Author |
Message |
nuevonuke
Hangin' Around
Joined: Sep 22, 2005
Posts: 32
Location: Spain
|
Posted:
Thu Nov 16, 2006 6:54 pm |
|
Hello, I take two weeks modifying my webpage to let undergo attacks and I have a problem with Sentinel 2503. I have installed Nuke 7,9 with Patch 3dot3. All the installation of sentinel goes correct but when edit Your Account/index.php when acceding to "Your Account" it appears blank page. With index original in Your Account, having all sentinel installed, it works. Can to help me? |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
Posted:
Thu Nov 16, 2006 7:15 pm |
|
|
|
|
nuevonuke
|
Posted:
Fri Nov 17, 2006 4:14 am |
|
Hello evadres99, ans Thnaks for help me.
(I have 1700 one week without the webpage very gotten upset)
I explain the errors to you:
When I put
Quote: | #
#-----[ OPEN ]------------------------------------------
#
index.php
function mail_password($username, $code) {
#
#-----[ FIND ]------------------------------------------
#
global $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
#
#-----[ ADD TO IT ]------------------------------------------
#
$nsnst_const,
Now it will look something like:
global $nsnst_const, $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
|
everything works well
When I put
Quote: | #
#-----[ FIND ]------------------------------------------
# This appears twice in this function
$host_name = $_SERVER['REMOTE_ADDR'];
#
#-----[ REPLACE WITH ]------------------------------------------
#
if(!defined("NUKESENTINEL_IS_LOADED")) {
$host_name = $_SERVER['REMOTE_ADDR'];
} else {
$host_name = $nsnst_const['remote_ip'];
}
function login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check) {
#
|
It appears the following error
Parse error: syntax error, unexpected $end in /home/clubpeug/public_html/modules/Your_Account/index.php on line 1877
When I put
Quote: | #
#-----[ FIND ]------------------------------------------
#
$uname = $_SERVER['REMOTE_ADDR'];
#
#-----[ REPLACE WITH ]------------------------------------------
#
if(!defined("NUKESENTINEL_IS_LOADED")) {
$uname = $_SERVER['REMOTE_ADDR'];
} else {
$uname = $nsnst_const['remote_ip'];
}
function userinfo($username, $bypass=0, $hid=0, $url=0) {
# Submitted by technocrat
|
It appears the following error
Parse error: syntax error, unexpected T_ELSE in /home/clubpeug/public_html/modules/Your_Account/index.php on line 926
If you pay attention, in the functions I have eliminated the word in because I believe that he was bad and also it gave error me |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
Posted:
Fri Nov 17, 2006 6:18 am |
|
|
|
|
nuevonuke
|
Posted:
Fri Nov 17, 2006 7:40 am |
|
In agreement, I put code pieces to you in where I have made changes.
Quote: | include("footer.php");
} else {
if(!defined("NUKESENTINEL_IS_LOADED")) {
$host_name = $_SERVER['REMOTE_ADDR'];
} else {
$host_name = $nsnst_const['remote_ip'];
}
function login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check) {
$row = $db->sql_fetchrow($result);
$user_email = filter($row['user_email'], "nohtml");
$user_password = $row['user_password'];
$user_password = htmlspecialchars(stripslashes($user_password));
$areyou = substr($user_password, 0, 10);
if ($areyou==$code) {
$newpass=makepass();
$message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._HASREQUESTED."\n\n"._YOURNEWPASSWORD." $newpass\n\n "._YOUCANCHANGE." $nukeurl/modules.php?name=$module_name\n\n"._IFYOUDIDNOTASK."";
$subject = ""._USERPASSWORD4." $username";
mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
/* Next step: add the new password to the database */
$cryptpass = md5($newpass);
$query = "UPDATE ".$user_prefix."_users SET user_password='$cryptpass' WHERE username='$username'";
if (!$db->sql_query($query)) {
echo ""._UPDATEFAILED."";
}
include ("header.php");
OpenTable();
echo "<center>"._PASSWORD4." $username "._MAILED."<br><br>"._GOBACK."</center>";
CloseTable();
include ("footer.php");
/* If no Code, send it */
} else {
$sql = "SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username'";
$result = $db->sql_query($sql);
if($db->sql_numrows($result) == 0) {
include ("header.php");
OpenTable();
echo "<center>"._SORRYNOUSERINFO."</center>";
CloseTable();
include ("footer.php");
} else {
if(!defined("NUKESENTINEL_IS_LOADED")) {
$host_name = $_SERVER['REMOTE_ADDR'];
} else {
$host_name = $nsnst_const['remote_ip'];
}
function login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check) {
$row = $db->sql_fetchrow($result);
$user_email = filter($row['user_email'], "nohtml");
$user_password = $row['user_password'];
$areyou = substr($user_password, 0, 10);
$message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._CODEREQUESTED."\n\n"._YOURCODEIS." $areyou \n\n"._WITHTHISCODE." $nukeurl/modules.php?name=$module_name&op=pass_lost\n"._IFYOUDIDNOTASK2."";
$subject=""._CODEFOR." $username";
mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
include ("header.php"); |
Quote: | } else {
docookie($setinfo['user_id'], $username, $new_pass, $setinfo['storynum'], $setinfo['umode'], $setinfo['uorder'], $setinfo['thold'], $setinfo['noscore'], $setinfo['ublockon'], $setinfo['theme'], $setinfo['commentmax']);
if(!defined("NUKESENTINEL_IS_LOADED")) {
$uname = $_SERVER['REMOTE_ADDR'];
} else {
$uname = $nsnst_const['remote_ip'];
}
function userinfo($username, $bypass=0, $hid=0, $url=0) {
$db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$uname' AND guest='1'");
$db->sql_query("UPDATE ".$prefix."_users SET last_ip='$uname' WHERE username='$username'");
}
if (!empty($pm_login)) {
Header("Location: messages-inbox.html");
exit;
}
|
Quote: | if ($userinfo['last_ip'] != 0) {
echo "<center><font class=\"title\">"._ADMINFUNCTIONS."</font><br><br>"._LASTIP." <b>".$userinfo['last_ip']."</b><br><br>";
echo "[ <a href='".$admin_file.".php?op=ABBlockedIPAdd&tip=".$userinfo['last_ip']."'>"._BANTHIS."</a> | <a href=\"".$admin_file.".php?op=modifyUser&chng_uid=".$userinfo['username']."\">"._EDITUSER."</a> ]</center>";
} else {
echo "<center>[ <a href=\"".$admin_file.".php?op=modifyUser&chng_uid=".$userinfo['username']."\">"._EDITUSER."</a> ]</center>";
}
|
Can anything send me by mail, the archive index.php of Your Account (nuke 7.9 patched 3dot3 and Sentinel 2503), with the modifications in order to prove it.
Thanks |
|
|
|
|
nuevonuke
|
Posted:
Fri Nov 17, 2006 3:33 pm |
|
Please, I need help. It is the only way to defend to me of the attacks that I have received. It does not matter to me if a payment support is necessary.
If adjustment this I will not think about leaving the PHPNuke... If you want I send the file to you, or send me you, I will thank for it. |
|
|
|
|
Tao_Man
Involved
Joined: Jul 15, 2004
Posts: 252
Location: OKC, OK
|
Posted:
Fri Nov 17, 2006 6:25 pm |
|
Ok here is the problem...
When it says "In function userinfo(...." What that is saying, is now look in this function and find...
The word in is not a mistake it is directions on where to look.
you have added a line you do not need, this is from your code below.
Code:if(!defined("NUKESENTINEL_IS_LOADED")) {
$uname = $_SERVER['REMOTE_ADDR'];
} else {
$uname = $nsnst_const['remote_ip'];
}
!!!! ERASE THIS LINE!!!!function userinfo($username, $bypass=0, $hid=0, $url=0) {
$db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$uname' AND guest='1'");
$db->sql_query("UPDATE ".$prefix."_users SET last_ip='$uname' WHERE username='$username'");
}
|
See where I say to remove that line? Take that out of your code.
now in the function userinfo($username, $bypass=0, $hid=0, $url=0)
Code:
#
#-----[ FIND ]------------------------------------------
#
global $setinfo, $user_prefix, $db, $module_name, $pm_login, $prefix;
#
#-----[ ADD TO IT ]------------------------------------------
#
$nsnst_const,
|
You will also have to remove the line
"function login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check) {"
and look in that function and make the changes to that.
I don't know if I am explaning this well. I hope you see what I am saying and can correct the file.
If you don't get it, PM me and I can make the edits, but it would bnot be untill tomorow Sat. 11/18 in the afternoon my time GMT -6, so very last your time |
_________________ ------------------------------------------
To strive, to seek, to find, but not to yield!
I don't know Kara-te but I do know cra-zy, and I WILL use it! |
|
|
|
montego
|
Posted:
Sat Nov 18, 2006 7:05 am |
|
nuevonuke wrote: | Please, I need help. It is the only way to defend to me of the attacks that I have received. It does not matter to me if a payment support is necessary.
If adjustment this I will not think about leaving the PHPNuke... If you want I send the file to you, or send me you, I will thank for it. |
Please understand that many of us have day jobs and families. I am only on-line an hour a day.
I think Tao_Man is on the right track... |
|
|
|
|
nuevonuke
|
Posted:
Sat Nov 18, 2006 10:03 am |
|
Sorry so much montego, did not want to bother you. Already that this of webs occupies long time.
I take more than one week to recover my webpage.
I want to thanks you for the help, mainly to Tao man, because its solution has been valid.
My web is [ Only registered users can see links on this board! Get registered or login! ] and anything that you want, can to request it. |
|
|
|
|
|