TOS,EULA, Copyright or other crap, are most welcome. Drac pineriver <pineriver_007 at hotmail.com> kirjoitti viestissä:3f726174$1 at server1.Activeworlds.com... > I did not know that this was against TOS, I though if ppl had images on > Tripod, they could use this until they found a better host. I have heard of > ppl who want to put pictures up on aw, but coudn't because they did not have > the right type of server. > I better read up more on it before I start tampering with ideas like this > again. > > [View Quote] codewarriorSep 25, 2003, 11:54am
The script you wrote is a big hole into your webhost.
You should never, ever, ever just use input supplied by the user like you do below without making sure it is not possible for them to retreive arbitrary files from your system through it. http://hostname/account/php.php?url=/etc/passwd might let me download the password file from your web host if their permissions are not set up right. I could also use my own webhost to set up a webpage with forms on it, and then retreive it through your script: http://hostname/account/php.php? url=http://myhost.com/my_malicious_page.htm Now I can make any webpage I want think it came from your host, and get access to a lot of information I shouldn't have. The webpage really is coming from your host, and you have made a mechanism to allow anyone to more or less put arbitrary HTML on your server. If you really want to do this, at least hardcode the http path to your tripod account into the code: <?php $image = $HTTP_GET_VARS["url"]; $image = "http://account.tripod.com/" . $image ; readfile($image); ?> This way noone can retreive any files local to your server, or any files from their own server. Only files from the tripod account can be retreived. It's shorter to invoke it too: create picture http://yourhost.com/script.php?url=image_name.jpg [View Quote] bowenSep 25, 2003, 5:52pm
[View Quote]
Actually, the TOS is fuzzy. One cannot link to an image that is not
linked via a webpage hosted on tripod. That's what I gathred from their TOS a long while ago. So, this could mean that you could not remotely load it as a <IMG SRC=...> file unless it's via tripod or not. But, here's the thing, what if you download the image and then save it locally - and then view it? You can do it with save as with internet explorer and that's _exactly_ what AW is doing. So, it's iffy. Do you consider create picture synonyms to <IMG SRC=> or do you consider it equal to right clicking and saving. I believe in the latter. If you're providing free services you better make sure it applies to all ways of "gathering" pictures. -- --Bowen-- http://bowen.homelinux.com/sys/ Yeah, it's that good. (Maybe an AW section in the near future?) bowenSep 25, 2003, 5:53pm
[View Quote]
I believe it is your browser not correctly submitting the information
that's being requisted of it (the http referrer or whatever they use for it). -- --Bowen-- http://bowen.homelinux.com/sys/ Yeah, it's that good. (Maybe an AW section in the near future?) bowenSep 25, 2003, 5:55pm
[View Quote]
With his script it looks like it goes to
http://account.tripod.com//etc/passwd . This, of course, would return nothing. Hopefully. -- --Bowen-- http://bowen.homelinux.com/sys/ Yeah, it's that good. (Maybe an AW section in the near future?) joemanSep 25, 2003, 7:21pm
The purpose of the script is to bypass their "deep linking images" htaccess
whatever they've got rigged up. You're not actually visiting their website, you're just viewing a small script on their website. Hell, the script is even rather transparent. The fact still remains, that you aren't visiting their website to _view_ the images. -Joe [View Quote] jermeSep 25, 2003, 7:27pm
You know... out of the millions of people that use Tripod... I'm sure he's
not the first person with a like PHP knowledge to figure out a workaround for the "deny request from outside referer" configuration. I'm also fairly certin that he's not the *only* one using a script of this sort. -Jeremy [View Quote] joemanSep 25, 2003, 9:19pm
That's why I said, people should notify the tripod abuse department to make
them aware that they're so far spread, and they've started to be used in AW, which sucks a lot of bandwidth. -Joe [View Quote] kahSep 26, 2003, 12:27pm
"bowen" <Bowen at andras.net> wrote in
news:3f7347be$1 at server1.Activeworlds.com: > I believe it is your browser not correctly submitting the information > that's being requisted of it (the http referrer or whatever they use > for it). > Referer is an optinal header. They can't rely on getting it, if it's not provided (or empty), they just have to assume your visit is legitimate. KAH anduinSep 26, 2003, 8:13pm
On 26 Sep 2003 15:10:02 -0400, "john" <johnf at 3d-reality.com> attempted to scribe the following words:
>Then ur using less of their bandwidth No, you're still using their bandwidth, because you're still using their *hosting* <wink>. -- Anduin (317281) - 5mb FREE Webhosting at http://www.awnewbie.com/freehosting.html - Free at awnewbie.com e-mail alias at http://www.awnewbie.com/email.html - Professional hosting and POP3 emails also available. Check links above! |