Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x
Author Message
WaileR
New Member
New Member



Joined: Mar 10, 2006
Posts: 10

PostPosted: Tue Jul 24, 2007 12:59 pm Reply with quote

I'm using Raven Nuke 2.10.01, clean install. with only some theme modifications.

When some registrated or anonymous user tries to submit news through FCKeditor, blocks it , because it detects a script attack and users gets blocked.
The only way is to turn OFF script bloking. and this way users can post news. or that users submit "text only" news which is really sad having FCK editor.

Any ideas? Can I edit nukesentinel Script Blocker configuration to enable some html commands ? instead of the simple configuration which I have in Nuke Administration Panel¿

Thx in advance
 
View user's profile Send private message
fkelly
Former Moderator in Good Standing



Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Tue Jul 24, 2007 1:46 pm Reply with quote

The script blocker does not block all html. Here is the actual code from NS, then we'll discuss it.

Code:
   foreach($_POST as $secvalue) {

      if ((eregi("<[^>]*iframe*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]*object*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]*applet*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]*meta*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]*onmouseover*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]script*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]body*\"?[^>]*", $secvalue)) ||
      (eregi("<[^>]style*\"?[^>]*", $secvalue))) {
        block_ip($blocker_row);
      }
    }


Now, I don't claim to understand those eregi's exactly. I know for instance that it will block tbody but not body with some combination of open and closing <>'s. I wish Raven or Bob Marion would post something explaining exactly what this is supposed to be blocking but in the interim you should be able to work around it.

What I have found is that if you copy and paste from Word, as Word text rather than as plain text, you stand a much greater chance of injecting codes that the script blocker will block.

What I'd recommend is that you log out as admin and delete your admin cookie so you can replicate a standard user experience (if there are admin cookies on your computer the NS edits will be bypassed). Then try a simple text article and after that a few more complicated things. You might also have to remove your protected range if you have your own IP protected. Just have phpmyadmin standing by so you can remove your IP from the blocked_ips table and also cpanel or equivalent so you can remove your IP from htaccess in case you do trigger a block.
 
View user's profile Send private message Visit poster's website
WaileR







PostPosted: Tue Jul 24, 2007 4:08 pm Reply with quote

Ok thx for the advice fkelly.

About that code u posted , where can i find it ? in modules/nukesentinel/...?

Thx
 
fkelly







PostPosted: Tue Jul 24, 2007 6:42 pm Reply with quote

/includes/nukesentinel.php
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©