array(
'img' => array(
'hasOption' => false,
'plainChildren' => true,
'callback' => array($this, 'renderTagImage')
),
);
<?php
class CamoUrl_BbCode_Formatter_Base extends XFCP_CamoUrl_BbCode_Formatter_Base
{
/**
* Renders a img tag.
*
* @param array $tag Information about the tag reference; keys: tag, option, children
* @param array $rendererStates Renderer states to push down
*
* @return string Rendered tag
*/
public function renderTagImage(array $tag, array $rendererStates)
{
// Do your special handling here, making sure the return statement will have the correct inputs…
return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : ''));
}
}
Patiently explaining rocket science in terms a 12 year old would understand.
<?php
class CamoUrl_BbCode_Formatter_Base extends XFCP_CamoUrl_BbCode_Formatter_Base
{
/**
* Renders a img tag.
*
* @param array $tag Information about the tag reference; keys: tag, option, children
* @param array $rendererStates Renderer states to push down
*
* @return string Rendered tag
*/
public function renderTagImage(array $tag, array $rendererStates)
{
$url = $this->stringifyTree($tag['children']);
$prefix = 'https://domain/asset-proxy/';
$camokey = 'secret';
$validUrl = "$prefix" . hash_hmac('sha1', $this->_getValidUrl($url), $camokey) . '/'. bin2hex($this->_getValidUrl($url));
if (!$validUrl)
{
return $this->filterString($url, $rendererStates);
}
$censored = XenForo_Helper_String::censorString($validUrl);
if ($censored != $validUrl)
{
return $this->filterString($url, $rendererStates);
}
// attempts to convert smilies posted as [IMG] tags back into smilies
if ($rendererStates['imgToSmilie'])
{
foreach ($this->_smiliePaths AS $smiliePath => $smilieId)
{
if (strpos($url, $smiliePath) !== false && substr($url, strlen($smiliePath) * -1) == $smiliePath)
{
return $this->_smilieReverse[$smilieId];
}
}
}
return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : ''));
}
}
HOLY * you are awesome.
PHP:<?php class CamoUrl_BbCode_Formatter_Base extends XFCP_CamoUrl_BbCode_Formatter_Base { /** * Renders a img tag. * * @param array $tag Information about the tag reference; keys: tag, option, children * @param array $rendererStates Renderer states to push down * * @return string Rendered tag */ public function renderTagImage(array $tag, array $rendererStates) { $url = $this->stringifyTree($tag['children']); $prefix = 'https://domain/asset-proxy/'; $camokey = 'secret'; $validUrl = "$prefix" . hash_hmac('sha1', $this->_getValidUrl($url), $camokey) . '/'. bin2hex($this->_getValidUrl($url)); if (!$validUrl) { return $this->filterString($url, $rendererStates); } $censored = XenForo_Helper_String::censorString($validUrl); if ($censored != $validUrl) { return $this->filterString($url, $rendererStates); } // attempts to convert smilies posted as [IMG] tags back into smilies if ($rendererStates['imgToSmilie']) { foreach ($this->_smiliePaths AS $smiliePath => $smilieId) { if (strpos($url, $smiliePath) !== false && substr($url, strlen($smiliePath) * -1) == $smiliePath) { return $this->_smilieReverse[$smilieId]; } } } return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : '')); } }
This works! I love you, now all i need is find out how to make :
$prefix and $camokey configurable options, since the method i use right now is not very elegant, it works for me but if i'm ever going to write the full https guide (as I should, it's only fair to contribute back after the help i got) I ought include a fully functional addon.
Thank you a million, I would suggest you get hammered on me, but it's monday.
public function renderTagImage(array $tag, array $rendererStates)
{
$url = $this->stringifyTree($tag['children']);
$prefix = Xenforo_Application::get('options')->yourOptionId;
$camokey = Xenforo_Application::get('options')->yourOptionId2;
$validUrl = "$prefix" . hash_hmac('sha1', $this->_getValidUrl($url), $camokey) . '/'. bin2hex($this->_getValidUrl($url));
if (!$validUrl)
{
return $this->filterString($url, $rendererStates);
}
$censored = XenForo_Helper_String::censorString($validUrl);
if ($censored != $validUrl)
{
return $this->filterString($url, $rendererStates);
}
// attempts to convert smilies posted as [IMG] tags back into smilies
if ($rendererStates['imgToSmilie'])
{
foreach ($this->_smiliePaths AS $smiliePath => $smilieId)
{
if (strpos($url, $smiliePath) !== false && substr($url, strlen($smiliePath) * -1) == $smiliePath)
{
return $this->_smilieReverse[$smilieId];
}
}
}
return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : ''));
}
}
Will do this, thank you.You mean $prefix and $camokey as options? If you're system is in debug mode, go to ACP -> Options -> "option group" (I'd suggest "Messages" because that's what you're dealing with) -> + Add Option. Set up the option correctly and then switch your code to be the following:
They shall now be configurable through the options panel in the ACP.
The warnings appear after inserting an image in the wysiswg editor, or when seeing the wysiwyg editor with an inserted image in it. I think this is tinymce related.Can you explain when you are getting warnings in a little more detail, I'm slightly confused.
Modify your listener and replace the file with this:Will do this, thank you.
The warning appear after inserting an image in the wysiswg editor, or when seeing the wysiwyg editor. I think this is tinymce related.
uneducated rambling:
An option might be to hook into the tinymce function that renders the image tags in the editor and send the url to a serverside url encoding script, then send the url back encoded for tinymce to embed. We can't use client side encoding (for the url) since we want the private key to stay... well private. The problem I have been hurting my head with is how to do this without opening the addon up to application level denial of service. Hashing url's is not super expensive but if it is not rate limited to user session and max requests /s /h it can and will be abused.
Or am I over thinking this? Breaking things is so much easier...
<?php
class CamoUrl_Listener_LoadClassController
{
public static function loadClassListener($class, &$extend)
{
if ($class == 'XenForo_BbCode_Formatter_Base' || $class == 'XenForo_BbCode_Formatter_Wysiwyg')
{
$extend[] = 'CamoUrl_BbCode_Formatter_Base';
}
}
}
If this works, I think we may have found a bug or issue within the system.
I think the display of images in the editor right after inserting them (before post) are a client side thing.
Add some logic to see if the URL is coming from your site (should be https already) or from the previous URL. If so, you could return it, if not, you'd do your processing. I can't really delve into much more without seeing actual code.No dice, it still gives mixed content warnings when inserting the image.
I think the display of images in the editor right after inserting them (before post) are a client side thing.
It did fix the display of images in the editor when editing an existing post with images (this gave mixed content warnings too).
However, when going into the "more options" and / or saving a post that was edited. I think the image url in the editor is encoded twice, so that's a problem.
Bug or Feature?
Add some logic to see if the URL is coming from your site (should be https already) or from the previous URL. If so, you could return it, if not, you'd do your processing. I can't really delve into much more without seeing actual code.
<?php
class CamoUrl_BbCode_Formatter_Base extends XFCP_CamoUrl_BbCode_Formatter_Base
{
/**
* Renders a img tag.
*
* @param array $tag Information about the tag reference; keys: tag, option, children
* @param array $rendererStates Renderer states to push down
*
* @return string Rendered tag
*/
public function renderTagImage(array $tag, array $rendererStates)
{
$url = $this->stringifyTree($tag['children']);
$prefix = Xenforo_Application::get('options')->camoPrefix;
if (preg_match("~($prefix)~", $url))
{
$validUrl = $url;
}
else {
$camokey = Xenforo_Application::get('options')->camoKey;
$validUrl = "$prefix" . hash_hmac('sha1', $this->_getValidUrl($url), $camokey) . '/'. bin2hex($this->_getValidUrl($url));
}
if (!$validUrl)
{
return $this->filterString($url, $rendererStates);
}
$censored = XenForo_Helper_String::censorString($validUrl);
if ($censored != $validUrl)
{
return $this->filterString($url, $rendererStates);
}
// attempts to convert smilies posted as [IMG] tags back into smilies
if ($rendererStates['imgToSmilie'])
{
foreach ($this->_smiliePaths AS $smiliePath => $smilieId)
{
if (strpos($url, $smiliePath) !== false && substr($url, strlen($smiliePath) * -1) == $smiliePath)
{
return $this->_smilieReverse[$smilieId];
}
}
}
return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : ''));
}
}
I'll look into the JS issue tomorrow. You may actually want to change the listener the following to ensure img is ALWAYS handled via your system:Solved the looping edit / more options img encoding with preg_match as you suggested.
PHP:<?php class CamoUrl_BbCode_Formatter_Base extends XFCP_CamoUrl_BbCode_Formatter_Base { /** * Renders a img tag. * * @param array $tag Information about the tag reference; keys: tag, option, children * @param array $rendererStates Renderer states to push down * * @return string Rendered tag */ public function renderTagImage(array $tag, array $rendererStates) { $url = $this->stringifyTree($tag['children']); $prefix = Xenforo_Application::get('options')->camoPrefix; if (preg_match("~($prefix)~", $url)) { $validUrl = $url; } else { $camokey = Xenforo_Application::get('options')->camoKey; $validUrl = "$prefix" . hash_hmac('sha1', $this->_getValidUrl($url), $camokey) . '/'. bin2hex($this->_getValidUrl($url)); } if (!$validUrl) { return $this->filterString($url, $rendererStates); } $censored = XenForo_Helper_String::censorString($validUrl); if ($censored != $validUrl) { return $this->filterString($url, $rendererStates); } // attempts to convert smilies posted as [IMG] tags back into smilies if ($rendererStates['imgToSmilie']) { foreach ($this->_smiliePaths AS $smiliePath => $smilieId) { if (strpos($url, $smiliePath) !== false && substr($url, strlen($smiliePath) * -1) == $smiliePath) { return $this->_smilieReverse[$smilieId]; } } } return sprintf($this->_imageTemplate, htmlspecialchars($validUrl), ($rendererStates['lightBox'] ? ' LbImage' : '')); } }
This leaves (still) the initial problem with inserting images with tinymce. I'll look around what I can find on the subject.
<?php
class CamoUrl_Listener_LoadClassController
{
public static function loadClassListener($class, &$extend)
{
if ($class == 'XenForo_BbCode_Formatter_Base' || $class == 'XenForo_BbCode_Formatter_Wysiwyg' || $class == 'XenForo_BbCode_Formatter_Text' || $class == 'XenForo_BbCode_Formatter_ImageCount' || $class == 'XenForo_BbCode_Formatter_HtmlEmail')
{
$extend[] = 'CamoUrl_BbCode_Formatter_Base';
}
}
}
I'll look into the JS issue tomorrow. You may actually want to change the listener the following to ensure img is ALWAYS handled via your system:
This'll always ensure emails are routed through your proxy... However, the last check could be left out (I don't think mixed content warnings are ever given out via an email client...).
What's the exact error so I can look into why my code is causing it?One of the classes that gets extended by the above modification breaks the addon. I haven't narrowed it down to any of them, it get error messages on post, but the JS error console doesn't say anything.
2011/12/06 18:21:34 [error] 9401#0: *2077 FastCGI sent in stderr: "PHP Fatal error: Cannot redeclare class XFCP_CamoUrl_BbCode_Formatter_Base in /var/www/domain.net/community/library/XenForo/Application.php(396) : eval()'d code on line 1" while reading response header from upstream, client: *, server: domain.net, request: "POST /community/posts/14/save-inline HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "domain.net", referrer: "https://domain.net/community/threads/gggggggg.5/"
~
$class == 'XenForo_BbCode_Formatter_Base' || $class == 'XenForo_BbCode_Formatter_Wysiwyg'
yes, that works.This was working with just:
PHP:$class == 'XenForo_BbCode_Formatter_Base' || $class == 'XenForo_BbCode_Formatter_Wysiwyg'
Correct? The error implies the possibility of the system creating instances of more than one of the classes in the same function and attempting to extend them both... This could get sticky...
want me to attach the addon as it is now ?Revert to that, it gives me somewhere to work off of soon.
We use essential cookies to make this site work, and optional cookies to enhance your experience.