This only applies to v3.3.03, if you are using an older version, the fix is to upgrade to v3.3.03 and then use the fix below
Or, a quick fix is to just turn off the ability for your users to post images.
Everyone needs to replace the Function ReplaceImageTags(fString) in their inc_functions.asp file with the one below:
Function ReplaceImageTags(fString)
Dim oTag, cTag
Dim roTag, rcTag
Dim oTagPos, cTagPos
Dim nTagPos
Dim counter1, counter2
Dim strUrlText
Dim Tagcount
Dim strTempString, strResultString
TagCount = 7
Dim ImgTags(7,2,2)
Dim strArray, strArray2
ImgTags(1,1,1) = "[img]"
ImgTags(1,2,1) = "[/img]"
ImgTags(1,1,2) = "<img src="""
ImgTags(1,2,2) = """ border=0>"
ImgTags(2,1,1) = "[IMG]"
ImgTags(2,2,1) = "[/IMG]"
ImgTags(2,1,2) = ImgTags(1,1,2)
ImgTags(2,2,2) = ImgTags(1,2,2)
ImgTags(3,1,1) = "[image]"
ImgTags(3,2,1) = "[/image]"
ImgTags(3,1,2) = ImgTags(1,1,2)
ImgTags(3,2,2) = ImgTags(1,2,2)
ImgTags(4,1,1) = "[img=right]"
ImgTags(4,2,1) = "[/img=right]"
ImgTags(4,1,2) = "<img align=right src="""
ImgTags(4,2,2) = """ id=right border=0>"
ImgTags(5,1,1) = "[image=right]"
ImgTags(5,2,1) = "[/image=right]"
ImgTags(5,1,2) = ImgTags(4,1,2)
ImgTags(5,2,2) = ImgTags(4,2,2)
ImgTags(6,1,1) = "[img=left]"
ImgTags(6,2,1) = "[/img=left]"
ImgTags(6,1,2) = "<img align=left src="""
ImgTags(6,2,2) = """ id=left border=0>"
ImgTags(7,1,1) = "[image=left]"
ImgTags(7,2,1) = "[/image=left]"
ImgTags(7,1,2) = ImgTags(6,1,2)
ImgTags(7,2,2) = ImgTags(6,2,2)
strResultString = ""
strTempString = fString
for counter1 = 1 to TagCount
oTag = ImgTags(counter1,1,1)
roTag = ImgTags(counter1,1,2)
cTag = ImgTags(counter1,2,1)
rcTag = ImgTags(counter1,2,2)
oTagPos = InStr(1, strTempString, oTag, 1)
cTagPos = InStr(1, strTempString, cTag, 1)
if (oTagpos > 0) and (cTagPos > 0) then
strArray = Split(strTempString, oTag, -1)
for counter2 = 0 to Ubound(strArray)
if (Instr(1, strArray(counter2), cTag) > 0) then
strArray2 = split(strArray(counter2), cTag, -1)
strUrlText = strArray2(0)
strUrlText = replace(strUrlText, """", " ") ' ## filter out "
'## Added to exclude Javascript and other potentially hazardous characters
strUrlText = replace(strUrlText, "&", " ", 1, -1, 1) ' ## filter out &
strUrlText = replace(strUrlText, "#", " ", 1, -1, 1) ' ## filter out #
strUrlText = replace(strUrlText, ";", " ", 1, -1, 1) ' ## filter out ;
strUrlText = replace(strUrlText, "+", " ", 1, -1, 1) ' ## filter out +
strUrlText = replace(strUrlText, "(", " ", 1, -1, 1) ' ## filter out (
strUrlText = replace(strUrlText, ")", " ", 1, -1, 1) ' ## filter out )
strUrlText = replace(strUrlText, "[", " ", 1, -1, 1) ' ## filter out [
strUrlText = replace(strUrlText, "]", " ", 1, -1, 1) ' ## filter out ]
strUrlText = replace(strUrlText, "=", " ", 1, -1, 1) ' ## filter out =
strUrlText = replace(strUrlText, "*", " ", 1, -1, 1) ' ## filter out *
strUrlText = replace(strUrlText, "'", " ", 1, -1, 1) ' ## filter out '
strUrlText = replace(strUrlText, "javascript", " ", 1, -1, 1) ' ## filter out javascript
strUrlText = replace(strUrlText, "jscript", " ", 1, -1, 1) ' ## filter out jscript
strUrlText = replace(strUrlText, "vbscript", " ", 1, -1, 1) ' ## filter out vbscript
strUrlText = replace(strUrlText, "mailto", " ", 1, -1, 1) ' ## filter out mailto
'## End Added
strUrlText = replace(strUrlText, "<", " ") ' ## filter out <
strUrlText = replace(strUrlText, ">", " ") ' ## filter out >
strResultString = strResultString & roTag & strUrlText & rcTag & strArray2(1)
else
strResultString = strResultString & strArray(counter2)
end if
next
strTempString = strResultString
strResultString = ""
end if
next
ReplaceImageTags = strTempString
end function
Topic Locked
Posted - 27 February 2002 : 22:38:48
