| Author |
Message |
dad7732
RavenNuke(tm) Development Team
Joined: Mar 18, 2007
Posts: 1242
|
 Posted:
Wed Aug 12, 2009 6:50 am |
|
Logged in as Admin of course. Created a new block with FCKEditor, added the script for Google Adsense, saved and was blocked by the script blocker.
| Quote: | Created By: NukeSentinel(tm) 2.6.02
Date & Time: 2009-08-12 07:30:43 CDT GMT -0500
Blocked IP: xxx.xxx.xxx
User ID: Anonymous (1)
Reason: Abuse-String
String Match: Java |
If I am logged in as Admin, how can the User ID be anonymous just by saving the block? Also, how can the script blocker come in to play?
Cheers |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sun Aug 16, 2009 6:04 am |
|
If the script blocker (string) is activated it will always be called. If you are not also logged in as a registered user then to NS/RN you are Anonymous. |
Last edited by Raven on Sat Aug 22, 2009 9:54 am; edited 1 time in total |
|
|
|
|
dad7732
|
| Posted:
Sun Aug 16, 2009 6:33 am |
|
Yahbuttt .. a "user" other than the admin cannot save a block. I guess what you're saying makes sense nonetheless. I'll remember to login as a user AND as admin when using the editor.
Cheers |
| |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
| Posted:
Sat Aug 22, 2009 8:15 am |
|
dad7732, I believe that your original post really had two questions in it. The one as to why it is showing up as "anonymous", of which Raven has replied. Logging in as a regular user will not stop the block message, just it won't show "anonymous" any more.
The issue really is that the script blocker is quite aggressive. I am not sure why it is stopping an admin from doing this, but I do know that I tend to shy away from creating HTML blocks with javascript code in it. If I need that kind of block, I just create a very simple block file and pull it in that way. |
_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... |
|
|
|
dad7732
|
| Posted:
Sat Aug 22, 2009 8:37 am |
|
I just thought it rather ironic and amusing that the "Admin" would get blocked for adding a script blocker. 
Cheers |
| |
|
|
|
|
Raven
|
| Posted:
Sat Aug 22, 2009 9:57 am |
|
| dad7732 wrote: | I just thought it rather ironic and amusing that the "Admin" would get blocked for adding a script blocker.
Cheers |
Is your admin userid Protected in NukeSentinel(tm)? |
| |
|
|
|
|
dad7732
|
| Posted:
Sat Aug 22, 2009 10:18 am |
|
|
|
|
|
Raven
|
| Posted:
Sat Aug 22, 2009 10:41 am |
|
Think that might explain it ? |
| |
|
|
|
|
dad7732
|
| Posted:
Sat Aug 22, 2009 10:50 am |
|
Well, could have, except for the fact that I've added script blockers in the past without a problem. May be the particular script, who knows. Gremlins are responsible for everything not easily explained.
Cheers |
| |
|
|
|
|
Raven
|
| Posted:
Sat Aug 22, 2009 11:01 am |
|
|
|
|
|
dad7732
|
| Posted:
Sat Aug 22, 2009 11:57 am |
|
Ok, since the principle is "entities should not be multiplied unnecessarily", maybe it was just ONE Gremlin .. |
| |
|
|
|
|
Raven
|
| Posted:
Sat Aug 22, 2009 12:58 pm |
|
A more generalized translation is "when alternative hypotheses exist, the one requiring the fewest assumptions should be preferred.". In other words, sometimes the simplest answer is the best  |
| |
|
|
|
|
montego
|
| Posted:
Sat Aug 22, 2009 3:33 pm |
|
| dad7732 wrote: | | Well, could have, except for the fact that I've added script blockers in the past without a problem. May be the particular script, who knows. |
I agree. Could very well be. I have always had the opinion that an admin should be allowed to do anything that they wish without having to resort to direct DB updates via phpMyAdmin. This would mean that all NS blocks should be bypassed if you are logged in as admin... but, that can be a scary proposition to some.
What I might like to see at least, though, is a way to bypass for SuperUser Admins or maybe just the God admin(s). That might be a reasonable compromise. Just a thought for chewing on... |
| |
|
|
|
|
eldorado
Involved
Joined: Sep 10, 2008
Posts: 424
Location: France,Translator
|
| Posted:
Sat Aug 22, 2009 4:43 pm |
|
| montego wrote: |
What I might like to see at least, though, is a way to bypass for SuperUser Admins or maybe just the God admin(s). That might be a reasonable compromise. Just a thought for chewing on... |
sounds like fun... i'm up for it. |
_________________
United-holy-dragons.net (My RN site)- Rejekz(cod4 clan) - gamerslounge |
|
 |
|
Raven
|
| Posted:
Sat Aug 22, 2009 4:48 pm |
|
I have been under the impression that admins that are protected see the screen rejection and may even get the email but that they are not banned. This is supposed to be by design. Is this not working? |
| |
|
|
|
|
dad7732
|
| Posted:
Sat Aug 22, 2009 5:00 pm |
|
I guess this is a silly question but WHY does an "admin" have to be protected in the first place? Isn't a login ID/password protection enough? If you're going to protect the ID and login with that ID then it seems sorta redundant .. to me at least.
Cheers |
| |
|
|
|
|
Raven
|
| Posted:
Sat Aug 22, 2009 5:18 pm |
|
Since most nuke type system don't have a real "role" administration system, NS was designed to only protect admins who are looked at as having the same admin "role" as the founding admin that was assigned when NS was set up. This manual assigning is basically an intermediate stop gap type procedure. If we had a true role based administration system then this could be bypassed. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
