Avatar URL

Submitted by Anonymous on Wed, 12/26/2012 - 02:40
Written by
tvn

The Avatar URL should not be allowed to be like:

WWW.YOURSITE.COM

It should always tell the user it has to end in .jpg .gif bla bla valid types or its not allowed.

You know for security and all the rest of what happens.

Or is another thing that is not in the box?

Something like this has been brought up earlier, and the conclusion is that a file extension on the WWW does not guarantee anything. A .png "file" could easily be something different, and a path without suffix can be an image too.

See comment/1015#comment-1015

(There was an extension check at that time but it got removed in a later year.)

UseBB already checks if an avatar ends with jpg, gif or png.

I was reading that but UseBB dose not check if an avatar ends with jpg, gif or png. I am allowed to use http://www.usebb.net/ as an URL and that is it.

Was the hole point to this post. And as for the extension check should that not be something in the core coding and not a extension made by some one, not that it will do any good now UseBBZone is closed.

Is there any way I can make it look for the valid types for the avatar URL before it lets the user use it?

I have added http://www.usebb.net/ as my avatar URL here just to show you it lets you use an URL with out jpg, gif or png end to it.

You should read the post above (and the other topic) more closely. Checking the extension gives no guarantee whatsoever. It's at most "an indication that may be correct". The extension check is no longer in there since I don't remember which revision.