Author |
Message |
cprompt
Regular
Joined: Jun 08, 2004
Posts: 64
|
Posted:
Thu Sep 23, 2004 8:30 pm |
|
OK. I thought I had seen this in the forusm here. I tried searchign but could not find it. I apoligize in advance if this a duplicate post.
Quote: | Date & Time: 2004-09-23 18:50:22
Blocked IP: 66.209.232.136
User ID: FredJen (36)
Reason: Abuse-Filter
--------------------
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address: 66.209.232.136
Remote Port: 3920
Request Method: GET
|
I use Gallery from Menalto and that query was blocked by Sentinel 2.0.2 |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
Posted:
Thu Sep 23, 2004 9:26 pm |
|
[ Only registered users can see links on this board! Get registered or login! ]
[ Only registered users can see links on this board! Get registered or login! ]
However, this was for &cmd= and you are using ?cmd= . So, I would try using this in includes/sentinel.phpCode: // Check for XSS attack
if (eregi("http\:\/\/", $name) OR (eregi("cmd",$querystring) AND !eregi("&cmd",$querystring) AND !eregi("?cmd",$querystring)) OR (eregi("exec",$querystring) AND !eregi("execu",$querystring)) OR eregi("concat",$querystring)) {
|
Let us know if that works. |
|
|
|
|
cprompt
|
Posted:
Fri Sep 24, 2004 8:28 am |
|
yes, this worked, thank you very much |
|
|
|
|
Dawg
RavenNuke(tm) Development Team
Joined: Nov 07, 2003
Posts: 928
|
Posted:
Sat Sep 25, 2004 12:26 pm |
|
Greetings Raven and All,
I am having some problems with gallery as well.
Query String: [ Only registered users can see links on this board! Get registered or login! ]
I assumed it is the ?CMD= in the above statment. I have tried the fix above but I got a bunch of errors at the top of my site after I included it.
Parse error: parse error in /public_html/includes/sentinel.php on line 842
Warning: Cannot modify header information - headers already sent by (output started at /public_html/includes/sentinel.php:842) in /public_html/mainfile.php on line 157
Any ideas for me where to look?
Thank you for Your help.
Dawg |
|
|
|
|
Dawg
|
Posted:
Sat Sep 25, 2004 12:31 pm |
|
?>
That is Line 842 in sentinel.php
setcookie("lang",$language,time()+31536000);
That is line 157 in mainfile.php
Thanks again for your help.
Dawg |
|
|
|
|
Raven
|
Posted:
Sat Sep 25, 2004 12:47 pm |
|
[ Only registered users can see links on this board! Get registered or login! ] |
|
|
|
|
spankee
New Member
Joined: Oct 22, 2004
Posts: 3
|
Posted:
Thu Oct 21, 2004 11:54 pm |
|
Hi, I am using 2.1 and I am getting this
Code:Date & Time: 2004-10-22 00:39:48
Blocked IP: 67.50.121.92
User ID: patrick (2)
Reason: Abuse-Filter
--------------------
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20041021 Firefox/1.0 (MOOX M3)
Query String: craigkin.com/modules.php?cmd=hide&index=1&set_albumName=album01&op=modload&name=Gallery&file=
index&include=do_command.php
Forwarded For: none
Client IP: none
Remote Address: 67.50.121.92
Remote Port: 1899
Request Method: GET
|
I tried the code from above but it did not work, I also got an error on the popup while trying the code;
Code:Warning: eregi(): REG_BADRPT in /home/spankee/public_html/includes/sentinel.php on line 198
|
lne 198 is the new code.
and also the popup has a date of Date Blocked: 1969-12-31 18:00:00
Thanks |
|
|
|
|
|