Hi Guys- apologies for the cross site post (UK nuke support and Ravens site)
----
Nuke 7.6
Chatserve patch 3.3
Dis Errors
Gallery 1.1.5 pl1
Sentinel 2.5.01
I've got the two running together, gallery shows as a module and works ok, etc. BUT when a user tries to rename an album (not sure if anything else) it bans the user. Admins cannot rename an album (the directory on the server- although Sentinel doesn't ban them)
I've just spotted there's a Sentinel update available- which I will endeavour to do soon.
I've done searches on here etc. but Raven's use google for searches (not good in my experience- you can't select which forum to search in, just the whole site)
I'm sure I've had something similar to this in the past... any ideas?
The message from Sentinel is this:
Code: › Blocked IP: 217.208.xx.xxx
User: <removed by me>
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Blocked on: 2007-02-09 13:17:18
Notes: Added by NukeSentinel(tm)
Reason: Abuse-Filter
Query String:
Get String:
Post String:
Forwarded For: none
Client IP: none
Remote Address: 217.208.xx.xxx
Remote Port: 1891
Request Method: GET
Query String: /modules.php?parentName=audioc&return=modules.php?op=modload&name=gallery&file=index&include=view_album.php&cmd=new-album&op=modload&name=gallery&file=index&include=do_command.php
Get String: /modules.php?parentName=audioc&return=/modules.php?op=modload&name=gallery&file=index&include=view_album.php&cmd=new-album&op=modload&name=gallery&file=index&include=do_command.php
Post String: /modules.php
I've removed the website URL deliberately.....
User tries to create an album- blocks him
While searching on here, I found something that may have helped:-
http://ravenphpscripts.com/postt10177.html presumably from the fixes instigated by Chatserv?
Code: › // Check for XSS attack
if(!stristr($nsnst_const['query_string'], "index.php?url=") AND !is_admin($_COOKIE['admin'])) {
if( eregi("http\:\/\/", $name) OR eregi("http\:\/\/", $file) OR eregi("http\:\/\/", $libpath)
// Added protection for gallery2 module
//OR stristr($nsnst_const['query_string'], "http://")
OR ( stristr($nsnst_const['query_string'], "http://") AND !stristr($nsnst_const['query_string'], "modules.php?name=gallery"))
// END gallery protection
// OR stristr($nsnst_const['query_string'], "http://") rem by Andy
OR ( stristr($nsnst_const['query_string'], "cmd=") AND !stristr($nsnst_const['query_string'], "&cmd") )
OR ( stristr($nsnst_const['query_string'], "exec") AND !stristr($nsnst_const['query_string'], "execu") )
OR stristr($nsnst_const['query_string'],"concat") AND !stristr($nsnst_const['query_string'], "../") ) {
block_ip($blocker_row);
I know the fix was for Gallery2- I edited to try to work with Gallery1. It didn't work though- it still banned the user....
Any comments/ suggestions welcome!
Forum FAQ
Statistics
Search
Usergroups
