|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 307 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 Raven writes "I'm testing a new Recent Forums Posting block that allows you to Expand and UnExpand to see as many recent topics as you desire. My purpose is to try to save as much real estate as possible and decrease load time a little. I'd appreciate some feedback on it. I'm still tweaking the heading placement but other than that it seems to be working.
I'm thinking of adapting this to the messages and news also. Please leave all feedback on my site so I can keep it all together."
|
|
Posted on Sunday, January 11 @ 23:43:02 CET by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 5
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: New Recent Posts Block (Score: 1)
by Raven on Monday, January 12 @ 00:23:16 CET
(User Info | Send a Message) http://ravenphpscripts.com | | Both. The core code (and most of) is dhtml, which is, of course, supercharged js/html :). And there is a little pure, if you will, javascript. There are no server calls at all after the initial loading of the page. I actually found the script somewhere and have had it stashed for quite a while. There are no credits and I have modified it to work with nuke. |
]
Re: New Recent Posts Block (Score: 1)
by Zhen-Xjell on Monday, January 12 @ 00:29:02 CET
(User Info | Send a Message) http://castlecops.com | That's always been one of my concerns with DHTML/Javascript/ActiveX. Based on my core security/privacy background these are simple disabled in user browsers to protect them from being tracked or having their hard drives read. For instance, the Nimda worm was easily spread by visiting web sites that had it installed on web pages. If one allowed browser scripting then one would have gotten infected by Nimda.
Hence, that was my conern... thanks for letting me know.
As an aside, that is why navtap was done without the use of client side scripting beyond the base SGML HTML rendering code. |
]
Re: New Recent Posts Block (Score: 1)
by Raven on Monday, January 12 @ 01:15:32 CET
(User Info | Send a Message) http://ravenphpscripts.com | | If that is your concern then you better not use nuke because it has javascript code too, as well as many blocks and modules written for it. Just look at the source of your home page. Javascript all over it! Nimda was exploited by holes in windoze, IE, and email integration. For a refresher from 2001 see this summary http://www.incidents.org/react/nimda.pdf . To relate this harmless code to Nimda seems to be a bit of FUD, wouldn't you agree? |
]
Re: New Recent Posts Block (Score: 1)
by Zhen-Xjell on Monday, January 12 @ 10:22:35 CET
(User Info | Send a Message) http://castlecops.com | To compare benign javascript code in php-nuke to malicious client side scripting is like comparing apples and oranges. For an example of what is considered 'bad' client side code I would recommend checking some of my original Proxomitron privacy work here:
http://computercops.us/downloads-file-91-details-zx_20020105.zip_(FULL_COMPLETE).html
You can download Proxomitron from here:
http://computercops.us/downloads-file-269-details-Proxomitron_Naoko_4.5_(ZIP).html
For support you can visit the general forum here:
http://computercops.us/forum10.html [computercops.us]
Here are some sample filters I had written to stop certain Javascript code:
Name = "Kill JavaScript Banners"
Active = TRUE
Bounds = "<script($INEST(<script,</script)</script>( <noscript>|)|*)"
Limit = 2048
Match = "*(://$AV($LST(AdList)*)|"
"=?=?=?=?|ad(click|cycle)|banner_height|<iframe|'ht'+'tp|.referrer)"
"&*>(�<noscript>|�)"
Replace = "<!-- JS Banner blocked -->
"
"<script language="ShonenScript">�"
Name = "Kill add-on JavaScripts "
Active = TRUE
Multi = TRUE
Limit = 1024
Match = "</html>1$NEST(<script,</script>)"
Replace = "<font size=1>[PostScript Killed]</font><br>
"
"</html>1
"
Name = "Kill Dynamic HTML JavaScripts"
Active = TRUE
Limit = 256
Match = "<start>"
Replace = "<!--//--><script> function NoWrite(txt){return(1);} "
"document.write=NoWrite; "
"document.writeln=NoWrite; "
"</script>
"
Name = "Stop JavaScript Redirects"
Active = FALSE
Limit = 30
Match = ".location(=|.)1"
Replace = ".NoLocation1"
Name = "Kill Nosey JavaScripts - GREG"
Active = FALSE
Bounds = "<script*</script>"
Limit = 16000
Match = "*(.(referrer|plugins|cookie|colorDepth|pixelDepth|external)|history.length)*"
Replace = "<!-- Killed Nosey JavaScript -->"
Reason for blocking such client side scripting is to disable user tracking.
And its because of this history that I know folks shut down client side scripting. Now the code in PHP-Nuke certainly doesn't qualify as 'bad' client side code. But there may be some folks who shut it down.
For instance, I notice many portal sites make use of right click disabling. Such code as the following would render that useless and would allow a web surfer to right click:
Name = "Allow Right Click"
Active = TRUE
Bounds = ""
Limit = 256
Match = "1oncontextmenu=2"
Replace = "1Prx_offcontextmenu=2"
Name = "Allow right mouse click"
Active = FALSE
Limit = 256
Match = ".(onmousedown=|captureEvents()1"
Replace = ".PrxOff_1"
At Computer Cops I make use of only the base php-nuke javascript code. Nothing additional. At CCSP I take pride that banners are not maintained and the site is fairly free of all that gibberish.
While at NC there is a different mindset than from CCSP. I don't doubt however that a minimal amount of netizens shut down the display of the banners, which of course are privacy tracking tools by those banner companies.
Hence... to enable maximum exposure for your code,
Read the rest of this comment... |
]
Re: New Recent Posts Block (Score: 1)
by Raven on Monday, January 12 @ 11:55:52 CET
(User Info | Send a Message) http://ravenphpscripts.com | | And, to generalize simple dhtml and javascript code as is used in this block to your 'concern' about Nimda is like comparing apples and oranges. As I said, it's FUD. Your points are well taken, if the code warrants it. Mine doesn't. |
]
Re: New Recent Posts Block (Score: 1)
by Zhen-Xjell on Monday, January 12 @ 12:02:58 CET
(User Info | Send a Message) http://castlecops.com | Raven I'm looking out for your interests and the community by providing information that you can use if you so choose. To me knowledge is power, and does not equate with "FUD".
I'm glad my point is well taken with you, because in the end, it helps both web sites and the folks visiting them.
Whether or not your code falls into this range is something you have to decide using the information thus provided.
Personally, I like to see all code fully functional that is available to the masses, instead of a few. If yours does this, then that coincides wonderfully with my beliefs. |
]
| | | | | |
