Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
CozmicShredder
New Member
New Member



Joined: Dec 24, 2004
Posts: 5
Location: MI, USA.

PostPosted: Fri Dec 24, 2004 5:30 pm Reply with quote

How do you disable direct view of module.php

I am using PHPNuke 7.5 patched I noticed a lot of people directly viewing the module.php for some odd reason could you please explain how I can block the direct viewing of this file?

_________________
[img]http://www.cozmicshredder.com/signature.php[/img] 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
hitwalker
Sells PC To Pay For Divorce



Joined:
Posts: 5661

PostPosted: Fri Dec 24, 2004 5:57 pm Reply with quote

its not very clear what you mean but maybe you see some things in your stats or whatever but you cannot view or address modules directly.
 
View user's profile Send private message
CozmicShredder







PostPosted: Fri Dec 24, 2004 10:36 pm Reply with quote

Well I just need the code if you or anyone else knows what to put in a file I would really appreciate it.
 
PHrEEkie
Subject Matter Expert



Joined: Feb 23, 2004
Posts: 358

PostPosted: Fri Dec 24, 2004 10:55 pm Reply with quote

If a ?name= doesn't follow a modules.php request, it will return "This module is not active". There is no way to 'view' anything in this file, because there's no HTML being echoed out of it. If a valid module name is provided, the only thing it does it open tables, include header, display the module, include footer, then close the table. What is your modules.php displaying?

PHrEEk

_________________
PHP - Breaking your legacy scripts one build at a time. 
View user's profile Send private message
CozmicShredder







PostPosted: Sat Dec 25, 2004 1:11 am Reply with quote

Well if you goto my site type in [ Only registered users can see links on this board! Get registered or login! ]

You will see what I am talking about I just don't want my members to be able to only be able to see the scrolling downloads and news I want them to have to view the whole page.
 
PHrEEkie







PostPosted: Sat Dec 25, 2004 1:30 am Reply with quote

[ Only registered users can see links on this board! Get registered or login! ] isn't a valid Nuke URL because there's no module request with it. Yours works exactly as I described and if you type in:
[ Only registered users can see links on this board! Get registered or login! ]

you get "this module is not active". If, however you type in a valid URL, such as:
[ Only registered users can see links on this board! Get registered or login! ]

it will display the downloads module as expected. I don't know if you're explaining correctly what you want or expect when a module is requested. Did you want the module to fill the entire page, or no blocks on the right, or what?

PHrEEk
 
CozmicShredder







PostPosted: Sat Dec 25, 2004 1:40 am Reply with quote

Example of what I want to have!

Click on link below!
[ Only registered users can see links on this board! Get registered or login! ]

It says: Sorry, you can't access this file directly...
 
CozmicShredder







PostPosted: Sat Dec 25, 2004 2:01 am Reply with quote

Ok I fixed it I uploaded a new modules.php don't understand it but something was wrong with the other file I guess!
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©