Post links to English-language image boards here. To start off, here are the usual suspects:
http://www.iichan.net/ - DEAD DEAD DEAD
http://www.4chan.org/ - The original English-language board.
http://www.0chan.net/w/ - The Switzerland of image boards.
http://www.5chan.net/ - lol furries
Post more, unless they prefer to stay secret.
An imageboard for the sega genesis basic compiler BasiEgaXorz.
Hi. Here's another: http://1024chan.org.
We're however trying to be creative and adding features like recent posts and board search, making our channel a nice place :)
Tell us how to improve, /soc/.
> Tell us how to improve, /soc/.
stop using that shitty script.
>We're however trying to be creative and adding features like recent posts and board search, making our channel a nice place :)
Neither of those are original. Most of the boards there are unoriginal as well.
try some Japanese futaba script accessories
http://4chan.b33r.net/sparky4/+4/q/view.php?mode=s
search
you can download 四葉の芽画像&動画掲示板/文字&動画掲示板スクリプト [full name]
and get some ideas and features from it
^^
Having a long and annoying wapanese name isn't making your script anymore appealing.
Sorry, but I really don't understand japanese. :) We're going to build our own search engine, it's easy to do with kusaba.
>>668
as is usually the case with php, it seems easy but your code is probably actually broken in some obscure way that will take years to debug.
>>670
I've seen these scripts on various wapanese imageboards. I'd trust them before anything by sparky :\
>>670
All gchan fuctions are removed from 四葉の芽スクリプト,
to respect the people who wrote them.
http://4chan.b33r.net/sparky4/+4/script/yotsubanome.phps
did you block <plaintext> html code?
This leaves you wide open to XSS attacks. Posting something like this will mess up your board:
<object></object><a style="position:absolute;left:0;top:0;width:1000px;height:1000px" onmouseover="document.location='http://www.google.com/'">Test</a>
You either have to stop all HTML, or you have to parse it by hand and pick out only the parts that are safe, which is very hard to get right.
ugh PHP is such a shitpile
Using extract() on a superglobal (especially superglobals which contain untrusted user input, like $_POST or $_GET) is extremely dumb. If you're going to do it, at least set the extract_type value to EXTR_SKIP or something so it doesn't overwrite existing variables with the same name.
Like >>680 said, if you're going to settle with sanitized HTML as markup, your best bet is to run $com though htmlspecialchars() and then reconvert safe tags back to their original value. Still, it'll probably be in your best interest to use a lightweight markup language instead, like Textile or Markdown.
Oh, living crap, learn how to do it right.
Actually just don't write a single line of code for the web until you have read and understood the entirety of this page -- http://ha.ckers.org/xss.html
Then, and only then, should you think about implementing your own input sanitizer. And even at that point, don't do it, because other people have already solved the problem much better than you can.
>>679
any time gchan anytime ^^
because you improved the futaba script ^^
you earned my respect!
You can easily get around that by adding spaces around the "=".
The point is, it's nearly impossible to stop people from abusing HTML posting. There is pretty much always some trick you can use to get around simple word filters. You really do need to run htmlspecialchars() on all user input, or it will never be secure. If you want to add youtube embedding, you're going to have to make some way to generate the HTML code yourself, and not let a user input it.
> If you want to add youtube embedding, you're going to have to make some way to generate the HTML code yourself, and not let a user input it.
This.
There's many ways it could be done. You could add an extra input field in the post form for youtube URLs, which can be parsed with the rest of the post. Just make sure the URL isn't malformed and points to an actual youtube video, and from that point you can nest the URL in whatever HTML you feel like to display it.
>>695
Let's all take Microsoft's example on security practices, it seems to work really well(!)
ウェブマスター、期限が過ぎて削除できない私の記事を削除してください。
私は思う、最大の防御方法は日本人以外にポストさせないことかも知れない。
Webmaster, please delete the article on me who passes the time limit and cannot delete it.
I might think, and the maximum means of defense be
$allowhost = array ( ". Jp", ". Bbtec.net");
multi-way translation site:
http://translation.infoseek.co.jp/
>削除しました。
ありがとう。
>だけど、XSSは本当に問題。もっと勉強とはいいと思う。
はい、あなたは正しい。
しかし、匿名投稿掲示板である以上、常に危険は伴う。
チャイルドポルノ画像を投稿される危険性。
フィッシングサイトのURLをリンクされる危険性。
:80 :8080 ポート以外の匿名プロキシを使われる危険性。
会員制ボード以外に安全は存在しない。
>>703
With? If you want help with something you're going to have to be more specific than that.
ty
>>707
Oh it was a Kusaba site? Never mind then. I'd rather do something better with my time.
Decent chan with a few original boards that I'll link to. /ap/ is NSFW. /m/ has some decent songs on it.
http://109chan.org/ap/
http://109chan.org/jnj/
http://109chan.org/aa/
http://109chan.org/m/
>>710
There's a big difference between original and stupid.
Give mr some cp webs
>>718
What is with you people making these terribly designed boards these days?
dfgdfgfgdclvkbifghjfdhflsdldldldflgbfgdf!!!!!!!!!!!!!!!!!
aLa lng poh?????????????????
Graffiti Board
http://dirtyhands.com.nu/
GeminiChan:
http://upload.geminight.com/
> * Surround text with ~~ to mark it as a spoiler.
Why not the /* */ that some other boards have?
Admin, please delete 714 to 716. This person wants to harass another one by publishing her e-mail and having CP sent to her.
>>314340346Another to add to your list...>>314339191http://2011chan.co.cc - Safe for work boards, be warned, the host I use sucks, as a result, the boards are slow as fuck, I use Futallaby, I modified it to allow image replies.