Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 [NOT-A-MOD] Different Localization URL fix

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!
Before posting, make sure you have read this topic!

Screensize:
UserName:
Password:
Format Mode:
Format: BoldItalicizedUnderlineStrikethrough Align LeftCenteredAlign Right Horizontal Rule Insert HyperlinkInsert EmailInsert Image Insert CodeInsert QuoteInsert List
   
Message:

* HTML is OFF
* Forum Code is ON
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
Check here to subscribe to this topic.
   

T O P I C    R E V I E W
SiSL Posted - 22 April 2008 : 03:59:21
If you are based on some different language like me which has different way of putting words into sentence, then this might help you a little bit on Snitz.

Ever seen URL's with Apostrophe? You know ' <- Single Quote. I personally didn't. But that often blocked my URL's in my forum. Because to say something at somedomain.com, my users often use apostrophe such as " at www.chip.com.tr ", in my language it is " www.chip.com.tr'deki " as you see, you get a weird domain (english 'at' added into domain itself), including single quote..

So this will be only good thing to do if you have weird users and weird language setup. Now how to quick heal that:

inc_func_common.asp (Goto Line 1539, well, end of the file) you will see following lines. Just remove the parts I marked with red... or you can manually remove every \'

<script language="javascript1.2" runat="server">
function edit_hrefs(sURL, iType) {
	sOutput = new String(sURL);

	if (iType == 1) {
		sOutput = sOutput.replace(/\b(http\:\/\/[\w+\.]+[\w+\.\:\/\@\_\?\=\&\-\'\#\%\~\;\,\$\!\+\*]+)/gi,
			"<a href=\"$1\" target=\"_blank\">$1<\/a>");
	} else if (iType == 2) {
		sOutput = sOutput.replace(/\b(https\:\/\/[\w+\.]+[\w+\.\:\/\@\_\?\=\&\-\'\#\%\~\;\,\$\!\+\*]+)/gi,
			"<a href=\"$1\" target=\"_blank\">$1<\/a>");
	} else if (iType == 3) {
		sOutput = sOutput.replace(/\b(www\.[\w+\.\:\/\@\_\?\=\&\-\'\#\%\~\;\,\$\!\+\*]+)/gi,
			"<a href=\"http://$1\" target=\"_blank\">$1<\/a>");
	} else if (iType == 4) {
		sOutput = sOutput.replace(/\b([\w+\-\'\#\%\.\_\,\$\!\+\*]+@[\w+\.?\-\'\#\%\~\_\.\;\,\$\!\+\*]+\.[\w+\.?\-\'\#\%\~\_\.\;\,\$\!\+\*]+)/gi,
			"<a href=\"mailto\:$1\">$1<\/a>");
	} else if (iType == 5) {
		sOutput = sOutput.replace(/\b(ftp\:\/\/[\w+\.]+[\w+\.\:\/\@\_\?\=\&\-\'\#\%\~\;\,\$\!\+\*]+)/gi,
			"<a href=\"$1\" target=\"_blank\">$1<\/a>");
	} else if (iType == 6) {
		sOutput = sOutput.replace(/\b(file\:\/\/\/[\w+\:\/\\]+[\w+\/\w+\.\:\/\\\@\_\?\=\&\-\'\#\%\~\;\,\$\!\+\*]+)/gi,
		  	"<a href=\"$1\" target=\"_blank\">$1<\/a>");
	}

	return sOutput;
}
</script>




<
8   L A T E S T    R E P L I E S    (Newest First)
HuwR Posted - 24 April 2008 : 05:41:01
quote:
Originally posted by SiSL

Yeah, I considered that type of URL's, so I picked whichever used most. As I said, this is only for different locales that uses URL's such as in my language. If users want to post such rare URL's, they are always welcomed to use [url] [/url] tags :)


fair enough just as long as you are aware of possible consequences that is fine.<
SiSL Posted - 24 April 2008 : 05:34:53
Yeah, I considered that type of URL's, so I picked whichever used most. As I said, this is only for different locales that uses URL's such as in my language. If users want to post such rare URL's, they are always welcomed to use [url] [/url] tags :)<
HuwR Posted - 24 April 2008 : 05:30:09
the problem will be if someone tries to post a valid url like http://www.judibari.org/jury's_message.html in any language forum that url will still be http://www.judibari.org/jury's_message.html but if you remove the \' from the regex it will no longer parse as a valid url<
SiSL Posted - 24 April 2008 : 05:18:50
Exactly HuwR;

Considering usage of URL's in my language, like " http://forum.snitz.com'a bakabilirsin" means "you can look to http://forum.snitz.com " , sacrificing number of really very limited URL's (which I never meet with test.com/isn't/it type of url's really) with "Apostrophe" in them... as examples 'de, 'da = at in English, 'a, 'e = to, 'den, 'dan = from

So with removing this \' in these regex's, I basically get safety of 99.9% of URL's covered, instead of 60% of them in my language usage... On the other hand, I considered safety measurements with this character, however, I failed to see it effecting any safety problems, since it is basically replacing a text that is ready to be given to user, not input from them...

<
HuwR Posted - 23 April 2008 : 07:05:59
as far as I know a single quote isn't a character that is valid in any language in a url, and simply removing it from the regexp is not an effective solution as it could have other security related issues which need to be considered

it is valid, but not in the domain name itself, only in the path, removing the \' from the edit_hrefs function will cause valid urls containing the ' to be incorrectly parsed by the forum code, so for example having www.test.com/isn't/it would not parse it would remove the 't/it from the URL and become www.test.com/isn<
Shaggy Posted - 23 April 2008 : 06:54:37
See here, Huw.

<
HuwR Posted - 23 April 2008 : 06:50:39
not sure exactly what you are saying is wrong. do you have somewhere we can see an example ?<
blackinwhite Posted - 23 April 2008 : 04:08:02
thanks for the tip<

Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.07 seconds. Powered By: Snitz Forums 2000 Version 3.4.07