Author Topic: Pic Security  (Read 163496 times)

0 Members and 1 Guest are viewing this topic.

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Pic Security
« on: March 24, 2005, 03:38:18 AM »
In this topic we'll discuss some trick to secure images,media files, etc
Before the hack we had over 10 pages of this topic 8O

I'll try reproduce some usefull tips'n tricks. In case u would like to, I've attached 8 pages from the old forum.
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Page 1
« Reply #1 on: March 24, 2005, 03:39:31 AM »
Translated message of thrOne:

Quote
1. Secure your Directory

Secure it with a .htaccess file in it.
(empty file)


2. View the Pic

The viewscript shows the Picture in a table.
the trick: the real pic is the background, the
content a transparent .gif. there is no way to
rightclick the background.



in Html:
Code:

<table CELLSPACING=0 CELLPADDING=0 COLS=1 WIDTH="100" HEIGHT="100">
<tr><td BACKGROUND="ihrbild.gif">
<img SRC="transparent.gif" height=100 width=100>
</td></tr></table>


Our Knowledge in the PHP Files:

Sourcecode "view_image.php":
Code:

<?php

session_start();

// deactivate cache
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") ." GMT");
header("Pragma: no-cache");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");

// Challenge-ID
mt_srand((double)microtime()*1000000);

$random = mt_rand();
$random = md5(uniqid($random,TRUE));

$sess_challenge_id = $random;

if(!session_is_registered("sess_challenge_id")):
session_register("sess_challenge_id");
endif;

// Read image
$pic = "tolle-grafik.jpg";
$img = @GetImageSize("/absoluter/pfad/zu/verzeichniss/images/".$pic);
$width = $img[0];
$height = $img[1];

// show HTML table
printf("<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"%s\" height=\"%s\">\n",$width,$height);
print "<tr>\n";
printf("<td width=\"%s\" height=\"%s\" background=\"read_image.php?img=%s&challenge=%s\">",$width,$height,rawurlencode($pic),$sess_challenge_id);
printf("<img border=\"0\" src=\"blind.gif\" width=\"%s\" height=\"%s\">",$width,$height);
print "</td>\n";
print "</tr>\n";
print "</table>\n";

?>


Description:
You have to start a session first.
After this, we deaktivate the Cache because of
security reasons and build a 32 chars long "challenge-id"
these challenge ids can be also used to notice reload.
now just read the image size with GetImageSize()

Now the real trick:
Instead of pointing to the image
directly, we start another Script,
"read_image.php" and attach as Get-Parameter
the Name of the Image-File and our
Challenge-ID.


3. Reading the Image

We need another Script, for reading
the Image out of the secured dir.
The Sourcecode:

<?php

session_start();

// Challenge-ID OK -> Show Pic
if(session_is_registered("sess_challenge_id") and $sess_challenge_id == $challenge):

session_unregister("sess_challenge_id");

$path = "/asoluter/pfad/zu/verzeichniss/images/";
$img = rawurldecode($img);
$read = @GetImageSize($path.$img);
$type = $read[2];

// Set kind of File

switch($type)
{
case 1:
$mime = "image/gif";
break;
case 2:
$mime = "image/jpeg";
break;
case 3:
$mime = "image/png";
break;
case 4:
$mime = "application/x-shockwave-flash";
break;
}

// Send Header and read the image with readfile()
// sending the graphic to the browser
header("Content-Type: $mime");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Pragma: no-cache");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
readfile($path.$img);

// Access denied -> Transparent GIF *doh*
else:
header("Content-type: image/gif");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") ." GMT");
header("Pragma: no-cache");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
readfile("blind.gif");
endif;

?>

At first we test the Session-Value and compare it
with the challenge. if its ok, we delete the session
variable to prevent copy and paste out of the
page-source.
now getimagesize() again, to give the browser
the right header.
readfile() the image to the browser.

if there's no session-variable or the challenger-IDs
don't match, there will be only a transparent .gif.

Summary of security methods:

Directory secured with .htaccess
No Access with browser
Graphic as Table-Background
Transparent Gif
Session Variables and Challenge IDs
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Page 2
« Reply #2 on: March 24, 2005, 03:42:11 AM »
Message by Chris
Quote
Nossie wrote:
Quote
especially when it can be evaded by using print screen... of some other form of screen capture that doesnt use keypresses (or product keys)

If the visitor is using IE 5.x or higher, there is a solution to the dreaded screen print. Open the details.html template and add this to the top:
Code: [Select]

{header}

<script language="JavaScript" type="text/JavaScript">
window.setInterval("window.clipboardData.setData('Text','[The clipboard is temporarily disabled. To restore normal function, simply close the web browser currently viewing a full size image at {site_name}]')",20);
</script>

This code sets the clipboard data to the text message "clipboard is temporarily disabled" every 20 milliseconds. This will also block the capture function of any software that uses the system clipboard which is all of them in my experience.

I've tested this under MS Windows, not sure about Macintosh. I'd estimate 85% of my visitors are using MS Windows and IE 5.x or higher so this is a fairly effective javascript.

According to http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/clipboarddata.asp the following code is supposed to clear the clipboard of any image data. This allows the user to retain the ability to copy and paste text, URL, file and HTML data.
Code: [Select]
window.setInterval('window.clipboardData.clearData("Image")',20);
At one time a couple days ago, I had this working. The user couldn't screen capture to the clipboard but could still cut and paste text. Since then I haven't gotten it to work. the clearData('Image') method just clears all data. Not sure what I'm doing wrong and it's probably something to do with my other javascripts. In any case I present it here for everyone's benefit.

Just thought I'd share what I've learned recently.


Message by Chris:
Quote
Use javascript to decrypt a PHP encrypted image link and document.write it to the page. Use the <noscript> tag to point to a web site logo. If the user disables javascript, they only get to see the logo and not the image they wanted. Effective for me since I use a chromeless window for the images.

Here is a code for media/jpg.html template:
Code: [Select]
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center" width="100%">

<script language="JavaScript" type="text/JavaScript">
document.write('<img src=\"{media_src}\">');
</script>

<noscript>
<img src="/resources/images/logo.gif"/>
</noscript>

</td>
</tr>
</table>


Message by Chris:
Quote
For the uninitiated: Hotlink protection is when you implement measures to ensure the link was followed from your site.

The technique I've described only ensures the user has javascript enabled and that web site copiers can't grab the images. It's not actually a hotlink issue since the pages and image links are being loaded from the 4images site itself either from the user's javascript enabled browser or from web site copying software.

For those reading who don't know about hotlinks, a hotlink is when a web page on someone else's web site links to images on your web site. This steals your bandwidth by loading your images in their pages by reading them off your server.

What I documented wouldn't stop that from happening. Another post already exists in these forums that describes a method for preventing hotlinks by using the .htaccess file for Apache web servers. Another approach is to use PHP to set and check a session variable before allowing the user to view the file. That method is covered pretty well by this short article here:
http://www.pinkgoblin.com/bandwidthprotection.php

The main reason I'm taking these steps is to ensure images are only downloaded by registered users and that people can't grab thousands of my photos with a single click of the mouse.
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Page 4
« Reply #3 on: March 24, 2005, 04:01:02 AM »
I just wanted to share with the public with another way to secure pictures, that I made long time ago and successfuly have been using on my site. It hides location of the pictures and adds antileech as well.

Works with 4images v1.7 and v1.7.1

Step 1.
Open includes/functions.php
Find:
Code: [Select]
function show_image($image_row, $mode = "", $show_link = 1, $detailed_view = 0) {

Replace with:
Code: [Select]
function show_image($image_row, $mode = "", $show_link = 1, $detailed_view = 0, $encrypt = 0) {


Step 1.2.
Find:
Code: [Select]
    "image" => get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, $detailed_view),

Replace with:
Code: [Select]
    "image" => get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, $detailed_view, $encrypt),


Step 1.3.
Find:
Code: [Select]
function get_media_code($media_file_name, $image_id = 0, $cat_id = 0, $image_name = "", $mode = "", $show_link = 0, $detailed_view = 0) {

Replace with:
Code: [Select]
function get_media_code($media_file_name, $image_id = 0, $cat_id = 0, $image_name = "", $mode = "", $show_link = 0, $detailed_view = 0, $encrypt = 0) {


Step 1.4.
Find:
Code: [Select]
      "media_src" => $media_src,

Replace with:
Code: [Select]
      "media_src" => ($encrypt) ? ROOT_PATH."show.php?pic=".encrypt_add($media_src) : $media_src,
      "media_src_original" => $media_src,



Step 1.5.
At the end of the file, just above closing ?> insert:

For 4images v1.7

Code: [Select]
function encrypt_add($file){
  global $_SESSION;
  @session_name('4images_pic');
  @session_start();
  $file = base64_encode($file);
  $id = md5(uniqid(microtime()));
  $_SESSION['4images_pic'] = $id." ".$file." ".time();
  return $id;
}



For 4images v1.7.x
Code: [Select]
function encrypt_add($file){
  global $site_sess;
  $file = base64_encode($file);
  $id = md5(uniqid(microtime()));
  $site_sess->set_session_var("downloadpic", $id." ".$file." ".time());
  return $id;
}



Step 1.6. (added 10/15/2004)
If u installed [MOD] Show original image in new window by clicking on image
then also u'll need do this:
Find:
Code: [Select]
    "media_src_big" => get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, $detailed_view, 1),

Replace it with:
Code: [Select]
    "media_src_big" => get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, $detailed_view, 1, 1),

Also Step 1.2 and Step 1.3 has to be changed for u:
in Step 1.2 use this line:
Code: [Select]
function get_media_code($media_file_name, $image_id = 0, $cat_id = 0, $image_name = "", $mode = "", $show_link = 0, $detailed_view = 0, $big=0, $encrypt = 0) {

and in Step 1.3 this:
Code: [Select]
    "image" => get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, $detailed_view, $big, $encrypt),



Step 2.
Open details.php
Find:
Code: [Select]
show_image($image_row, $mode, 0, 1);

Replace with:
Code: [Select]
show_image($image_row, $mode, 0, 1, 1);



Step 3.
Create a new file and save it as show.php in 4images root dir, with this code:

For 4images v1.7

Code: [Select]
<?php 
//-----------------------------------------------------\\ 
//--- Created by V@no 2003 http://gallery.vano.org ---\\ 
//----------------- for 4images v1.7 ------------------\\ 
//-----------------------------------------------------\\ 

//---- Settings -------- 
$expire 35//seconds 
$reduce 20//reduce expire time after first call 
//-- End Settings ------ 

define('ROOT_PATH''./'); 
include(
ROOT_PATH.'includes/upload_definitions.php'); 
@
session_name('4images_pic'); 
@
session_start(); 
function 
is_remote_file($file_name)

  return (
preg_match("#^(https?:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/.*?\.([a-z]{1,4})$)#is"$file_name)) ? 0


function 
get_file_extension($file_name)

  return 
strtolower(substr(strrchr($file_name,"."), 1));

if (!
function_exists("file_get_contents"))
{
  function 
file_get_contents($file){ 
    
$data "";
    if (
$fp = @fopen($file"rb"))
    {
      
$data = @fread ($fp, @filesize($file)); 
      @
fclose($fp); 
    }
    return 
$data
  }
}
if (isset(
$_GET['pic']) && $_GET['pic'])

   
$id $_GET['pic']; 
}
else

   
$id 0

$file "";
$mime "image/gif";
if (
$id && (isset($_SESSION['4images_pic']) && $_SESSION['4images_pic']))

  
$expired time() - $expire
  
$pic explode(" "$_SESSION['4images_pic']); 
  if (
count($pic) != 3)
  { 
    
$file "no/pic_error.gif"//general error 
    
unset($_SESSION['4images_pic']); 
  }
  elseif (
$pic[0] != $id)
  { 
    
$file "no/pic_image.gif"//no image found 
  
}
  elseif (
$expired >= $pic[2])
  { 
    
$file "no/pic_expired.gif"//image expired 
  

  if (!
$file) { 
    
$file base64_decode($pic[1]); 
    
$_SESSION['4images_pic'] = $pic[0]." ".$pic[1]." ".($pic[2]-$reduce); 
    if (!
$image_info = @getimagesize($file) || is_remote_file($file) || !$mime $mime_type_match[get_file_extension($file)][0])
    {
      
header ("Location: ".$file); 
      exit; 
    }
  }
}
else

  
$file "no/pic_error.gif"

$file = @file_get_contents($file); 
header ("Content-type: ".$mime); 
header ("Content-Length: ".strlen($file)); 
echo 
$file;
?>

For 4images v1.7.x

Code: [Select]
<?php 
//-----------------------------------------------------\\ 
//--- Created by V@no 2003 http://gallery.vano.org ---\\ 
//--------------- for 4images v1.7.x ------------------\\ 
//-----------------------------------------------------\\ 

//---- Settings -------- 
$expire 35//seconds 
$reduce 20//reduce expire time after first call 
//-- End Settings ------ 
$nozip 1;
$nocache 1;
define('ROOT_PATH''./'); 
include(
ROOT_PATH."global.php");
include(
ROOT_PATH."includes/sessions.php");
include(
ROOT_PATH.'includes/upload_definitions.php'); 
if (!
function_exists("file_get_contents"))
{
  function 
file_get_contents($file){ 
    
$data "";
    if (
$fp = @fopen($file"rb"))
    {
      
$data = @fread ($fp, @filesize($file)); 
      @
fclose($fp); 
    }
    return 
$data
  }
}
if (isset(
$HTTP_GET_VARS['pic']) && $HTTP_GET_VARS['pic'])

   
$id $HTTP_GET_VARS['pic']; 
}
else

   
$id 0

$file "";
$mime "image/gif";
if (
$id && $pic $site_sess->get_session_var("downloadpic"))

  
$expired time() - $expire
  
$pic explode(" "$pic); 
  if (
count($pic) != 3)
  { 
    
$file "no/pic_error.gif"//general error 
    
$site_sess->drop_session_var("downloadpic");
  }
  elseif (
$pic[0] != $id)
  { 
    
$file "no/pic_image.gif"//no image found 
  
}
  elseif (
$expired >= $pic[2])
  { 
    
$file "no/pic_expired.gif"//image expired 
  

  if (!
$file)
  { 
    
$file base64_decode($pic[1]);
    
$site_sess->set_session_var("downloadpic"$pic[0]." ".$pic[1]." ".($pic[2]-$reduce)); 
    if (!
$image_info = @getimagesize($file) || is_remote_file($file) || !$mime $mime_type_match[get_file_extension($file)][0])
    {
      
header ("Location: ".$file); 
      exit; 
    }
  }
}
else

  
$file "no/pic_error.gif"

$file = @file_get_contents($file); 
header ("Content-type: ".$mime); 
header ("Content-Length: ".strlen($file)); 
echo 
$file;
?>



Adjust two values:
Quote
//---- Settings --------
$expire = 35; //seconds before expiration. If u make it too low, the visitors whos on dialup will get "picture expired".
$reduce = 20; //reduce expire time in seconds after each call (not a good idea set this same as $expire time, because some browsers can do "double" page refresh, that will cause of "expire" message.)
//-- End Settings ------



Step 4.
Create 3 .gif images that would be showed instead of the real image, when something went wrong. Upload them in no/ folder (create it first. Name of the images must be as followed):
no/pic_error.gif - general error (something wrong with the session or ID didnt match)
no/pic_image.gif - image not found
no/pic_expired.gif - image expired


Step 5. (added 09/13/04)
Open postcards.php
Find:
Code: [Select]
      $image = get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, 1);

Replace with:
Code: [Select]
      $image = get_media_code($image_row['image_media_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, 1, 0, 1);




after all this u can rename your /media/ folder to something else and noone could find where the images are  (dont forget adjust /includes/constants.php too)

P.S. this method has few down-sides:
- each time picture being viewed it will be downloaded from the server, instead of showing from cache (extra trafic)
- the script returns the original media path when the media is not an image (.avi, .zip, etc) or when media is remote.


Quote
Quote
martrix wrote:
It would be very nice, if somebody could write how to add this nonono.gif modification to 4images and how to mask the {media_src} url.
it's pretty much simple 
open templates/<yourtemplate>/media/jpg.html (this example for jpg.html template, but u'll need do same thing for all others templates for images)
Replace
Code: [Select]
<img src="{media_src}" border="1" alt="{image_name}"{width_height} />
with:
Code: [Select]

<table style="background: url({media_src}) no-repeat; background-position: center center" cellpadding="0" cellspacing="0">
  <tr>
    <td><img src="{template_url}/images/spacer.gif" border="1" alt="{image_name}"{width_height} /></td>
  </tr>
</table>


asume that u have spacer.gif file in /templates/<yourtemplate>/images/ folder.
« Last Edit: September 08, 2008, 10:40:00 AM by V@no »
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Page 6
« Reply #4 on: March 24, 2005, 04:08:28 AM »
Chris replyed with some addon to the code I've posted on page 4 (see code in previous reply):
Quote
And here is how to make sure the browser doesn't cache the viewed file to disk.

Change this block:
Code: [Select]
header ("Content-Length: ".strlen($file)."\n\n");
echo $file;
exit;


to this:
Code: [Select]
header ("Content-Length: ".strlen($file)."\n\n");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // expires in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Last modified, right now
header("Cache-Control: no-cache, must-revalidate"); // Prevent caching, HTTP/1.1
header("Pragma: no-cache"); // Prevent caching, HTTP/1.0
echo $file;
exit;
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Page 8
« Reply #5 on: March 24, 2005, 04:10:35 AM »
Message posted by abda53bd:
Quote
heres a good no right click that doesnt have a popup,
but it works even with mozilla (the others that ive seen doesnt)
this even works against the F10 bypass

Code: [Select]
<SCRIPT LANGUAGE="Javascript">
var isNS = (navigator.appName == "Netscape") ? 1 : 0;
var EnableRightClick = 0;
if(isNS)
document.captureEvents(Event.MOUSEDOWN||Event.MOUSEUP);
function mischandler(){
  if(EnableRightClick==1){ return true; }
  else { return false; }
}
function mousehandler(e){
  if(EnableRightClick==1){ return true; }
 
  var myevent = (isNS) ? e : event;
  var eventbutton = (isNS) ? myevent.which : myevent.button;
  if((eventbutton==2)||(eventbutton==3)) return false;
}
function keyhandler(e) {
  var myevent = (isNS) ? e : window.event;
  if (myevent.keyCode==96)
    EnableRightClick = 1;
  return;
}
document.oncontextmenu = mischandler;
document.onkeypress = keyhandler;
document.onmousedown = mousehandler;
document.onmouseup = mousehandler;
</script>
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline fotopolis

  • Newbie
  • *
  • Posts: 27
    • View Profile
Re: Pic Security
« Reply #6 on: March 24, 2005, 03:39:51 PM »
I've tried to install the V@no's MOD to "hide location of the pictures and adds antileech as well". And it always shows the general error. And I don't know where the problem is. No one image is showing with this MOD.
It's no important for me to use the general, images not found or image expired errors. I only want to hide the url of the image when you see the source code.
Can any code of this MOD been deleted o modified to get this?
or can you help me to get this MOD works?

Offline rustynet

  • Addicted member
  • ******
  • Posts: 1.031
  • {if msg}{msg}{endif msg}
    • View Profile
    • rustynet.de
Re: Pic Security
« Reply #7 on: April 04, 2005, 01:03:00 PM »
this MOD doesn't works with 4images 1.7.1, right?
v@no, can you fix it and make it works with 1.7.1 please

Offline fotopolis

  • Newbie
  • *
  • Posts: 27
    • View Profile
Re: Pic Security
« Reply #8 on: April 04, 2005, 03:53:57 PM »
I'm using 4image 1.71 and doesn't work. But I'm not sure if the version is the problem. I've verified it several times and I didn't find any mistake I had made.
Is there any change to 4images 1.7.1?
Thanks.

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Re: Pic Security
« Reply #9 on: April 05, 2005, 01:11:58 AM »
I've added support in the original code (Step 1.5 and Step 3)
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline rustynet

  • Addicted member
  • ******
  • Posts: 1.031
  • {if msg}{msg}{endif msg}
    • View Profile
    • rustynet.de
Re: Pic Security
« Reply #10 on: April 05, 2005, 07:47:21 AM »
thank you  :D

Offline om6acw

  • Full Member
  • ***
  • Posts: 187
    • View Profile
    • My Animal's World
Re: Pic Security
« Reply #11 on: April 05, 2005, 07:55:00 AM »
thanks Vano  :D :!:

Offline fotopolis

  • Newbie
  • *
  • Posts: 27
    • View Profile
Re: Pic Security
« Reply #12 on: April 09, 2005, 11:01:58 PM »
Is there any other script to prevent clipboard in Firefox web browser? Because these only work with IE.

I've tried Chris's (top of this page) and Chlee's (with the 'disable.js' archive) but no one disables cliboard with Firefox.

Any help?

Offline V@no

  • If you don't tell me what to do, I won't tell you where you should go :)
  • Global Moderator
  • 4images Guru
  • *****
  • Posts: 17.849
  • mmm PHP...
    • View Profile
    • 4images MODs Demo
Re: Pic Security
« Reply #13 on: April 09, 2005, 11:46:44 PM »
no, the clipboard manipulation is only avalable in IE browsers. which I hope will not be supported (or atleast will have a setting to turn that feature off) in soon comming IE version 7
Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)

Offline Chris

  • 4images Moderator
  • 4images Guru
  • *****
  • Posts: 4.487
  • Did u ever stop to think and then forget to start?
    • View Profile
Re: Pic Security
« Reply #14 on: April 11, 2005, 05:18:16 AM »
Not a chance.  The DataTransfer object is typically used for drag and drop features in IE  :wink: