News:

Join the Facebook Fan Page.

Main Menu

Signature limits

Started by Al Stevens, February 06, 2019, 05:55:48 PM

Previous topic - Next topic

Al Stevens

Which database table or tables record signature limits -- max characters, number of images, image width, etc?
[nofollow]

vii

Table: settingsValue: signature_settings
Settings are separated by a comma. Just fiddle with the individual settings in the admin panel and see how they change in the db entry. I think the format might be in the order you see them on the admin settings page. I know the first entry is a 1/0 value describing whether signatures are enabled or not, and the 2nd value is the max signature size.

Arantor

I have to ask, why does it matter?

drewactual

also...... though it may be a matter of approach, it's my opinion (fwiw) this is better handled with CSS - especially if there are existing signatures that will be impacted. 

something like:

.signature {width:99%; height:1em; margin: .25em auto; overflow:hidden;}
.signature img{ max-width:300px; height:auto;}


for users this impacts, it will put the burden on them to make it look good instead of you toying with things in the db that has opportunity to jack things up. 

Al Stevens

Thank you, VirginiaZ.

To the others: Why do you assume I intend to change those values? Could it be that I need to read those values?  :)
[nofollow]

Arantor

If you need to read them, go to the settings page where.

If you're trying to read them for some other purpose, knowing what that purpose  is would help us help you (since doing DB queries for something likely already loaded and available is a bad idea)

Al Stevens

I'm working on a mod that needs to read them into its PHP script. I would think the system would not allow a mod to change those data unless the logged-on user had admin permissions. Thanks for your comments.
[nofollow]

Arantor

You'd be wrong about that, which is why I ask what you're trying to do and how.

I'm not trying to be evasive, just trying to avoid you wasting time in incorrect ways of doing things.

Al Stevens

Wrong in what way? Is there another method other than reading the database for a mod to determine at run time, for example, the maximum character width of a signature and the maximum image dimensions?
[nofollow]

Arantor

Yes, there is, but again it depends on what you're trying to do and exactly where!

Most likely I'd be suggesting to examine the global array $modSettings, which contains all the settings, but honestly I'm finding it hard to help you do it correctly and efficiently.

Aleksi "Lex" Kilpinen

Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

Al Stevens

What I'm trying to do and exactly where:

I am writing a program that runs independently of the SMF source code except that it has access to Settings.php only to have the $db_ variables defined. The program needs to read the signature settings. That's what I'm trying to do.

Thanks for the mention of $modSettings. I didn't know about that so I went poking around. Its values are defined in the database and retrieved in Load.php. I'd have to get deep into SMF to use it. At the time my program is running, SMF is dormant. SMF launches the program then stands by while it runs.

It's just easier to get the signature settings directly from the database. I wish to keep my program independent of SMF (other than the database) since the program runs on other platforms and on its own. I can hear the next question coming. How can I be independent and still access the database? I cannot, but that's a longer story than this one turned out to be. :)
[nofollow]


Arantor

No, the question isn't 'how can you be independent and still access the database'. The question is, what you're going to do with that, presumably you're creating a profile page outside of the forum that users can edit and you want to synchronise the two. The problem you have there is good luck to you to sanitise the signature in a way that won't give you security holes coming back into SMF afterwards.

Suggestion: include SSI.php rather than Settings.php, this will give you a DB connection and access to core SMF functionality (including having $modSettings be loaded for you automatically, which will also benefit from caching if suitably configured) which means you can then load the relevant security routines you'll need.

Al Stevens

Thanks, all, for your help, comments, and suggestions. I have what I need to proceed.
[nofollow]

Arantor


Al Stevens

Lest anyone gets too concerned, know that I am spending the next couple of days poring through SSI.php and the $smcFunc docs as per Aruntor's suggestion. Interesting stuff. I'll return as questions arise. I've seen some syntax that I don't recognize, which is to be expected.

Aruntor has been adamant about learning what I am building. That will come later. In the meantime, the only SMF site where I have installed my program is on a private wamp server. No one's database is at risk except for mine, and it gets initialized frequently. The test forum has only two users and I'm both of them. Later, the program will go onto a public server, also mine. An early version is there now, but not integrated with an SMF site.

Thanks again for all the help and in advance for that which is to come.
[nofollow]

Arantor

I've been adamant about trying to protect you from opening up security holes, but you seem sufficiently insistent that I'll leave you to it.

Al Stevens

Quote from: Arantor on February 08, 2019, 06:09:40 PM
I've been adamant about trying to protect you from opening up security holes, but you seem sufficiently insistent that I'll leave you to it.
As well you should. But you'd have no way of knowing that.
[nofollow]

Aleksi "Lex" Kilpinen

Don't get us wrong, Arantor simply knows the code better than many others around here, including me, and with things like this it is easier for everyone to provide answers when you know exactly what the question is.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

Advertisement: