Differences

This shows you the differences between the selected revision and the current version of the page.

punbb13:pcr_avatar 2008/12/19 05:09 punbb13:pcr_avatar 2020/02/06 11:04 current
Line 1: Line 1:
====== PCR Avatar (pcr_avatar) ====== ====== PCR Avatar (pcr_avatar) ======
[[.:|PunBB 1.3]] [[Extension development|extension under development]] [[.:|PunBB 1.3]] [[Extension development|extension under development]]
-  * Current version: **0.1.16** (preview/pre-alpha)+  * Current version: **0.1.31** (pre-alpha)
===== General idea ===== ===== General idea =====
Line 14: Line 14:
  * Add the option to set the gallery path   * Add the option to set the gallery path
  * Let the user choose a remote avatar, let them choose a gallery avatar   * Let the user choose a remote avatar, let them choose a gallery avatar
 +  * Secure remote avatar (ported the sanitizing function from phpBB)
==== To do ==== ==== To do ====
 +  * Add fields in the admin panel to configure the minimum avatar size
  * Make a gallery explorer   * Make a gallery explorer
  * Automatically get avatar size (remote and gallery)   * Automatically get avatar size (remote and gallery)
-  * Secure remote avatar (don't let the user make the server run a random query to another site...) 
  * Secure the gallery?   * Secure the gallery?
  * Are PunBB extensions already protected against SQL injections by the way PunBB handles additional variables or do we need to do it ourselves?   * Are PunBB extensions already protected against SQL injections by the way PunBB handles additional variables or do we need to do it ourselves?
  * Clean the gallery path chosen by the admin so that it doesn't matter whether or not an ending slash is specified   * Clean the gallery path chosen by the admin so that it doesn't matter whether or not an ending slash is specified
  * Improve the cache (currently it isn't always updated when it should)... or maybe replace it with a database field? (is this cache really good when there are 10k users with an avatar => the cache file would be around 1MiB...)   * Improve the cache (currently it isn't always updated when it should)... or maybe replace it with a database field? (is this cache really good when there are 10k users with an avatar => the cache file would be around 1MiB...)
-  * Add this http://punbb.informer.com/forums/topic/19422/request-default-avatars/+  * Add this https://punbb.informer.com/forums/topic/19422/request-default-avatars/
-==== Current version: pcr_avatar 0.1.16 ==== +==== Current version: pcr_avatar 0.1.31 ==== 
-Just a **preview** to show the work in progress. There is **no security** or picture size checks yet, and no gallery explorer either (users can pick an avatar from the gallery but to do so they need to know its path). **Do not** use on a live board.+Just a **preview** to show the work in progress. There **should be** a good enough security around remote avatars (I ported the remote avatar function from phpBB). The remote picture size is checked. There is still no gallery explorer either (users can pick an avatar from the gallery but to do so they need to know its path). **Could perhaps** be used on a live board... I do on mine. But as the license says "This program is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE".
  * [[http://files.wiki4games.com/pcr_avatar.7z|download]]   * [[http://files.wiki4games.com/pcr_avatar.7z|download]]
 +
 +==== Former versions ====
 +=== pcr_avatar 0.1.16 ===
 +Just a **preview** to show the work in progress. There is **no security** or picture size checks yet, and no gallery explorer either (users can pick an avatar from the gallery but to do so they need to know its path). **Do not** use on a live board.
 +  * (download link removed)
===== License ===== ===== License =====
PCR Avater is licensed under the GNU GPL v3 or later (see LICENSE.txt). PCR Avater is licensed under the GNU GPL v3 or later (see LICENSE.txt).

Personal Tools