• 0

Dynamic Signatures

Asked by TimRogers,

 Share

Question

Grand Master

TimRogers

Posted
Posted (edited)

How would I make a signature that allows users to put a piece of text into my signature? I know you can use PHP, but I don't have the slightest clue about PHP

(Apart from Cutenews stuff)

Could someone make me a saple signature, very plain, and show me how to allow users to imput text into it thru my website?

Edited by TimRogers
Link to comment
https://www.neowin.net/forum/topic/301987-dynamic-signatures/
Share on other sites

184 answers to this question

Recommended Posts

  • 0
Grand Master

blackice912 Veteran

Posted
  • Veteran
Posted
Removed my sig thanks to some kid who kept writing f**k over and over again. I guess totally dynamic sigs are a bad idea. I'm thinking the "select a quote" option to be a better idea now.

585804636[/snapback]

From a Neowin rules point of view, these "type anything into my sig" signatures are a liability to users who use them, as those users are responsible for their signatures and can/will get in trouble if there is offensive content in the signature that breaks Neowin Community Rules.

I'd highly suggest people only use the "select a line/quote" type of signatures if they want to be safe.

  • 0
Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
it's been banned, see announcement!

No more Dynamic Sigs!

585881560[/snapback]

More properly stated: no more sigs that allow users to type in anything they want to be displayed. Too easy to violate Neowin's rules with a wide-open text entry system like that.

  • 0
Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
or you could add a word filter to your script :)

585881665[/snapback]

Word filters are rarely complete enough, and too easily bypassed (spaces or other tricks). I had to remove one today that some immature user posted using a circumvention.

Dynamic sigs that allow others to freely enter text for your sigs are no longer allowed. Period.

  • 0
Collaborator

Sphinx Myth

Posted
Posted
That is exactly what it prevents users from doing. 

Put this in the page that has the form on it (which in this case would be a drop down list)

<?php
session_start();
$_SESSION['Key'] = "Some Big Unknown Key....blablablalba";
?>

and put this on the page that updates your data file

<?php
session_start();
if ($_SESSION['Key'] == "Same as they key you defined in the first file") {
//Your Code Here
$_SESSION['Key'] = "NONE";
}
else
Echo ("Thanks for trying to hack my sig.  Go get a life.");
?>

The user will see the Thanks for trying to hack my sig message if they try to POST the data form another page.

Hope that helps ;)

585810171[/snapback]

That's not a good idea because it's just as unsafe as before.

If you go first on the form, the session key is registered. Then, you can hack from another page without any problem...

Your protection works only if the hack is done immediately.

  • 0
Grand Master

Sir Topham Hatt

Posted
Posted (edited)

Mine currently has a flaw.

Someone enjoys changing it immaturely to sexual things although I dont know how :(

I shall post it all in a Zip file later, although I am away from my computer for the next 48 hours or so.

I hate immature people!

Okay, so the person has put the following:

"I really ought to validate user input on my sig changer"

Any idea's?

I guess its someone from here. For now though, nobody is changing it anymore, it'll stay with what i put it as. :angry:

Edited by TheTrainMan
  • 0
Contributor

quiet_lurker

Posted
Posted 
<?php
$my_sigs = array(  "Someone ought to write me a new sig generator!",
    "This space for rent.",
    "Got l33t?",
    "How's my driving? Call 1-800-223-1221, Ref. 223212");

if(!isset($_POST['submit'])){
?>

print some junk here for your form

<select name="new_sig">
<?php
	for($i = 0; $i < count($my_sigs); $i++){
  print '<option value="$i">$my_sig[$i]</option>';
	}
?>
</select>

do the rest of your form junk here

<?php
//The form was submitted, brings us here
}else{
	if(is_numeric($_POST['new_sig']) && $_POST['new_sig'] < count($my_sigs)){
  //print out the new text to the image here
  print_to_image($my_sigs[$_POST['new_sig']);
	}else{
  header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']); //Monkey business, send them back to page
	}
}
?>

  • 0
Contributor

quiet_lurker

Posted
Posted
....

Okay, so the person has put the following:

"I really ought to validate user input on my sig changer"

Any idea's?

I guess its someone from here. For now though, nobody is changing it anymore, it'll stay with what i put it as.  :angry:

Your script currently has no user input validation, that means someone could save the result of your PHP script locally (HTML file), edit the form to submit to the full URL of your script, edit the option values to be whatever they want, and submit the new edited responses. See above post for an idea on how to remedy that.

  • 0
Grand Master

j.r.l.

Posted
Posted
You can POST/GET variables to a php script simply by adding ?variable=whatever to the end of the script. Perhaps this person is exploiting that fact.

585913629[/snapback]

GET only... or query string...

Anyways, you could make a form which stores select options in an array then when user X submits the form with "W00t! This is so 1337!!", then "W00t! This is so 1337!!" get's written to message.txt using file_put_contents or fopen/fwrite... Then the GD script would file_get_contents the message.txt file ;)

My sig uses a text file to generate it's content.. and a small filter of mine

  • 0
Grand Master

Sir Topham Hatt

Posted
Posted
please read this.. im sure its already posted, but this thread is really long.. i dont feel like searching.

it is banned on neowin

585915275[/snapback]

Read again. Sigs that allow users to put in any old test are banned. Ones that have a choice of pre-defined ones are fine.

WOW - code but no explanation? Yes, I see the explanation in the file, but that loosk like a brand new script, NOT building into the script I have? I don't really understand it either - I am NOT php fluent :cry:.

I only just got that sig version online and able to work and now that above seems to be a single file that can do it all instead of the four or five i have?

I don't want to start again because it'll put me right back to the beginning again. Is there not a simple few lines of code that I can include to make sure that it's been submitted from my server rather than locally?

Then again, is it really worth it?

  • 0
Contributor

quiet_lurker

Posted
Posted

Right now your forum sig is still pointed to the old image, otherwise it would show the changes in the thread...

On your sig change page, it looks like sometimes the image gets cached. You might be able to fix this by changing line 36 of index.php to:

  <td><img src="sig.png?<? echo time(); ?>" border="0"></td>

This may force the browser to update the image everytime...

  • 0
Grand Master

j.r.l.

Posted
Posted
Right now your forum sig is still pointed to the old image, otherwise it would show the changes in the thread...

On your sig change page, it looks like sometimes the image gets cached. You might be able to fix this by changing line 36 of index.php to:

 ?<td><img src="sig.png?<? echo time(); ?>" border="0"></td>

This may force the browser to update the image everytime...

585932757[/snapback]

or header("Cache-control: no-cache"); should work as well

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Amazon Prime Day slashes Samsung's newest Galaxy Watch Ultra by 45 percent

      By Karthik Mudaliar · Posted

      Amazon Prime Day slashes Samsung's newest Galaxy Watch Ultra by 45 percent by Karthik Mudaliar Samsung’s flagship Android smartwatch has received one of its steepest Prime Day cuts. Amazon has dropped the 2025 Samsung Galaxy Watch Ultra in Titanium Blue to $357.24, saving buyers around $292 from its $649.99 list price. That's a 45 percent discount (purchase link below). The 47mm Galaxy Watch Ultra uses a titanium casing and a 1.5-inch Super AMOLED display with a resolution of 480 x 480 and peak brightness of 3,000 nits. It includes LTE connectivity, Bluetooth 5.3, Wi-Fi, NFC, and dual-frequency L1+L5 GPS for more accurate outdoor route tracking. The 2025 model has 64GB of storage, a 590mAh battery, sapphire crystal glass, 10ATM water resistance, IP68 protection, and MIL-STD-810H durability testing. Its health and fitness tools include heart rate monitoring, sleep coaching, Energy Score, Running Coach, body composition analysis, temperature sensing, and ECG support, where available. This model is best suited to Android users who regularly run, hike, cycle, or train outdoors and want cellular access without carrying a phone. The larger battery, rugged construction, bright display, and dedicated Quick Button also make it a stronger option than Samsung’s regular Galaxy Watch models for extended workouts and demanding environments. Grab the Titanium Blue Galaxy Watch Ultra before the Prime Day price resets: Samsung Galaxy Watch Ultra (2025) [Sold and Shipped by Amazon] Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.
    • Google begins rolling out its post-Epic Play Store billing model next week

      By Karthik Mudaliar · Posted

      Google begins rolling out its post-Epic Play Store billing model next week by Karthik Mudaliar Google has confirmed that its redesigned Play Store billing and fee structure will take effect on June 30, 2026, in the United States, the United Kingdom, and the European Economic Area. The changes will let eligible developers offer their own payment systems or send users to an external website for purchases, while separating Google’s platform service fee from the cost of using Google Play Billing. The rollout puts concrete dates and detailed rate cards behind the broader Android policy overhaul Google announced in March. That announcement followed a proposed settlement with Epic Games intended to resolve their long-running disputes over app distribution and payments, although the U.S. portion of the agreement still requires court approval. Under the new billing choice program, developers selling digital content or services can display an alternative payment option alongside Google Play Billing. They may also direct users to their own websites to complete a purchase. Developers can use Google’s standard payment-choice screen or design one that complies with the company’s user-interface rules. Choosing another payment processor does not eliminate Google’s cut altogether. The company will continue charging a service fee for transactions associated with apps distributed through Google Play, regardless of whether payment is handled by Google, an alternative provider, or a developer’s website. Google argues that this fee covers the value and infrastructure provided by Android and the Play Store. For developers earning up to $1 million annually, the service fee will generally be 10 percent. That rate also applies to auto-renewing subscriptions. When Google Play Billing is used in the U.S., U.K., or EEA, Google will add a separate 5 percent billing fee, and developers processing payments elsewhere will not pay that additional charge. This means Google’s familiar flat 30 percent commission is disappearing, but developers will not necessarily see a dramatic reduction on every transaction. An in-app purchase from an existing user processed through Google Play Billing can still reach a combined 30 percent. The biggest savings are likely to come from subscriptions, smaller developers covered by the $1 million tier, and companies able to move customers to their own payment infrastructure. Google is also offering lower rates through its Apps Experience and revamped Games Level Up programs. Apps and games that satisfy the company’s requirements can qualify for 15 percent service fees on new-install transactions and 20 percent on existing-install transactions. The criteria include performance and reliability standards, support for additional Android device categories, and selected platform features. Those program rates are scheduled to become available in the initial markets and Australia on September 30. For consumers, the immediate effect will depend on whether developers adopt alternative payments and pass any savings on through lower prices. For developers, however, June 30 begins a more flexible but considerably more complicated Play Store economy in which distribution, billing, install dates, revenue thresholds, and program participation can each affect Google’s final cut. Google is also separately developing a Registered App Stores program designed to simplify the installation of qualifying third-party stores. That initiative is expected to arrive with a major Android release later in 2026 and will launch outside the U.S. first. Google says the rest of the world will receive the changes by September 30, 2027, although billing rates for markets outside the US, UK, and EEA have not yet been announced.
    • The official Funny Pictures thread

      By PsYcHoKiLLa · Posted

    • 1TB Samsung T9 and Samsung 9100 PRO SSDs are now selling at great prices

      By morpheus6969 · Posted

      38% off a super insane price is still an INSANE price.
    • 1TB Samsung T9 and Samsung 9100 PRO SSDs are now selling at great prices

      By Fiza Ali · Posted

      1TB Samsung T9 and Samsung 9100 PRO SSDs are now selling at great prices by Fiza Ali Amazon is now offering the 1TB variant of Samsung T9 and Samsung 9100 PRO SSD at great prices with limited-time 38% and 39% discounts, respectively, so you may want to check them out if you have been looking to upgrade your storage solution. The Samsung T9 connects via a USB 3.2 Gen 2x2 (20Gbps) interface and delivers sequential read speeds of up to 2,000MB/s and sequential write speeds of up to 1,950MB/s, making it suitable for transferring large files, backing up data, and handling high-resolution media content. When it comes to the security features, the SSD includes AES 256-bit hardware encryption to help protect sensitive data. Designed for portability, the drive is reportedly resistant to drops from heights of up to 3 metres. Furthermore, it operates within a temperature range of 0°C to 60°C and can be stored at temperatures between -40°C and 85°C. Samsung Magician Software is included for drive management, firmware updates, performance optimisation, and health monitoring. Finally, the T9 is certified to multiple international standards, including CE, FCC, UL, UKCA, and RoHS 2 compliance, and is backed by a five-year limited warranty as well. 1TB Samsung T9 SSD: $179.99 (Amazon US) - 38% off The Samsung 9100 PRO uses the M.2 2280 form factor and connects through a PCIe 5.0 x4 interface with NVMe 2.0 support. Built with Samsung V-NAND TLC flash memory, an in-house controller, and 1GB of low-power DDR4X cache memory, the 9100 PRO is engineered for high-performance computing and gaming workloads. Furthermore, the SSD delivers sequential read speeds of up to 14,700MB/s and sequential write speeds of up to 13,300MB/s. Random performance is rated at up to 1,850,000 IOPS for reads and up to 2,600,000 IOPS for writes, depending on system hardware and configuration. The drive supports TRIM, S.M.A.R.T monitoring, automatic garbage collection, and device sleep mode to help maintain performance and efficiency over time. In terms of security features, it includes AES 256-bit encryption, TCG Opal support, and IEEE 1667 compliance. The 9100 PRO operates within a temperature range of 0°C to 70°C, is rated for 1.5 million hours MTBF, and can reportedly withstand shocks of up to 1,500G for 0.5 milliseconds. Finally, Samsung Magician Software is also included for firmware updates, performance monitoring, drive management, and optimisation. 1TB Samsung 9100 PRO SSD: $206.99 (Amazon US) - 39% off Alternatively, you can also check out other SSD deals here. Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.

  • Recent Achievements

    • Dedicated
      Scoobystu earned a badge
      Dedicated
    • First Post
      Tom Schmidt earned a badge
      First Post
    • One Month Later
      D0nn13 earned a badge
      One Month Later
    • Rookie
      +ChiefOfNeo went up a rank
      Rookie
    • One Year In
      Tom Schmidt earned a badge
      One Year In

  • Popular Contributors

    1. 1
      +primortal
      463
    2. 2
      +Edouard
      177
    3. 3
      PsYcHoKiLLa
      124
    4. 4
      Michael Scrip
      81
    5. 5
      Xenon
      76
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!