Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
Import External Images Details »
Import External Images
Mod Version: 1.0.5, by y2ksw (Coder) y2ksw is offline
Developer Last Online: May 2020 I like it Show Printable Version Email this Page

vB Version: 4.x.x Rating: (38 votes - 4.68 average) Installs: 302
Released: 07 Nov 2010 Last Update: 14 Feb 2011 Downloads: 1892
Supported DB Changes Uses Plugins Additional Files Translations  

This vBulletin 4 product imports external images in your posts from external servers or paths into a specific path, normally your forum's image folder.

Differently than the previous product Image Cache for vBulletin 3.x., it parses the posts at regular intervals for new images and replaces the external references in the background. Also, instead of using only a single folder, it creates folders for years and months, making it much easier to handle large quantities of images. The source and destination image URL's are stored into database, too, avoiding unnecessary duplicates.

It moves and optionally converts images from one place to another. It is a handy tool in order to keep your images local to your forums.

Version 1.0.4 is temporarily in BETA stage until the users have confirmed the newly requested features.
Version 1.0.5 is still in BETA stage. It adds a new bunch of additional features, one of which allows you to test your mathematical understanding ... and a few other to fine-tune CURL and socket timeouts, and resizing on the fly of too large images. If you don't know what these options do, please leave them at their default values.

Download Now

Only licensed members can download files, Click Here for more information.

Supporters / CoAuthors

Screenshots

Click image for larger version

Name:	08-11-2010-11.32.53.jpg
Views:	4005
Size:	112.4 KB
ID:	123480   Click image for larger version

Name:	02-02-2011-22.06.39.jpg
Views:	2779
Size:	126.0 KB
ID:	126356  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
  #811  
Old 29 Nov 2017, 13:03
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Real name: Giovanni
Originally Posted by Afrika View Post
OK thanks. What I have to change if the folder named picupload?
Depending on what you have decided to do, you have to change the plugin code or move the files.

Code changes: The code is commented and uses self-explanatory variables, thus you should be able to find easily the place where to skip the forum path test and comment that part out or change it to your needs. Alternatively, you may hire somebody (not me) who is going to make the changes.

Move files manually: use shell commands and phpmyadmin for the queries
__________________
Giovanni
Italian support: http://www.vbulletin.it/
Reply With Quote
  #812  
Old 16 Feb 2018, 20:13
final kaoss final kaoss is offline
 
Join Date: Apr 2006
I imagine this would work fine with vb3 & vb5?
Reply With Quote
  #813  
Old 19 Feb 2018, 10:58
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Real name: Giovanni
Originally Posted by final kaoss View Post
I imagine this would work fine with vb3 & vb5?
Sorry, no. There was a 3.x version and there is no 5.x version and probably never will be.
__________________
Giovanni
Italian support: http://www.vbulletin.it/
Reply With Quote
  #814  
Old 01 Mar 2018, 19:17
final kaoss final kaoss is offline
 
Join Date: Apr 2006
Thanks, is there a way to make it only import http images (Non SSL images)? That is, skip any images with https in it and only download the "mixed content" http images.
Reply With Quote
  #815  
Old 20 Mar 2018, 15:36
final kaoss final kaoss is offline
 
Join Date: Apr 2006
I noticed that sometimes this plugin corrupts the filenames. Any fix for that?
Attached Images
File Type: jpg 2018-03-20.jpg (89.2 KB, 52 views)
Reply With Quote
  #816  
Old 14 Jul 2018, 13:14
TTayfun's Avatar
TTayfun TTayfun is offline
 
Join Date: Aug 2011
Real name: MSc. Tayfun T.
please release 3.8.11 for vbulletin.
__________________
vBulletin 3/4 Forum Kurulumu ve Yönetimi / XenForo Kurulum
ve IP Board Kurulum işleriniz için özel mesaj atabilirsiniz.
Reply With Quote
  #817  
Old 09 Aug 2018, 06:59
ForumExcellence ForumExcellence is offline
 
Join Date: Mar 2011
Originally Posted by final kaoss View Post
Thanks, is there a way to make it only import http images (Non SSL images)? That is, skip any images with https in it and only download the "mixed content" http images.
In the settings for the plugin (Settings -> Options -> vB4 Import External Images), put "https://" (without quotes) on a new line in the "Ignore" section, like so:

https-import.png

You may consider downloading everything though, if you have the space/bandwidth to support it, because otherwise, external hosts could get rid of their images - either due to age, or some ulterior motive, and by surprise, like Photoshop.
__________________
Forum Services by ForumExcellence
Reply With Quote
  #818  
Old 12 Dec 2019, 22:44
Piloux Piloux is offline
 
Join Date: Oct 2017
Hi and thanks for your efforts.

I just have a question, I noticed that the imported folder has to be chmod to 777, however all the imported files are automatically chmod to 644.

In this case, if a user posts an "infected" image that contains a php script or malicious code, are they blocked by chmod 644 or is there still a chance that the code gets executed when the hacker opens the url mysite.com/images/imported/infectedfile.png ?

Thanks
Reply With Quote
  #819  
Old 12 Dec 2019, 23:39
Hostboard's Avatar
Hostboard Hostboard is offline
 
Join Date: May 2002
Real name: Steven
CHMOD/CHOWN are server based permissions and have no bearing to the end user if the file is served to them. What you need is to have an addon that uses FProt or ClamAV to scan attachments and imported files. I know there was Fractalizer for VB 3 and there was a VB4 variant but I think they were only for attachments. This is something that would need to be coded from scratch.
__________________
Custom Solutions for your vBulletin

Reply With Quote
  #820  
Old 12 Dec 2019, 23:46
Piloux Piloux is offline
 
Join Date: Oct 2017
Originally Posted by Hostboard View Post
CHMOD/CHOWN are server based permissions and have no bearing to the end user if the file is served to them. What you need is to have an addon that uses FProt or ClamAV to scan attachments and imported files. I know there was Fractalizer for VB 3 and there was a VB4 variant but I think they were only for attachments. This is something that would need to be coded from scratch.
OK thanks for your fast reply, that means that this plugin is pretty insecure? In this case is there a way to put an .htaccess in the imported folder that would deny anyone from running php scripts?
Reply With Quote
  #821  
Old 13 Dec 2019, 01:31
Hostboard's Avatar
Hostboard Hostboard is offline
 
Join Date: May 2002
Real name: Steven
The plugin in itself is not insecure as I do not believe that the intention of scanning files for malicious code was ever its intent. That being said you can then say vBulletin is not secure in that the way it allows you to have attachments and upload avatars. There is a known exploit:

The following issues exist in vBulletin itself, reported by us to vBulletin support over 60 days ago(years now). Since vBulletin has not patched or disclosed the issues since that time, we now do so here:
An image decompression bomb vulnerability exists when vBulletin Options > Message Attachment Options > Resize Images = Yes. Disable it to protect your site.
An image decompression bomb vulnerability exists when allowing user uploads for avatars and profile pictures. To protect your site, change your forum's permissions so that users cannot upload custom avatars or profile pics.
An image decompression bomb vulnerability exists when using ImageMagick for images and allowing uploads. Currently known issues are for PDFs and TIFFs; however, because the filename of the incoming upload is not trustworthy, removing entries from the Attachment Manager or changing Attachment Permissions are not viable options. The following mitigation options exist:
Change vBulletin Options > Image Settings > Image Processing Library = GD, OR
Change your forum's permissions so that no users can upload anything.

In an attempt to figure the best way to resolve this sort of thing would be to update the Fractalizer Plugin to work with VB 4: https://www.vbulletin.org/forum/showthread.php?t=187482
__________________
Custom Solutions for your vBulletin

Reply With Quote
  #822  
Old 21 Feb 2020, 14:10
Hostboard's Avatar
Hostboard Hostboard is offline
 
Join Date: May 2002
Real name: Steven
Any fix for PHP 7.1+

PHP Fatal error: [] operator not supported for strings on line 324 in /home/........./public_html/forums/includes/cron/iei_cron.php
__________________
Custom Solutions for your vBulletin

Reply With Quote
  #823  
Old 21 Feb 2020, 14:54
shka shka is offline
 
Join Date: Mar 2016
Edit

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

to

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Or better to

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

so the following code line numbers are the same. I expect there are more than one fatal errors in.


Edit:
former edit of line 342 was stupid. Deleted

Last edited by shka; 22 Feb 2020 at 09:47.
Reply With Quote
  #824  
Old 21 Feb 2020, 17:51
Hostboard's Avatar
Hostboard Hostboard is offline
 
Join Date: May 2002
Real name: Steven
Thank you for the quick reply
File edits made. Will check the log file latter on tonight and see if anything pops back up.

Still getting (1) error with this...

NOTICE: PHP message: PHP Fatal error: syntax error, unexpected ';', expecting ']' on line 334 in /home/........./public_html/forums/includes/cron/iei_cron.php"

This did not work...


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Trying the first notation...
__________________
Custom Solutions for your vBulletin


Last edited by Hostboard; 21 Feb 2020 at 23:54.
Reply With Quote
  #825  
Old 22 Feb 2020, 08:58
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Real name: Giovanni
I'm very unhappy with PHP 7, which converts the untyped language in a typed one. Having said this, you may test

if (isset($iei_ignore)) ...

in order to see if the variable was actually set, or better, use a different variable to read the value, and use

$iei_ignore = array();

beforehand. E.g.:

$iei_ignore = array();
$x_ignore = explode("\r\n", $input_ignore);
if (!is_array($x_ignore))
{
$iei_ignore[] = $bburl;
}
else
{
$iei_ignore = $x_ignore;
}
__________________
Giovanni
Italian support: http://www.vbulletin.it/
Reply With Quote
Reply

Tags
lisansdevir


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 00:43.

Layout Options | Width: Wide Color: