copyright symbol in IPTC copyright symbol in IPTC
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

copyright symbol in IPTC

Started by sykocus, June 11, 2006, 11:42:43 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

sykocus

June 11, 2006, 11:42:43 AM
Is there a way to have the copyright symbol show up in the IPTC. For example in the copyright info in for this picture should have the © infront of it.

www.jgarrido.net/gallery/displayimage.php?pos=-18

Joachim Müller

#1
June 11, 2006, 02:21:40 PM
Coppermine doesn't edit the IPTC data, it just displays what it finds. If you want a copyright-icon to be displayed in your IPTC-data, you'll have to edit the file accordingly, using your favorite IPTC editor.
If you just want to edit the content of the left column (the words "IPTC Copyright:"), just edit your language file (e.g. /lang/english.php) with a plain text editor, find the string you want to see changed, that's all.

sykocus

#2
June 11, 2006, 11:20:21 PM
I don't think I explained it well. The copyright symbol is in the IPTC field of the picture, it's just now showing up when coppermine displays the info. It's entered into pictured using photoshop and shows up in other programs like irfanview.
(https://coppermine-gallery.com/forum/proxy.php?request=http%3A%2F%2Fwww.jgarrido.net%2Fcopyright.jpg&hash=f117a2b4b58536acb4911cb73b7c789e6bfbfe3d)

Nibbler

#3
June 12, 2006, 01:47:42 AM
The symbol gets removed by the sanitizing functions. If you trust your iptc data you can remove some of the security.

include/iptc.inc.php

Code Select
$data=htmlentities(strip_tags(trim($data,"\x7f..\xff\x0..\x1f")),ENT_QUOTES); //sanitize data against sql/html injection; trim any nongraphical non-ASCII character:


change to

Code Select
$data=strip_tags(trim($data)); //sanitize data against sql/html injection:

and displayimage.php

Code Select

# sanitize against sql/html injection; trim any nongraphical non-ASCII character:
$value = trim(htmlentities(strip_tags(trim($value,"\x7f..\xff\x0..\x1f")),ENT_QUOTES));


change to

Code Select

# sanitize against sql/html injection;
$value = trim(htmlentities(strip_tags(trim($value)),ENT_QUOTES));

Tranz

#4
June 12, 2006, 04:10:01 AM
As Nibbler hinted, if you can't trust the iptc data, don't change the code, or don't allow users to upload files to your gallery.

sykocus

#5
June 12, 2006, 04:16:46 AM
I am the only one who uploads to my gallery and ATM I only have copyright info in the IPTC data. Is there anything else I should worry about before I removed the sanitizing functions?
Print
Go Up Pages1
User actions