Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
mrix
Client



Joined: Dec 04, 2004
Posts: 757

PostPosted: Fri Feb 18, 2005 3:39 pm Reply with quote

Hello all, this has never happened to me before but I find if I click on the links in HTTP Referers from the admin panel I find any link there takes me to my home page? this is a pain as I use these links a lot to find out where vistiors are coming from to reach my site I can copy and paste the individual links in a browser but its a pain really. any idea`s why this is happening? also its the same for web links if someone adds a link to my sites and I go to admin and except the link there is a visit site link there but if I clcik on it that takes me to my home page also?
Thanks for any help all
mrix

phpnuke 7.6
Sentinal 2.3
 
View user's profile Send private message Visit poster's website
chatserv
Member Emeritus



Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Fri Feb 18, 2005 6:56 pm Reply with quote

When clicking on them you should first get a url like: [ Only registered users can see links on this board! Get registered or login! ]
which will then get converted to: [ Only registered users can see links on this board! Get registered or login! ]

I tested on one of my sites running Nuke 7.6 and the latest NukeSentinel and it works for me.
 
View user's profile Send private message Visit poster's website
mrix







PostPosted: Sat Feb 19, 2005 3:09 am Reply with quote

Yes this is very weird??? I do get that type of url which is here
[ Only registered users can see links on this board! Get registered or login! ]

but when I click on it it takes me to my page which is [ Only registered users can see links on this board! Get registered or login! ] ????? weird??
Cheers
mrix
 
chatserv







PostPosted: Sat Feb 19, 2005 9:46 am Reply with quote

Check if your main index file has this code after home= 1;
Code:
if (isset($url) AND is_admin($admin)) {

    echo "<meta http-equiv=\"refresh\" content=\"0; url=$url\">";
    die();
}
 
mrix







PostPosted: Sat Feb 19, 2005 5:44 pm Reply with quote

Many thanks to you all is working fine now I done a check on that piece of code and found part of it missing completely? anyway I pasted it back and all is 100%
Thanks
mrix
 
suzy
New Member
New Member



Joined: Apr 10, 2005
Posts: 16

PostPosted: Thu May 19, 2005 10:48 pm Reply with quote

Would this work with 7.5 and 2.2.0 sentintal?
 
View user's profile Send private message Visit poster's website
chatserv







PostPosted: Thu May 19, 2005 11:10 pm Reply with quote

It should.
 
suzy







PostPosted: Thu May 19, 2005 11:19 pm Reply with quote

do I add it above this or under or what? I am really dense.

Code:
if ($httpref==1) {

    $referer = $_SERVER["HTTP_REFERER"];
    $referer = check_html($referer, nohtml);
    if ($referer=="" OR eregi("^unknown", $referer) OR substr("$referer",0,strlen($nukeurl))==$nukeurl OR eregi("^bookmark",$referer)) {
    } else {
   $sql = "INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')";
   $result = $db->sql_query($sql);
 
chatserv







PostPosted: Thu May 19, 2005 11:25 pm Reply with quote

Above it, right under:
$home = 1;
 
suzy







PostPosted: Thu May 19, 2005 11:30 pm Reply with quote

Code:
$home = 1;


if (isset($url) AND is_admin($admin)) {
    echo "<meta http-equiv=\"refresh\" content=\"0; url=$url\">";
    die();
}


or

Code:
$home = 1;

if (isset($url) AND is_admin($admin)) {
    echo "<meta http-equiv=\"refresh\" content=\"0; url=$url\">";
    die();
}


I am not sure it is working because I tried it to the top way and I am still showing my own site in the links.
 
suzy







PostPosted: Thu May 19, 2005 11:48 pm Reply with quote

oops, I made a mistake I have 6.5 does that make a difference?
 
chatserv







PostPosted: Thu May 19, 2005 11:57 pm Reply with quote

Try changing:
Code:
if ($httpref==1) { 

    $referer = $_SERVER["HTTP_REFERER"];
    $referer = check_html($referer, nohtml);
    if ($referer=="" OR eregi("^unknown", $referer) OR substr("$referer",0,strlen($nukeurl))==$nukeurl OR eregi("^bookmark",$referer)) {
    } else {
   $sql = "INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')";
   $result = $db->sql_query($sql);

to:
Code:
if ($httpref==1) { 

    $referer = $_SERVER["HTTP_REFERER"];
    $referer = check_html($referer, nohtml);
    if ($referer=="" OR eregi("^unknown", $referer) OR substr("$referer",0,strlen($nukeurl))==$nukeurl OR eregi("^bookmark",$referer) OR eregi("$nukeurl", $referer)) {
    } else {
   $sql = "INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')";
   $result = $db->sql_query($sql);
 
chatserv







PostPosted: Thu May 19, 2005 11:58 pm Reply with quote

Shouldn't matter that it's 6.5
 
suzy







PostPosted: Fri May 20, 2005 12:16 am Reply with quote

This is my whole php file. I am either missing something or it does not like me tonight.
I could be over tired.
What I am trying to do is make it so I can turn on the refers block but not have all of my own site listed in the links.

For example:: I am testing this out on my planetsuzy.net site and these are the refers in the list as of now after i deleted a bunch out to see if it worked. If you notice the one in bold is still from on site.

not these are the links listed in admin section http referers


1 [ Only registered users can see links on this board! Get registered or login! ]
2 [ Only registered users can see links on this board! Get registered or login! ]
3 [ Only registered users can see links on this board! Get registered or login! ]
4 [ Only registered users can see links on this board! Get registered or login! ]
5 [ Only registered users can see links on this board! Get registered or login! ]
6 [ Only registered users can see links on this board! Get registered or login! ]

this is how it shows in the blocks referer block the one in bold is on site.

What I was trying to do was remove all on site links from the refer list and have the just name of the domain show up :: example PlanetSuzy ( for the planetsuzy.com refers )
1: [ Only registered users can see links on this board! Get registered or login! ]
2: [ Only registered users can see links on this board! Get registered or login! ]
3: [ Only registered users can see links on this board! Get registered or login! ]
4: [ Only registered users can see links on this board! Get registered or login! ]
5: [ Only registered users can see links on this board! Get registered or login! ]
6: [ Only registered users can see links on this board! Get registered or login! ]

6 HTTP Referers
[ Delete ]

Thanks for trying to help in advance, I will check back tomorrow I need to get to bed.


Code:
<?php


/*********************************************************************

***/
/* PHP-NUKE: Advanced Content Management System                       

 */
/* ============================================                       

 */
/*                                                                     

 */
/* Copyright (c) 2002 by Francisco Burzi                               

 */
/* http://phpnuke.org                                                 

 */
/*                                                                     

 */
/* This program is free software. You can redistribute it and/or

modify */
/* it under the terms of the GNU General Public License as published

by */
/* the Free Software Foundation; either version 2 of the License.     

 */
/*********************************************************************

***/

require_once("mainfile.php");
$_SERVER['PHP_SELF'] = "modules.php";
$sql = "SELECT main_module from ".$prefix."_main";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$name = $row[main_module];
$home = 1;
if (isset($url) AND is_admin($admin)) {
    echo "<meta http-equiv=\"refresh\" content=\"0; url=$url\">";
    die();
}

if ($httpref==1) {
    $referer = $_SERVER["HTTP_REFERER"];
    $referer = check_html($referer, nohtml);
    if ($referer=="" OR eregi("^unknown", $referer) OR

substr("$referer",0,strlen($nukeurl))==$nukeurl OR

eregi("^bookmark",$referer) OR eregi("$nukeurl", $referer)) {
    } else {
   $sql = "INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')";
   $result = $db->sql_query($sql);
    }
    $sql = "SELECT * FROM ".$prefix."_referer";
    $result = $db->sql_query($sql);
    $numrows = $db->sql_numrows($result);
    if($numrows>=$httprefmax) {
   $sql = "DELETE FROM ".$prefix."_referer";
   $result = $db->sql_query($sql);
    }
}
if (!isset($mop)) { $mop="modload"; }
if (!isset($mod_file)) { $mod_file="index"; }
$name = trim($name);
$file = trim($file);
$mod_file = trim($mod_file);
$mop = trim($mop);
if (ereg("\.\.",$name) || ereg("\.\.",$file) || ereg("\.\.",$mod_file)

|| ereg("\.\.",$mop)) {
    echo "You are so cool...";
} else {
    $ThemeSel = get_theme();
    if (file_exists("themes/$ThemeSel/module.php")) {
   include("themes/$ThemeSel/module.php");
   if (is_active("$default_module") AND

file_exists("modules/$default_module/$mod_file.php")) {
       $name = $default_module;
   }
    }
    if (file_exists("themes/$ThemeSel/modules/$name/$mod_file.php")) {
   $modpath = "themes/$ThemeSel/";
    }
    $modpath .= "modules/$name/$mod_file.php";
    if (file_exists($modpath)) {
   include($modpath);
    } else {
   $index = 1;
   include("header.php");
   OpenTable();
   if (is_admin($admin)) {
       echo "<center><font

class=\"\"><b>"._HOMEPROBLEM."</b></font><br><br>[ <a

href=\"admin.php?op=modules\">"._ADDAHOME."</a> ]</center>";
   } else {
       echo "<center>"._HOMEPROBLEMUSER."</center>";
   }
   CloseTable();
   include("footer.php");
    }
}

?>
 
chatserv







PostPosted: Fri May 20, 2005 7:12 am Reply with quote

After you made the changes did you delete your referers to check if the site gets added after?
 
suzy







PostPosted: Fri May 20, 2005 10:04 am Reply with quote

Yes I did 3 times. Still they are added.
 
suzy







PostPosted: Sat May 21, 2005 8:51 am Reply with quote

Can you give me any more help with this?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©