• 0

Dynamic Signatures

Asked by TimRogers,

 Share

Question

Grand Master

TimRogers

Posted
Posted (edited)

How would I make a signature that allows users to put a piece of text into my signature? I know you can use PHP, but I don't have the slightest clue about PHP

(Apart from Cutenews stuff)

Could someone make me a saple signature, very plain, and show me how to allow users to imput text into it thru my website?

Edited by TimRogers
Link to comment
https://www.neowin.net/forum/topic/301987-dynamic-signatures/
Share on other sites

184 answers to this question

Recommended Posts

  • 0
Grand Master

blackice912 Veteran

Posted
  • Veteran
Posted
Removed my sig thanks to some kid who kept writing f**k over and over again. I guess totally dynamic sigs are a bad idea. I'm thinking the "select a quote" option to be a better idea now.

585804636[/snapback]

From a Neowin rules point of view, these "type anything into my sig" signatures are a liability to users who use them, as those users are responsible for their signatures and can/will get in trouble if there is offensive content in the signature that breaks Neowin Community Rules.

I'd highly suggest people only use the "select a line/quote" type of signatures if they want to be safe.

  • 0
Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
it's been banned, see announcement!

No more Dynamic Sigs!

585881560[/snapback]

More properly stated: no more sigs that allow users to type in anything they want to be displayed. Too easy to violate Neowin's rules with a wide-open text entry system like that.

  • 0
Grand Master

markwolfe Veteran

Posted
  • Veteran
Posted
or you could add a word filter to your script :)

585881665[/snapback]

Word filters are rarely complete enough, and too easily bypassed (spaces or other tricks). I had to remove one today that some immature user posted using a circumvention.

Dynamic sigs that allow others to freely enter text for your sigs are no longer allowed. Period.

  • 0
Collaborator

Sphinx Myth

Posted
Posted
That is exactly what it prevents users from doing. 

Put this in the page that has the form on it (which in this case would be a drop down list)

<?php
session_start();
$_SESSION['Key'] = "Some Big Unknown Key....blablablalba";
?>

and put this on the page that updates your data file

<?php
session_start();
if ($_SESSION['Key'] == "Same as they key you defined in the first file") {
//Your Code Here
$_SESSION['Key'] = "NONE";
}
else
Echo ("Thanks for trying to hack my sig.  Go get a life.");
?>

The user will see the Thanks for trying to hack my sig message if they try to POST the data form another page.

Hope that helps ;)

585810171[/snapback]

That's not a good idea because it's just as unsafe as before.

If you go first on the form, the session key is registered. Then, you can hack from another page without any problem...

Your protection works only if the hack is done immediately.

  • 0
Grand Master

Sir Topham Hatt

Posted
Posted (edited)

Mine currently has a flaw.

Someone enjoys changing it immaturely to sexual things although I dont know how :(

I shall post it all in a Zip file later, although I am away from my computer for the next 48 hours or so.

I hate immature people!

Okay, so the person has put the following:

"I really ought to validate user input on my sig changer"

Any idea's?

I guess its someone from here. For now though, nobody is changing it anymore, it'll stay with what i put it as. :angry:

Edited by TheTrainMan
  • 0
Contributor

quiet_lurker

Posted
Posted 
<?php
$my_sigs = array(  "Someone ought to write me a new sig generator!",
    "This space for rent.",
    "Got l33t?",
    "How's my driving? Call 1-800-223-1221, Ref. 223212");

if(!isset($_POST['submit'])){
?>

print some junk here for your form

<select name="new_sig">
<?php
	for($i = 0; $i < count($my_sigs); $i++){
  print '<option value="$i">$my_sig[$i]</option>';
	}
?>
</select>

do the rest of your form junk here

<?php
//The form was submitted, brings us here
}else{
	if(is_numeric($_POST['new_sig']) && $_POST['new_sig'] < count($my_sigs)){
  //print out the new text to the image here
  print_to_image($my_sigs[$_POST['new_sig']);
	}else{
  header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']); //Monkey business, send them back to page
	}
}
?>

  • 0
Contributor

quiet_lurker

Posted
Posted
....

Okay, so the person has put the following:

"I really ought to validate user input on my sig changer"

Any idea's?

I guess its someone from here. For now though, nobody is changing it anymore, it'll stay with what i put it as.  :angry:

Your script currently has no user input validation, that means someone could save the result of your PHP script locally (HTML file), edit the form to submit to the full URL of your script, edit the option values to be whatever they want, and submit the new edited responses. See above post for an idea on how to remedy that.

  • 0
Grand Master

j.r.l.

Posted
Posted
You can POST/GET variables to a php script simply by adding ?variable=whatever to the end of the script. Perhaps this person is exploiting that fact.

585913629[/snapback]

GET only... or query string...

Anyways, you could make a form which stores select options in an array then when user X submits the form with "W00t! This is so 1337!!", then "W00t! This is so 1337!!" get's written to message.txt using file_put_contents or fopen/fwrite... Then the GD script would file_get_contents the message.txt file ;)

My sig uses a text file to generate it's content.. and a small filter of mine

  • 0
Grand Master

Sir Topham Hatt

Posted
Posted
please read this.. im sure its already posted, but this thread is really long.. i dont feel like searching.

it is banned on neowin

585915275[/snapback]

Read again. Sigs that allow users to put in any old test are banned. Ones that have a choice of pre-defined ones are fine.

WOW - code but no explanation? Yes, I see the explanation in the file, but that loosk like a brand new script, NOT building into the script I have? I don't really understand it either - I am NOT php fluent :cry:.

I only just got that sig version online and able to work and now that above seems to be a single file that can do it all instead of the four or five i have?

I don't want to start again because it'll put me right back to the beginning again. Is there not a simple few lines of code that I can include to make sure that it's been submitted from my server rather than locally?

Then again, is it really worth it?

  • 0
Contributor

quiet_lurker

Posted
Posted

Right now your forum sig is still pointed to the old image, otherwise it would show the changes in the thread...

On your sig change page, it looks like sometimes the image gets cached. You might be able to fix this by changing line 36 of index.php to:

  <td><img src="sig.png?<? echo time(); ?>" border="0"></td>

This may force the browser to update the image everytime...

  • 0
Grand Master

j.r.l.

Posted
Posted
Right now your forum sig is still pointed to the old image, otherwise it would show the changes in the thread...

On your sig change page, it looks like sometimes the image gets cached. You might be able to fix this by changing line 36 of index.php to:

 ?<td><img src="sig.png?<? echo time(); ?>" border="0"></td>

This may force the browser to update the image everytime...

585932757[/snapback]

or header("Cache-control: no-cache"); should work as well

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Apple raises MacBook and iPad prices as memory costs surge

      By Karthik Mudaliar · Posted

      Apple raises MacBook and iPad prices as memory costs surge by Karthik Mudaliar Apple has raised the U.S. prices of several MacBook and iPad models, including the MacBook Neo, which it launched for $599 less than four months ago. The company’s cheapest laptop now starts at $699, while some MacBook Pro configurations have increased by $300. The changes affect the MacBook Neo, MacBook Air, MacBook Pro, iPad Air, and iPad Pro. Apple has not changed the hardware or storage included with these models, so customers are simply paying more for the same configurations. Here is how the new US pricing compares with the previous starting prices: Product Previous price New price Increase MacBook Neo $599 $699 $100 13-inch MacBook Air, 512GB $1,099 $1,299 $200 14-inch MacBook Pro, 1TB $1,699 $1,999 $300 16-inch MacBook Pro $2,699 $2,999 $300 11-inch iPad Air, 128GB $599 $749 $150 13-inch iPad Air, 128GB $799 $949 $150 11-inch iPad Pro, 256GB $999 $1,199 $200 13-inch iPad Pro, 256GB $1,299 $1,499 $200 The updated prices are already appearing on Apple’s U.S. online store. The MacBook Neo increase will probably attract the most attention. Apple introduced the laptop in March for $599, pitching it as a more affordable Mac for students and buyers considering Windows laptops or Chromebooks. It uses an A18 Pro processor and originally undercut Dell’s new $699 XPS 13 by $100. Following the increase, the two laptops now have the same starting price. The M5 MacBook Air has also lost the price Apple promoted when it launched in March. The 13-inch model arrived with 512GB of storage for $1,099, while Apple’s store now lists the MacBook Air range as starting at $1,299. The 14-inch MacBook Pro with an M5 chip and 1TB of storage has gone from $1,699 to $1,999. Apple has made similar changes to its iPads. The recently released M4 iPad Air, which launched at the same $599 starting price as its predecessor, now starts at $749 for the 11-inch version. The 13-inch version has risen from $799 to $949. The iPad Pro increases are larger in dollar terms. Apple’s 11-inch M5 iPad Pro now starts at $1,199, up from $999, while the 13-inch version has moved from $1,299 to $1,499. Both base models still include 256GB of storage. Apple blamed the increases on the rapidly rising cost of DRAM and NAND flash, which provide system memory and device storage. The company told Reuters that it had tried to shield customers from the increases but could no longer absorb them. “We have never seen a component price increase this much, this quickly,” Apple said. Tim Cook had already warned that price increases were coming. Cook said Apple’s existing component inventory had softened the immediate impact, but that higher memory costs would increasingly affect the company after the June quarter. Much of the pressure comes from the construction of AI data centers. Memory manufacturers are directing more production toward high-margin server products, leaving PC, tablet, and smartphone makers competing for the remaining supply. Apple has not said whether the new prices are temporary or whether further increases are planned. For now, the changes show that even Apple’s purchasing power has not been enough to keep the AI-driven memory shortage away from consumer devices.
    • Ventoy 1.1.16

      By Copernic · Posted

      Ventoy 1.1.16 is out.
    • This Chinese company is reportedly developing a feature Apple and Samsung can only dream of

      By Mateus · Posted

      This is a none story - these low volume Chinese models will always get new experimental features first because Apple and Samsung can't produce them in huge volume to meet demand.
    • Nvidia GeForce NOW gains support for Dark Scrolls, Empulse, and more

      By LoneWolfSL · Posted

      Nvidia GeForce NOW gains support for Dark Scrolls, Empulse, and more by Pulasthi Ariyasinghe The final update of June for Nvidia's cloud gaming service GeForce NOW is now available, and it is touting support for six more games. The company is also drawing subscriber attention towards the summer sales kicking off across stores, so they can stock up on more cloud-supported titles. Of course, the Steam Summer Sale is the biggest promotion, which is kicking off later today. "Supported Steam games can be streamed across devices with GeForce NOW, making it easy to buy a game once, keep progress synced and pick up where the gameplay left off on PCs, Macs, handheld devices, phones, TVs and more," says the company. "In other words, the Steam Summer Sale brings the deals; GeForce NOW adds the flexibility." Don't forget that the GeForce NOW summer sale is still active as well. This limited-time offer drops the 12-month Performance membership from $99.99 to $64.99, saving members $35. At the same time, the 12-month Ultimate membership is currently going for $129.99, dropping the price by $70 from the original $199.99. Here are the games joining GeForce NOW's supported list this week: Dark Scrolls (New release on Steam, available June 22) SAND: Raiders of Sophie (New release on Steam, available June 22) Deer & Boy (New release on Steam, available June 23) EMPULSE (New release on Steam, available June 24) The Adventures of Elliot: The Millennium Tales (Steam) FATAL FURY: City of the Wolves (Steam) With the June expansions coming to an end, Nvidia should be announcing its July GeForce NOW plans next week. Keep in mind that, unlike subscription services like Game Pass or EA Play, a copy of a game must be owned by the GeForce NOW member (or at least have a license via PC Game Pass) to start playing via Nvidia's cloud servers. There is also a limit to how many hours subscribers can use the service per month.
    • Davinci Resolve 21.0.1

      By Copernic · Posted

      Davinci Resolve 21.0.1 by Razvan Serea DaVinci Resolve is the world’s only solution that combines editing, color correction, visual effects, motion graphics and audio post production all in one software tool! Its elegant, modern interface is fast to learn and easy for new users, yet powerful for professionals. DaVinci Resolve lets you work faster and at a higher quality because you don’t have to learn multiple apps or switch software for different tasks. That means you can work with camera original quality images throughout the entire process. It’s like having your own post production studio in a single app! Best of all, by learning DaVinci Resolve, you’re learning how to use the exact same tools used by Hollywood professionals! DaVinci Resolve is the only post production software designed for true collaboration. Multiple editors, assistants, colorists, VFX artists and sound designers can all work on the same project at the same time! Whether you’re an individual artist, or part of a larger collaborative team, it’s easy to see why DaVinci Resolve is the standard for high end post production and is used for finishing more Hollywood feature films, episodic television programing and TV commercials than any other software. Davinci Resolve 21.0.1 release notes: Addressed multiple DNG and Apple ProRAW color issues. Addressed issue with automatic smart bins after deleting keywords. Addressed issue with multiple linked audio in media management. Addressed multiple Resolve FX issues in photo page. Addressed issue with key shortcut to switch viewer in photo page. More consistent creation of new photo albums. Addressed color thumbnail refresh for photo transform indicator. Transcription now honors project settings language. Improved face recognition in IntelliSearch. Addressed exported bins not retaining generator and title properties. Addressed ease control display and sensitivity issues. Addressed keyframe issue when copying clips with Fusion effects. Addressed keyframe refresh for Fusion effects in the edit page. Addressed issue with 3D renders in Linux with non-English locales. Addressed Fusion viewer color issue for some RCM settings. Addressed issue with saturation limits in Fusion gradient controls. Addressed Fusion display issues with dual screen layouts. Addressed issue with non-English character inputs in Linux. Disabling MultiMaster now disables trim blanking controls. Addressed crash in some scenarios with CineFocus. Addressed lag when toggling bypass grades and Fusion effects. Addressed occasional issue with Fairlight loudness meters. Addressed data burn display of good take tag in upgraded projects. Addressed project manager scroll lag for large project libraries. Support for Sony Alpha 7R VI ARW RAW stills. Support for decoding Affinity RGB 16-bit formats. Addressed a color issue with MainConcept H.265 HDR renders. Addressed a color issue with Windows native H.265 HDR renders. RemoveMotionBlur API now uses correct encode parameters. Addressed character limit consistency in GenerateSpeech API. General performance and stability improvements. Download page: Davinci Resolve 21.0.1 | 3300 MB (Free, paid upgrade available) Links: DaVinci Resolve Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • First Post
      kinowa earned a badge
      First Post
    • Rookie
      krychek57 went up a rank
      Rookie
    • Grand Master
      Jaybonaut went up a rank
      Grand Master
    • One Year In
      Philsl earned a badge
      One Year In
    • Dedicated
      Scoobystu earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      463
    2. 2
      +Edouard
      171
    3. 3
      PsYcHoKiLLa
      134
    4. 4
      Michael Scrip
      77
    5. 5
      Xenon
      77
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!