• Register
    • Help

    striker  0 Items
    Currently Supporting
    • Home
    • News
    • Forum
    • Wiki
    • Support
      • Manage Subscriptions
      • FAQ
      • Support For
        • VaultWiki 4.x Series
        • VaultWiki.org Site
    • What's New?
    • Buy Now
    • Manual
    • 
    • Support
    • VaultWiki 4.x Series
    • Bug
    • img not showing in template

    1. Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

      VaultWiki allows your existing forum users to collaborate on creating and managing a site's content pages. VaultWiki is a fully-featured and fully-supported wiki solution for vBulletin and XenForo.

      The VaultWiki Team encourages you to join our community of forum administrators and check out VaultWiki for yourself.

    Issue: img not showing in template

    • Issue Tools
      • View Changes
    1. issueid=4470 December 9, 2015 5:46 PM
      Gossamer Gossamer is offline
      Junior Member
      img not showing in template
      I have an infobox template setup on my wiki, including an image field. It's setup so that they just use [*img] bbcode to add an image to it. Images are showing up in the article correctly. But any image I try to pass into the template is not generating.

      Code:
      [template]Infobox
|Header = Huorn
|Subheader = Submitted by Piper
|Image = [IMG]https://i.imgur.com/zLGSxNx.png[/IMG]
|Field 1 = Fandom
|Info 1 = Tolkien Legendarium
|Field 2 = Location
|Info 2 = Mostly found in the forest surrounding Misty Hollow. Can rarely be found in the tropical forests in Horizon and Cascade Bay.
|Field 3 = Rarity
|Info 3 = ???
|Field 4 = Toxicity
|Info 4 = ???[/template]
      Template Code
      Code:
      <div class="infobox"><div class="infobox_header">{{{Header|Header}}}</div><div class="infobox_image">{{{Image|}}}</div><div class="infobox_subheader">{{{Subheader|Subheader}}}</div><div class="infobox_body"><dl class="pairsJustified"><dt>{{{Field 1|Field 1}}}</dt><dd>{{{Info 1|}}}</dd></dl><dl class="pairsJustified"><dt>{{{Field 2|Field 2}}}</dt><dd>{{{Info 2|}}}</dd></dl><dl class="pairsJustified"><dt>{{{Field 3|Field 3}}}</dt><dd>{{{Info 3|}}}</dd></dl><dl class="pairsJustified"><dt>{{{Field 4|Field 4}}}</dt><dd>{{{Info 4|}}}</dd></dl><dl class="pairsJustified"><dt>{{{Field 5|Field 5}}}</dt><dd>{{{Info 5|}}}</dd></dl><dl class="pairsJustified"><dt>{{{Field 6|Field 6}}}</dt><dd>{{{Info 6|}}}</dd></dl></div></div>
    Issue Details
    Issue Number 4470
    Issue Type Bug
    Project VaultWiki 4.x Series
    Category BB-Code Parsing
    Status Fixed
    Priority 3 - Loss of Functionality
    Affected Version 4.0.7
    Fixed Version 4.0.8
    Milestone (none)
    Software DependencyXenForo 1.x
    License TypePaid
    Users able to reproduce bug 0
    Users unable to reproduce bug 0
    Attachments 0
    Assigned Users (none)
    Tags (none)




    1. December 10, 2015 10:45 AM
      pegasus pegasus is offline
      VaultWiki Team
      I have duplicated this behavior on our demo. It seems that this issue only affects the XenForo version. I will let you know when I have a solution.
      Reply Reply
    2. December 10, 2015 1:27 PM
      pegasus pegasus is offline
      VaultWiki Team
      In vault/core/model/parser/sideways/template/xf.php, find:
      Code:
      $param['value'] = $this->prevent_stupid_xss($param, $text);
      After it, add:
      Code:
      $param['value'] = $obfuscater->run($param['value'], 1, false, false);
      In vault/core/model/parser/obfuscate/vw.php, find:
      Code:
      public function run($text, $undo = 0, $tags_only = false)
      Replace with:
      Code:
      public function run($text, $undo = 0, $tags_only = false, $cleanup = true)
      Find:
      Code:
      $text = str_replace('#!#CES-TST()DOL#L', '$', $text);
      After it, add:
      Code:
      			if ($cleanup)
			{
				$this->cleanup();
			}
      Find:
      Code:
      				$input = $this->frag_reverse($input);
				$this->store = array();
      Replace with:
      Code:
      				$input = $this->frag_reverse($input);
      Reply Reply
    3. December 10, 2015 1:46 PM
      pegasus pegasus is offline
      VaultWiki Team
      This occurred because:
      1. Unparsed BB-Code exists in the output of the IMG tag (not sure why, but the alt attribute is always [/IMG]).
      2. Unparsed BB-Codes are obfuscated from the template parser when discovering the boundaries between template arguments/parameters.
      3. The values of template arguments must be the same before and after all templates are parsed to avoid a hash collision security vulnerability.
      4. The reverse obfuscation of the template arguments is not the same as the obfuscated argument, so the values of those arguments are considered in violation of this security measure.

      This only affected XenForo because this security measure is only needed in XenForo. This was fixed by ensuring that the security function compares the non-obfuscated versions of the argument on both sides of the comparison.

      This bug was introduced by the following versions:
      4.0.6 Patch Level 1
      4.0.5 Patch Level 1
      4.0.4 Patch Level 1
      4.0.3 Patch Level 2
      4.0.2 Patch Level 5
      4.0.1 Patch Level 8
      4.0.0 Patch Level 7
      4.0.0 RC 5 Patch Level 6
      4.0.0 RC 4 Patch Level 7
      Reply Reply
    4. December 16, 2015 1:03 AM
      Gossamer Gossamer is offline
      Junior Member
      I just tried doing the code edits, but I was unable to find the code you indicated in vault/core/model/parser/sideways/template/xf.php
      Reply Reply
    + Reply

    Assigned Users
    Loading Please Wait
    Tags
    Loading Please Wait
    • Contact Us
    • License Agreement
    • Privacy
    • Terms
    • Top
    All times are GMT -4. The time now is 4:45 PM.
    This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Learn more… Accept Remind me later
  • striker
    Powered by vBulletin® Version 4.2.5 Beta 2
    Copyright © 2023 vBulletin Solutions Inc. All rights reserved.
    Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2023 DragonByte Technologies Ltd.
    Copyright © 2008 - 2013 VaultWiki Team, Cracked Egg Studios, LLC.