Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
silverknowes
New Member
New Member



Joined: Dec 13, 2006
Posts: 6

PostPosted: Wed Dec 13, 2006 6:21 pm Reply with quote

hi guys, firstly thanks for any helo in advance, i am nearly pulling my hair out with this

i reinstalled my nuke package and everything is fine but when i try to access the forum admin section (by clicking on the admin control panel link i get the following errors

Notice: Undefined variable: aid in /home/martynje/public_html/includes/nukesentinel.php on line 131

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: op in /home/martynje/public_html/includes/nukesentinel.php on line 242

Notice: Undefined variable: name in /home/martynje/public_html/includes/nukesentinel.php on line 289

i think it has something to do with my main file although i cant be sure as i am a newbie to php stuff. if i try to remove the nukesentinel file form the includes directory it just throws up some other errors.

the thing is that this was all working and fine till yesterday then it all went mad.

any help would be appreciated, i would also pay to have this fixed.

regards

Martyn Jeffrey


Last edited by silverknowes on Sat Dec 16, 2006 2:34 pm; edited 1 time in total 
View user's profile Send private message
fkelly
Former Moderator in Good Standing



Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Wed Dec 13, 2006 7:47 pm Reply with quote

You have error reporting (notices) turned on. What you are seeing is notice type errors and there are thousands of them scattered all over nuke. We are trying to eliminate them from RN 2.10 but even there some will probably sneak thru.

First place to check is config.php. There should be a line with this code in it:

$display_errors = FALSE; //This should only be used (set to TRUE) when testing locally and not in a production environment

If you have it set to TRUE then it explains your problems. Fix it and try again. If this isn't your problem then post again and we can look in mainfile. What we really need to do is suppress these errors.
 
View user's profile Send private message Visit poster's website
silverknowes







PostPosted: Thu Dec 14, 2006 4:56 am Reply with quote

hello, thanks for your reply. i looked into my config php and their isnt a section called display errors, i am using nuke platinum from PNC and display errors are turned of in my admin section.

i do think it is something to do with my mai file though.

when i used the mainfile from the ravenscript package it let me into the forum admin but my admin.php and index.php pages went white with no text.

this would indicate that it is something in my current mainfile that is doing something strange.

Thanks

Martyn
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Thu Dec 14, 2006 6:52 am Reply with quote

The include path for nukesentinel does not sound like it was done right. Please post about 10 lines above and below within your mainfile.php where nukesentinel.php is included? Thx.

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
silverknowes







PostPosted: Thu Dec 14, 2006 9:41 am Reply with quote

hi, thanks for your reply, i their are a few occurences of the sentinel includes in the main file so i have zipped my main file up and you can donwload it here

thanks once again for the help
[ Only registered users can see links on this board! Get registered or login! ]
 
silverknowes







PostPosted: Fri Dec 15, 2006 5:39 am Reply with quote

/************************************************************************/

if(stristr($_SERVER['REQUEST_URI'], ".php/")) {
header("Location: [ Only registered users can see links on this board! Get registered or login! ]".$_SERVER['HTTP_HOST'].str_replace(".php/", ".php", $_SERVER['REQUEST_URI']));
}
define('NUKE_FILE', true);
define('BLOCK_FILE', true);
define('CORE_FILE', true);

if (file_exists("includes/custom_files/custom_mainfile.php")) {
include_once("includes/custom_files/custom_mainfile.php");
}
//sentinel add
//Union Tap
//Copyright Zhen-Xjell 2004 [ Only registered users can see links on this board! Get registered or login! ]
//Code to prevent UNION SQL Injections
if(!file_exists('includes/nukesentinel.php')) {
unset($matches);
unset($loc);
if(isset($_SERVER['QUERY_STRING'])) {
if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER['QUERY_STRING']), $matches)) {
die('Illegal Operation');
}
}
}
if(!file_exists('includes/nukesentinel.php')) {
if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) {
$queryString = $_SERVER['QUERY_STRING'];
if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
die('Illegal Operation');
}
}
}


$phpver = phpversion();

if ($phpver >= '4.0.4pl1') {
ob_start('ob_gzhandler');
} else if ($phpver > '4.0') {
if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if (extension_loaded('zlib')) {
$do_gzip_compress = TRUE;
ob_start();
ob_implicit_flush(0);
}
}
}
 
montego







PostPosted: Sat Dec 16, 2006 6:57 am Reply with quote

silverknowes, the code snipet you posted is not the section that is needed. However, I have taken a look at your mainfile.php and replace this code here:

Code:



if (defined('FORUM_ADMIN')) {
    require_once("../../../config.php");
    require_once("../../../db/db.php");
} elseif (defined('INSIDE_MOD')) {
    require_once("../../config.php");
    require_once("../../db/db.php");
} else {
    require_once("config.php");
    require_once("db/db.php");
    require_once("includes/sql_layer.php");
    $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);
}


with this code here:

Code:


if (defined('FORUM_ADMIN')) {
    require_once("../../../config.php");
    require_once("../../../db/db.php");
    require_once("../../../includes/nukesentinel.php");
} elseif (defined('INSIDE_MOD')) {
    require_once("../../config.php");
    require_once("../../db/db.php");
    require_once("../../includes/nukesentinel.php");
} else {
    require_once("config.php");
    require_once("db/db.php");
    require_once("includes/sql_layer.php");
    require_once("includes/nukesentinel.php");
    $dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);
}


That will invoke NukeSentinel appropriately for your particular mainfile.php.
 
hitwalker
Sells PC To Pay For Divorce



Joined:
Posts: 5661

PostPosted: Sat Dec 16, 2006 11:28 am Reply with quote

any chance the topic title can be changed?
cause...
Quote:
would appreciate some help
is bad for search results... Wink
 
View user's profile Send private message
montego







PostPosted: Sat Dec 16, 2006 1:17 pm Reply with quote

I will give silverknowes the first attempt at that... Wink
 
silverknowes







PostPosted: Sat Dec 16, 2006 2:35 pm Reply with quote

thanks for the reply

ok when i did the code change the errors about sentinel stopped but their is still a white page with this line at the top of it

Notice: import_request_variables() [function.import-request-variables]: No prefix specified - possible security hazard in /home/martynje/public_html/mainfile.php on line 84


Martyn

P.S i have changed topic title.
 
montego







PostPosted: Sat Dec 16, 2006 8:48 pm Reply with quote

I noticed that you are using Nuke Platinum. To be honest, I have no idea what patch level they are using or anything else for that matter. You may need to ask them?
 
silverknowes







PostPosted: Tue Dec 19, 2006 10:09 am Reply with quote

right guys

i have some more info.

when i remove the line if (!ini_get("register_globals")) {
import_request_variables('GPC');

from my mainfile.php i can then get to the forum admin page, but with this done the your account module and admin login dont work.

can anyone tell me why removing this line would solve my "white page forum admin" problem but would then cause login problems??

thanks

Martyn
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©