Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
ring_c
Involved
Involved


Joined: Dec 28, 2003
Posts: 276
Location: Israel

PostPosted: Tue May 10, 2005 2:43 pm Reply with quote

I hope this is the right place to post this. Lately, I can not log into my forum's admin panel.

I'm running phpnuke v6.7, and all I get when trying to reach the forum's admin page is a blank white page and nothing more!

Any help will be greatly appreciated!
 
View user's profile Send private message Visit poster's website
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Tue May 10, 2005 4:46 pm Reply with quote

hi,

maybe its time to update ...atleast to the 7.6
a blank page for the forum admin usualy happens after some upgrade or whatever...
maybe you can track back the things you done or touched.
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Tue May 10, 2005 10:40 pm Reply with quote

Check your server error log to see if the errors are being posted. As Hitwalker indicated, what changes have you recently made? Things don't just 'happen' ROTFL
 
View user's profile Send private message
ring_c
PostPosted: Tue May 10, 2005 11:21 pm Reply with quote

Quote:

Check your server error log to see if the errors are being posted. As Hitwalker indicated, what changes have you recently made? Things don't just 'happen'

I know, I know... Sad
If I could only recall... I've tried changing a few things but it didn't seem to help.
I do recall my site was hacked about 2 weeks ago, deleting all my root files (and I'm using Sentinel!!! Sad ). I've replaced them with a back I had about a month or 2 old. Maybe that's the case?
 
ring_c
PostPosted: Tue May 10, 2005 11:25 pm Reply with quote

I've looked at my error logs, and have found these error constantly reaccuring:

Code:
[11-May-2005 07:25:16] PHP Warning:  Cannot modify header information - headers already sent by (output started at /home/hagigim/public_html/header.php:36) in /home/hagigim/public_html/includes/sessions.php on line 251

[11-May-2005 07:25:16] PHP Warning:  Cannot modify header information - headers already sent by (output started at /home/hagigim/public_html/header.php:36) in /home/hagigim/public_html/includes/sessions.php on line 252
[11-May-2005 07:25:16] PHP Warning:  Cannot modify header information - headers already sent by (output started at /home/hagigim/public_html/header.php:36) in /home/hagigim/public_html/includes/page_header.php on line 564
[11-May-2005 07:25:16] PHP Warning:  Cannot modify header information - headers already sent by (output started at /home/hagigim/public_html/header.php:36) in /home/hagigim/public_html/includes/page_header.php on line 566
[11-May-2005 07:25:16] PHP Warning:  Cannot modify header information - headers already sent by (output started at /home/hagigim/public_html/header.php:36) in /home/hagigim/public_html/includes/page_header.php on line 567


Any idea?
 
ring_c
PostPosted: Tue May 10, 2005 11:34 pm Reply with quote

/includes/page_header.php's lines 564-567 are:
Code:
        header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');

}
header ('Expires: 0');
header ('Pragma: no-cache');


/includes/seesions.php's lines 251-252 are:
Code:
   setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);

   setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);


I don't recall touching these files/lines. at least not lately. Any idea where the problem is?
 
ring_c
PostPosted: Wed May 11, 2005 4:34 am Reply with quote

I've upgraded Sentinel to the newest version last week (NukeSentinel Universal Version 2.1.2) and I added to the mainfile.php this code:

Code:


if (defined('FORUM_ADMIN')) {
  @include_once("../../../includes/nukesentinel.php");
} elseif (defined('INSIDE_MOD')) {
  @include_once("../../includes/nukesentinel.php");
} else {
 @include_once("includes/nukesentinel.php");
}


Removing that code, solved the problem. but now I guess Sentinel is not activated for my site anymore, right?

Anyway, what was I doing wrong?
 
hitwalker
PostPosted: Wed May 11, 2005 4:43 am Reply with quote

hi,

why dont you just upgrade the whole stuff to 7.6 ?
then your problems will be solved automatically..
 
ring_c
PostPosted: Wed May 11, 2005 5:03 am Reply with quote

hitwalker wrote:
why dont you just upgrade the whole stuff to 7.6 ?


I'll tell you why. I'm using PhpNuke in Hebrew and have modified it so much, that I don't have the chance to upgrade it thoroughly.

I've changed the tables structure co many times, that I don't see how I can move it to 7.6.

I've thought moving on to PhpNuke Platinum, and even installed it, but I'll have to sit days and night to translate it all to Hebrew. Also, I don't see how I can use my current DB with Platinum.

If you know of any way - please, DO tell me!
 
ring_c
PostPosted: Wed May 11, 2005 5:42 am Reply with quote

Just for the reference... I've found a solution from chatserv here: Only registered users can see links on this board! Get registered or login!

If I only knew it was related to Sentinel, I'd search there! grrrr...
 
hitwalker
PostPosted: Wed May 11, 2005 6:04 am Reply with quote

sure but running your site in Hebrew is your choice but realise that at some point......your gonna get problems cause everything gets newer by the day...
but also...if you update to the 7.6 you can use that again for a long time....
other solution is,if you have a backup of your site....the just overwrite it piece by piece..
and then start with the forum related pages...
 
Raven
PostPosted: Wed May 11, 2005 7:45 am Reply with quote

ring_c wrote:
Just for the reference... I've found a solution from chatserv here: Only registered users can see links on this board! Get registered or login!

If I only knew it was related to Sentinel, I'd search there! grrrr...
That error is indirectly related to NukeSentinel(TM). It can be directly related to nuke and ANY application. Always search the FAQ when any nuke issues arise Only registered users can see links on this board! Get registered or login!
 
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Wed May 11, 2005 12:59 pm Reply with quote

This is not a NukeSentinel problem, in essence it relates to a PHP-Nuke vulnerability that techgfx provided a fix for, once the fix is applied NukeSentinel requires or required a modification as it was coded before this issue had been uncovered, newer versions of NukeSentinel already have this issue taken into consideration, the main problem here is people are not keeping up to date with fixes, it might be a hassle but see it as your anti-virus definitions database, if you don't keep it updated you won't be able to fend off new attacks.
 
View user's profile Send private message Visit poster's website
hitwalker
PostPosted: Wed May 11, 2005 1:06 pm Reply with quote

so isnt it for the best to upgrade...upto the 7.6 ...
he will be better off...
 
ring_c
PostPosted: Wed May 11, 2005 2:58 pm Reply with quote

chatserv wrote:
This is not a NukeSentinel problem, in essence it relates to a PHP-Nuke vulnerability that techgfx provided a fix for, once the fix is applied NukeSentinel requires or required a modification as it was coded before this issue had been uncovered, newer versions of NukeSentinel already have this issue taken into consideration, the main problem here is people are not keeping up to date with fixes, it might be a hassle but see it as your anti-virus definitions database, if you don't keep it updated you won't be able to fend off new attacks.


When newer versions are being based on fixes, it should be a good idea to let people know. I'm not a 16 y/o with lots of free time to keep track on all changes.

At least you could add a line to your readme.txt saying "this version only applies to those who used chatserv's fix version xx-xx".

Anyway, keep up the great job!
 
ring_c
PostPosted: Wed May 11, 2005 3:07 pm Reply with quote

Can anyone still help me with the Only registered users can see links on this board! Get registered or login! errors?

At least, what's the meaning of "header.php:36"?
 
TJYoung80234
Hangin' Around


Joined: Mar 08, 2005
Posts: 44

PostPosted: Wed Jun 01, 2005 8:03 am Reply with quote

hitwalker wrote:
so isnt it for the best to upgrade...upto the 7.6 ...
he will be better off...


d*** you're persistant lol
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©