remote upload images via url

[stras]

i've read this thread and i saw where a staff it cant be disabled and said its a way to get ip of bad guys, that's pretty retarded imo, thats giving attackers a way to get backend ip and ddos people and even hack them, most people use cloudflare to protect backend and having this option not optionable is retarded, thats forcing people to use the site as is with a security risk.

 

[Rodolfo]

As the creator of this software I choosed to make it harder for anyone trying to break the law and for me, hide the actual IP where the content relies is a way to encourage felonies. That's what I believe, is my personal opinion.

Get another software if you want to hide your stuff, I'm not into it for V3. For V4 this should be optional because the system will be open anyway so my moral choices won't be a problem anymore so either I make it optional or someone else will do via a plugin.

 

[stras]

you will be ok, its just giving users the freedom, and legally you'll be covered, consult with a lawyer or something if you wish, and when is V4 coming out?

 

[Rodolfo]

I don't have any legal issue, is just a moral thing.

I also get about 20 emails every week from people with issues due to stolen content using a Chevereto website because those owners don't care at all. I always forward but actions are rarely taken.

I don't like the idea of that something that I did causes that kind of issues, I will feel devastated if I know about someone committing suicide or causing some harm because someone hiding their IP never took action about it.

That's my problem with this. While some care about a ddos, I care about the actual people having a nightmare due to this.

But my concerns are useless, you can't stop this kind of stuff and I should start to just ignore and move forward.

 

[anyimg]

You can do this by editing this file:
/app/themes/Peafowl/snippets/anywhere_upload.php

Search & Remove this ALL (4):

'%u' => '<a data-modal="form" data-target="anywhere-upload-paste-url">' . _s('add image URLs') . '</a>',

And Search & Remove this one:

<div id="anywhere-upload-paste-url" data-submit-fn="CHV.fn.uploader.pasteURL">
            <span class="modal-box-title"><?php _se('Add image URLs'); ?></span>
            <div class="modal-form">
                <textarea class="resize-vertical" placeholder="<?php _se('Add the image URLs here'); ?>" name="urls"></textarea>
            </div>
        </div>

Also, Search & Remove this ALL (4):

or %u.

 

[jeffrose]

i've read this thread and i saw where a staff it cant be disabled and said its a way to get ip of bad guys, that's pretty retarded imo, thats giving attackers a way to get backend ip and ddos people and even hack them, most people use cloudflare to protect backend and having this option not optionable is retarded, thats forcing people to use the site as is with a security risk.

Just wanted to share that the word "retarded" is very offensive used in this context. Unless you mean that it's been slowed down or delayed in some way.

 

[Oakley]

...most people use cloudflare to protect backend

No they don't, think you'll find that SOME people use it. There are plenty of other effective solutions that rely on simple good practice when it comes to server management.

Really can't see what the issue is here, if someone want's to hack a website then there's plenty of ways to attempt to do it. Whether they are successful or not is another matter. An exposed IP is the least of your worries.

Just edit the code as anyimg said above or simply don't use if it.

 

[rdn]

I hope I did it right, Thanks!

@@ -21,28 +21,28 @@
                         <span class="icon icon-download2 cursor-pointer" data-trigger="anywhere-upload-input"></span>
                         <div class="heading device-mobile--hide"><a data-trigger="anywhere-upload-input"><?php _se('Drag and drop or paste images here to upload'); ?></a></div>
                         <div class="heading device-nonmobile--hide"><a data-trigger="anywhere-upload-input"><?php _se('Select the images to upload'); ?></a></div>
-                        <div class="device-mobile--hide upload-box-status-text"><?php _se('You can also %i or %u.', [
+                        <div class="device-mobile--hide upload-box-status-text"><?php _se('You can also %i.', [
                             '%i' => '<a data-trigger="anywhere-upload-input">' . _s('browse from your computer') . '</a>',
-                            '%u' => '<a data-modal="form" data-target="anywhere-upload-paste-url">' . _s('add image URLs') . '</a>',
+                          
                         ]); ?></div>
-                        <div class="device-nonmobile--hide upload-box-status-text"><?php _se('You can also %i, %c or %u.', [
+                        <div class="device-nonmobile--hide upload-box-status-text"><?php _se('You can also %i, %c.', [
                             '%i' => '<a data-trigger="anywhere-upload-input">' . _s('browse from your device') . '</a>',
                             '%c' => '<a data-trigger="anywhere-upload-input-camera">' . _s('take a picture') . '</a>',
-                            '%u' => '<a data-modal="form" data-target="anywhere-upload-paste-url">' . _s('add image URLs') . '</a>',
+                          
                         ]); ?></div>
                     </div>
                     <div data-group="upload-queue-ready" class="soft-hidden">
                         <span class="icon icon-images" data-trigger="anywhere-upload-input"></span>
                         <div class="heading device-mobile--hide"><?php _se('Edit or resize any image by clicking the image preview'); ?></div>
                         <div class="heading device-nonmobile--hide"><?php _se('Edit any image by touching the image preview'); ?></div>
-                        <div class="device-mobile--hide upload-box-status-text"><?php _se('You can add more images from %i or %u.', [
+                        <div class="device-mobile--hide upload-box-status-text"><?php _se('You can add more images from %i.', [
                             '%i' => '<a data-trigger="anywhere-upload-input">' . _s('your computer') . '</a>',
-                            '%u' => '<a data-modal="form" data-target="anywhere-upload-paste-url">' . _s('add image URLs') . '</a>',
+                          
                         ]); ?></div>
-                        <div class="device-nonmobile--hide upload-box-status-text"><?php _se('You can add more images from %i, %c or %u.', [
+                        <div class="device-nonmobile--hide upload-box-status-text"><?php _se('You can add more images from %i, %c.', [
                             '%i' => '<a data-trigger="anywhere-upload-input">' . _s('your device') . '</a>',
                             '%c' => '<a data-trigger="anywhere-upload-input-camera">' . _s('take a picture') . '</a>',
-                            '%u' => '<a data-modal="form" data-target="anywhere-upload-paste-url">' . _s('add image URLs') . '</a>',
+                          
                         ]); ?></div>
                     </div>
                     <div data-group="uploading" class="soft-hidden">
@@ -330,12 +330,7 @@
                 </div>
             </div>
         </div>
-        <div id="anywhere-upload-paste-url" data-submit-fn="CHV.fn.uploader.pasteURL">
-            <span class="modal-box-title"><?php _se('Add image URLs'); ?></span>
-            <div class="modal-form">
-                <textarea class="resize-vertical" placeholder="<?php _se('Add the image URLs here'); ?>" name="urls"></textarea>
-            </div>
-        </div>
+      
     </div>

     <?php