Extension talk:VideoFlash

From MediaWiki.org

[edit] How do I see which pages have a VideoFlash video embedded?

Similar to templates, I'd like to see a list of pages which use <videoflash>. How? Thanks. --Torley 18:56, 7 October 2009 (UTC)

[edit] support for Revver?

What about adding support for Revver? I tried to tweak it on my own but I was having some difficulty. Any suggestions?

I have Added Revver support to VideoFlash extension --Args 11:36, 24 March 2007 (UTC)

A quick and dirty solution to display videos from Revver (Example):

Copy the following code into extensions/revverflash.php :

  <?php

/*******************************************************************************
*                                                                              *
* RevverFlash Extension by Daniel Hüttenmeister, based on VideoFlash extension *
* http://www.mediawiki.org/wiki/Extension:VideoFlash                           *
*                                                                              * 
*                                                                              * 
* Tag :                                                                        *
*   <revverflash>v</revverflash>                                               * 
*                                                                              *
* Ex :                                                                         *
*   http://one.revver.com/watch/89072                			       *
*   <revverflash>89072</revverflash>                                             *
*                                                                              *
*                         						       *				*                                                                              *
********************************************************************************/ 

$wgExtensionFunctions[] = 'wfRevverFlash';
$wgExtensionCredits['parserhook'][] = array(
        'name' => 'RevverFlash',
        'description' => 'RevverFlash (based on VideoFlash from Alberto Sarullo)',
        'author' => 'Daniel Hüttenmeister',
        'url' => 'http://www.mediawiki.org/wiki/Extension:VideoFlash'
);

function wfRevverFlash() {
        global $wgParser;
        $wgParser->setHook('revverflash', 'renderRevverFlash');
}


# The callback function for converting the input text to HTML output
function renderRevverFlash($input, $args) {
        $type = "revver";
        $params = explode ("|", $input);
        $id = $params[0];
        $width = 480;
        $height = 392;
        $style = '';
        
		  $url['revver']		 = 'http://flash.revver.com/player/1.0/player.swf';
		  
  
        if(count($args)>0 && $args['type'] && $url[$args['type']]){
           $type = $args['type'];
        }        

        if (count($params) > 1) {
           $width = $params[1];
           if (count($params) > 2) {
              $height = $params[2];
              if (count($params) > 3) {
                 $style = $params[3];
              }
           }
        }
    
        $output='<embed type="application/x-shockwave-flash" src="'.$url[$type]
        .'" pluginspage="http://www.mac392romedia.com/go/getflashplayer" scale="noScale" salign="TL" bgcolor="#ffffff" flashvars="mediaId='.$id
        .'&affiliateId=0" wmode="transparent" height="'.$height.'" width="'.$width.'"></embed>';

       
        return $output;
 }

?>

Add the following lines at the end of LocalSettings.php:

require_once("extensions/revverflash.php");

[edit] Standalone .flv files

There are many free .swf players for .flv files.

I find the lack of

<videoflash type="flv">somefileuploadedtomediawiki.flv</videoflash>

and

<videoflash type="flv">http://whatever.com/foo.flv</videoflash>

annoying to the point where I may much likely add something which does that. --Xiando 19:52, 13 March 2007 (UTC)

hold tight, I'll commit Extension:Player in a few hours. -- Duesentrieb ⇌ 20:23, 13 March 2007 (UTC)

Sweet. Perhaps you should take a look and see if there's any interesting code in anarchy media player, then. It works great for wordpress sites. Perhaps there's something you can borrow from there. --Xiando 20:47, 13 March 2007 (UTC)

Love the extension! --Lolade 20:42, 2 April 2007 (UTC)

[edit] XSS Vulnerability Explained

Consider this snippet of code (unrelated lines have been removed):

 $params = explode ("|", $input);
 $id = $params[0];
 
 // ...
 
 $url['youtube']     = 'http://www.youtube.com/v/'.$id;
 
 // ...
 
 $output= '<object width="'.$width.'" height="'.$height.'" style="' . $style . '">'
       .'<param name="movie" value="'.$url[$type].'"> &t;param name="allowfullscreen" value="true" />'

If the $id contains a doublequote followed by a close tag, the editor can effectively break out of the <param> tag and insert a <script> tag like so:

<videoflash>4lhyH5TsuPg" />
<script type="text/javascript">
alert('evil code here');
</script>
<param class="</videoflash>

This happens because the $id field is never urlencoded on the way to becoming part of the <param> tag's value attribute.

Hope this makes sense. --Jimbojw 21:00, 6 April 2007 (UTC)

Since version 1.1 (2007-03-24), the entire $input is parsed (inluding any '<' or '>' tags). --Args 17:28, 10 April 2007 (UTC)

You're right - sorry for the confusion. The call to htmlspecialchars takes care of the quotes. The only other thing I can find that's abusable is that it's possible to hijack the url to a degree by inserting a leading '../' vis a vis:

<videoflash>../img/pic_youtubelogo_123x63.gif</videoflash>

More of annoyance vector rather than an actual attack vector though. --Jimbojw 18:52, 10 April 2007 (UTC)

[edit] godtube

Does someone mind adding GodTube to this? --12.219.111.23 16:15, 16 April 2007 (UTC)

FramedVideo now supports GodTube, if you still need it. (FaithTube uses YouTube streaming.) Ruiz 13:54, 17 August 2008 (UTC)

[edit] faithtube

or faithtube www.faithtube.com

[edit] Yahoo video

It would be helpful if Yahoo video is added to this extension. I tried the obvious way and it didn't work. Thanks.

[edit] Bug

Using this extension as part of a template seems to break it.
Example template:

<videoflash type="googlevideo">{{{video}}}|400|326</videoflash>

If you use this as part of a template and insert the correct video ID, it will not correctly insert the ID. It leaves the URL with {{{video}}} in the address. Any fix possible?

This isn't a bug in VideoFlash - it's a symptom of the fact that it's an extension tag. Extension tags cannot interpret the parameters as you'd like. --Jimbojw 05:24, 15 June 2007 (UTC)

[edit] submitting patch

Reposting here: I've modified Extension:VideoFlash a little, and added support for blip.tv- what would be the best way to go about submitting a patch for consideration ? -SignpostMarv 22:06, 1 July 2008 (UTC)

It was requested that I make the modification available for consideration on the Second Life Wiki, so the modification is available here

SignpostMarv 10:50, 12 August 2008 (UTC)

I am getting "Undefined offset" notices running under IIS 6.0/PHP 5.2.9-2 when I do a "Show Preview". Rather than disabling E_NOTICE, I recommend the following changes to the current code (as of the current date):

Replace

   list($id,$width,$height,$style) = explode('|',htmlspecialchars($input));
   $width = is_numeric($width) ? $width : 425;
   $height = is_numeric($height) ? $height : 350;
   $style = is_string($style) ? $style : '';

with

   $args = explode('|',htmlspecialchars($input));
   $id = $args[0];
   $width = (count($args) > 1 && is_numeric($args[1])) ? $args[1] : 425;
   $height = (count($args) > 2 && is_numeric($args[2])) ? $args[2] : 350;
   $style = (count($args) > 3 && is_string($args[3])) ? $args[3] : '';

I also recommend adding some type of version identifier, even if just in the comments, to the extension so that future reports can be against a particular version rather than "the code I grabbed at some point".

Thanks! --MobiGeek 03:19, 20 May 2009 (UTC)

[edit] Programmatically include fullscreen support

I wasn't sure if I should simply hacque the code or suggest the change here, so I'll suggest first, then you can decide. This also probably qualifies as a patch, but I wasn't sure where to submit?

It is really trivial to add an option (possibly as an argument to the function itself) so that the full screen display option is incorporated in the main branch of the code. The changes are simple, and require (1) initializing the boolean "$fullscreen_enabled = 0;" at the top. Here is the code:

function renderVideoFlash($input, $args) {
  $input = htmlspecialchars($input);
  $fullscreen_enabled = 0;              // set to 1 (or True) to enable full screen viewing
 
  // [ ... no more changes until before "return $output;" ... ]
 
  if ($fullscreen_enabled) {
    /****************************************************************************
    * Simple "View in fullscreen" addon by xiandos.info.                        *
    * At the end, before the output is returned, add:                           *
    *****************************************************************************/
    if (strstr($type, "googlevideo")) {
      $output .= '<p><a href="javascript:void(window.open('
        . "'http://video.google.com/googleplayer.swf?docid="
        . $id
        . "','GooglePlayer','location=no,menubar=no,scrollbars=auto,status=no,"
        . "toolbar=no,fullscreen=yes,dependent=no,left=1,top=1'))"
        . '">View the video in fullscreen</a></p>';
      }
    }
  return $output;
  }

--Fjb 02:28, 4 August 2008 (UTC)

[edit] problem report

i use Mediawiki 1.13.1. i installed the extension but it gives me at the top of every wiki page a line full of questionmarks like this: ???????????????????? when i desinstall the extension the problem disappears. maybe some problem with the code? thank you i give you the link to the forum wheree i reported the problem with the related screenshots http://www.mwusers.com/forums/showthread.php?p=30086#post30086 --Biris 08:56, 7 October 2008 (UTC)

I don't see the problem in 1.13.2- I just upgraded my personal install to this version. Can you pastebin a copy of the extension code that you have installed, in case you have inadvertently copied the code incorrectly ?

SignpostMarv 22:38, 21 October 2008 (UTC)

[edit] Vimeo, Blip.TV

It seems like it would be easy to add Vimeo support. Their URLs are like this: http://www.vimeo.com/5297531

You can turn that into a SWF like this: http://vimeo.com/moogaloop.swf?clip_id=5297531

Use that as the src of the embed tag.

Regarding blip.tv, I noticed this note on the main page:

note: I don't know why Blip.tv uses different ID's in it's embed code as opposed to it's url. I suspect it may be changing over or something, which is why I haven't suggested editing the code of this extension to use the 'file' rather than the 'play' url for Blip.

I was dealing with this recently and figured out a solution. If you have this URL: http://blip.tv/file/1490573

Then the location of the SWF to use in the embed code is: http://blip.tv/scripts/flash/showplayer.swf?file=http://blip.tv/file/1490573%3Fskin%3Drss (notice it's the same file ID)

Basically, adding ?skin=rss to the regular URL gives you an RSS version, and blip has a player that reads RSS. I confirmed with blip.tv support that this works / is acceptable.

Just thought I'd throw that out there. Maybe it's not important to you guys now that it's already being done the one way (which I think would be more difficult to use).

--Orangebus 01:13, 27 June 2009 (UTC)

[edit] Error on mediaWiki 1.15

When saving a change to a wiki page (with the videoflash tag in) you get the following errors:

PHP Notice:  Undefined index:  vid in <path>\extensions\videoflash.php on line 62
PHP Notice:  Undefined offset:  3 in <path>\extensions\videoflash.php on line 72
PHP Notice:  Undefined offset:  2 in <path>\extensions\videoflash.php on line 72
PHP Notice:  Undefined offset:  1 in <path>\extensions\videoflash.php on line 72

The page is still updated if you navigate back and view the page manually.
Does anyone have a solution to this issue?