Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Are we allowed PHP generated banners?

Author
Message
Eddie B
19
Years of Service
User Offline
Joined: 10th Apr 2005
Location:
Posted: 28th Jul 2005 06:42 Edited at: 28th Jul 2005 06:42
Link
I see Jeku has one, And I have been wondering if we where allowed...?
I understand if we where allowed rich would have to check it first.

http://graphics-monkey.co.uk/index.php?p=projects
Back to top
Profile PM Email
DBAlex
20
Years of Service
User Offline
Joined: 4th Oct 2004
Location: United Kingdom
Posted: 28th Jul 2005 07:48
Link
Yes they are allowed...

Ive seen a few people with them.

And what would be the problem with them anyway?


AMD 64 3000 + 512mb RAM + 80GB HD + Radeon 9600se 128mb
http://www.dbastudios.cjb.net
Back to top
Profile PM
Eddie B
19
Years of Service
User Offline
Joined: 10th Apr 2005
Location:
Posted: 28th Jul 2005 07:53
Link
Just didnt know, That was all.

http://graphics-monkey.co.uk/index.php?p=projects
Back to top
Profile PM Email
Richard Davey
Retired Moderator
22
Years of Service
User Offline
Joined: 30th Apr 2002
Location: On the Jupiter Probe
Posted: 28th Jul 2005 08:22
Link
I don't need to check it - your banner could only ever output an image, nothing else, so it's no security risk.

A great many people think they are thinking when they are really rearranging their prejudices.
Back to top
Profile PM Email Website
Jeku
Moderator
21
Years of Service
User Offline
Joined: 4th Jul 2003
Location: Vancouver, British Columbia, Canada
Posted: 28th Jul 2005 08:32
Link
I just did one for a test---- will probably remove it soon. It would be neat to have a rotating banner or something. Should be easy to create


My "everyone else has one so why can't I?" blog: http://www.jeku.com/blog/
Back to top
Profile PM Website
Merranvo
19
Years of Service
User Offline
Joined: 24th May 2005
Location: That ^ is a Orange
Posted: 28th Jul 2005 11:55
Link
the question is, how do you know that the PHP only is a banner?

I mean you could use it to grab data if you have it set up right, but then again, what would you grab? Rants of little children?

Blasting, Shooting, and Maiming. Aspects of Modern Gamming.
Back to top
Profile PM
Dgamer
22
Years of Service
User Offline
Joined: 30th Sep 2002
Location:
Posted: 28th Jul 2005 12:18 Edited at: 28th Jul 2005 12:20
Link
Quote: " the question is, how do you know that the PHP only is a banner?

I mean you could use it to grab data if you have it set up right, but then again, what would you grab? Rants of little children?"


AFAIK These forums doesnt even allow basic HTML. The php code isn't actually in the post itself, its in an external site. All that ever gets to the post is the output image.

This sig has been dullified!
Back to top
Profile PM Email Website
Merranvo
19
Years of Service
User Offline
Joined: 24th May 2005
Location: That ^ is a Orange
Posted: 28th Jul 2005 12:30 Edited at: 28th Jul 2005 12:33
Link
Yeah... PHP generates the image, I would imagine that since it is sending info to you, that a person could use it as an adware dump, or attack forum users. It can be done (or so I would think), and all you need is one evil troll for it to happen.

And FYI, although a mod will quickly edit this, you CAN link the PHP's in that menubar to a image. IMGing PHP's doesn't just put out images, it RUNS them, it does EXACTLY what it says, even goes to another page and deletes cookies. That is why I refer to people who call PHP's as IMG's hackers, because you really aren't suppose to do it. And it can do other things besides post a image.

Blasting, Shooting, and Maiming. Aspects of Modern Gamming.
Back to top
Profile PM
Rob K
Retired Moderator
22
Years of Service
User Offline
Joined: 10th Sep 2002
Location: Surrey, United Kingdom
Posted: 28th Jul 2005 13:15 Edited at: 28th Jul 2005 13:16
Link
Quote: "And FYI, although a mod will quickly edit this, you CAN link the PHP's in that menubar to a image. IMGing PHP's doesn't just put out images, it RUNS them, it does EXACTLY what it says, even goes to another page and deletes cookies. That is why I refer to people who call PHP's as IMG's hackers, because you really aren't suppose to do it. And it can do other things besides post a image."


I think that is somewhat naive. Scripts can only read, change or remove cookies which were set by other scripts on the same site. You cannot for example, write a script to steal a user's PayPal login details etc.

The only questionable activity that could be performed is to find out the IP address of computers accessing that image.

As far as the browser is concerned, whether the <img> URL is that of a PHP script or that of a 'normal image' is irrelevant - it retrieves and processes the data in the same way. Users of this forum are therefore perfectly welcome to use PHP scripts to generate their banner images. Large banner images, evil animated GIFs or large flash animations are the only no-nos.


BlueGUI Windows Plugin
Back to top
Profile PM Email Website
TKF15H
21
Years of Service
User Offline
Joined: 20th Jul 2003
Location: Rio de Janeiro
Posted: 28th Jul 2005 13:17
Link
Quote: "IMGing PHP's doesn't just put out images, it RUNS them, it does EXACTLY what it says, even goes to another page and deletes cookies."

Runs them on the SERVER, it's not a client-side script, therefore it's safe.
Quote: "That is why I refer to people who call PHP's as IMG's hackers, because you really aren't suppose to do it."

Well Rich did it on the top of the forum... see the banner that changes all the time?

WarBasic Scripting engine for DarkBasicPro
DC emulator code size: 14.3MB, 553,214 lines
Back to top
Profile PM Email Website
Merranvo
19
Years of Service
User Offline
Joined: 24th May 2005
Location: That ^ is a Orange
Posted: 28th Jul 2005 13:29 Edited at: 28th Jul 2005 13:39
Link
that is a SWF...

REMOVED...
I posted something you could do that is bad, and invites trolls, so it was removed. Sorry if you're a troll and you saw it.

Blasting, Shooting, and Maiming. Aspects of Modern Gamming.
Back to top
Profile PM
Richard Davey
Retired Moderator
22
Years of Service
User Offline
Joined: 30th Apr 2002
Location: On the Jupiter Probe
Posted: 28th Jul 2005 18:19
Link
Quote: "IMGing PHP's doesn't just put out images, it RUNS them, it does EXACTLY what it says, even goes to another page and deletes cookies. That is why I refer to people who call PHP's as IMG's hackers, because you really aren't suppose to do it. And it can do other things besides post a image."


Enough already - there is *nothing* a PHP generated image can do other than log a few publically accessible stats (client IP, referrer (*IF GIVEN*), etc) - and output an image.

It CANNOT "delete cookies" set by this site. Hell cookies don't even work that way. It cannot embed JavaScript. It CANNOT target specific users, the image itself cannot log you out, redirect you, etc etc.

The only data a PHP script has access to about you is -exactly- the same data as you send every single time you requested a normal image from somewhere, no more, no less.

There is absolutely no "hacking" involved. The PHP never executes on this server (and it never will).

A great many people think they are thinking when they are really rearranging their prejudices.
Back to top
Profile PM Email Website
Merranvo
19
Years of Service
User Offline
Joined: 24th May 2005
Location: That ^ is a Orange
Posted: 30th Jul 2005 09:05
Link
Quote: "evil animated GIFs or large flash animations are the only no-nos."


Looks at Indi... (Indi ignores, Looks at Indi some more...)

Blasting, Shooting, and Maiming. Aspects of Modern Gamming.
Back to top
Profile PM
Back to top

Login to post a reply

Server time is: 2024-11-15 13:27:35
Your offset time is: 2024-11-15 13:27:35