Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports
Author Message
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Mon May 31, 2004 6:58 pm Reply with quote

I put the sentinel banner at the bottom of my site and everything was fine. However, just now I went back into preferences to put a link to this site on the image, and got a page come up 'The html tags you attempted to use are not allowed'

So I tried to put the same link to the sentinal image in my info box and got the same page up.

I'm just using the normal html code for links to images.

Is this a bug or is this normal? Seems odd I can't put links to images tho.
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon May 31, 2004 7:34 pm Reply with quote

'The html tags you attempted to use are not allowed'
Is the error result of the native filter in the begining of mainfile.php
Code:


foreach ($_GET as $secvalue) {
    if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
   (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
   (eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
   (eregi("\"", $secvalue))) {
   die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
    }
}

foreach ($_POST as $secvalue) {
    if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) ||   (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
        die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
    }
}


If you are entering code like that in a block it would be a good idea to disable the Sentinel script blocker then create and test your new block then reactivate the Sentinel script blocker.
 
View user's profile Send private message
Muffin
PostPosted: Tue Jun 01, 2004 2:08 am Reply with quote

I don't think so.

I just put in <a href="http://www.ravenscripts.com/index.php"> as the link then the image url which was already there with the html tags and </a> at the end. Same as you always put a link in.


I turned off the script blocker and tried it and I still got the same message.

This happens on blocks and the footer box in Preferences. I tested in Stories and when you put the html in the article it doesnt happen there, posts as normal.

Any suggestions?

I'm pretty new to phpNuke so can you explain in simple terms please. Embarassed
 
sixonetonoffun
PostPosted: Tue Jun 01, 2004 5:33 am Reply with quote

Its the word script in ravenphpscripts.com
Try this which is Only registered users can see links on this board! Get registered or login!
%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D
 
Muffin
PostPosted: Tue Jun 01, 2004 8:29 am Reply with quote

Thanks it's sorted the parse error, but not the error when using links to images Rolling Eyes
 
djw2
Regular
Regular


Joined: Sep 19, 2003
Posts: 95
Location: St. Louis, MO

PostPosted: Wed Jun 02, 2004 12:03 am Reply with quote

I'm also having a little trouble linking the banner here from my footer.

I've entered...

Quote:
<a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D" target="_parent"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a>


and it links to...

Quote:
http://www.majorityreporter.com/%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D



Why is it entering the Only registered users can see links on this board! Get registered or login! part, and is there a way to over ride it?


Thanks in advance... and thanks for another great product.


Peace!
 
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
Muffin
PostPosted: Wed Jun 02, 2004 5:32 am Reply with quote

I'm also having problems putting hyperlinks into articles, I get the same error about not being able to use html tags.

Crying or Very sad
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Wed Jun 02, 2004 6:04 am Reply with quote

sixonetonoffun wrote:
Its the word script in ravenphpscripts.com
Try this which is Only registered users can see links on this board! Get registered or login!
%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D

Actually you just need to encode only one of the letters in "script", so Only registered users can see links on this board! Get registered or login! should work.
 
View user's profile Send private message
Raven
PostPosted: Wed Jun 02, 2004 6:08 am Reply with quote

As Six said, if you are getting the message about HTML tags, that is probably the core nuke logic in mainfile. A simple way to tell is to momentarily comment out the Sentinel(tm) include statement in mainfile.php and try it again. If it works, then it would appear that we may some tweaking to do. If you still get the html message then that will confirm our suspicions.
 
djw2
PostPosted: Wed Jun 02, 2004 8:41 am Reply with quote

Hey,

I'm not having the link error. I'm going to a 404 because the link is directed to Only registered users can see links on this board! Get registered or login!

See what I mean? It's calling ravenscripts.com like a subdirectory from my root rather than an outside link.

Just go to my site and click the banner in the footer... you'll see what I mean.


Thanks.
Only registered users can see links on this board! Get registered or login!
 
Raven
PostPosted: Wed Jun 02, 2004 10:51 am Reply with quote

Please post your code for that image.
 
sixonetonoffun
PostPosted: Wed Jun 02, 2004 11:35 am Reply with quote

I think its with the mainfile.php filter I tried on 7.3 and it works fine but on 6.5 it gets stripped out I'd imagine your version of 7 is still using some $_POST variable filter that has been removed in more recent versions.
Code:


foreach ($_POST as $secvalue) {
    if (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) {
        Header("Location: index.php");
        die();
    }
}


Was changed to
Code:


foreach ($_POST as $secvalue) {
    if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) ||   (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
        die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
    }
}

and
Code:


(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||

Was removed from the $_GET Filter.
 
djw2
PostPosted: Wed Jun 02, 2004 11:36 am Reply with quote

Here's the link that's in the Footer Line 1: text box...

Quote:
<a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D" target="_parent"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a>


I also tried it without the parent tag, like this...

Quote:
<a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a>



Thanks again.


Peace!
 
blith
Client


Joined: Jul 18, 2003
Posts: 977

PostPosted: Wed Jun 02, 2004 11:40 am Reply with quote

Shouldn't it be <a href="http://URL"> otherwise it looks in the root...
 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Wed Jun 02, 2004 11:40 am Reply with quote

You are missing the Only registered users can see links on this board! Get registered or login! in the href tag. <a href="http://
 
sixonetonoffun
PostPosted: Wed Jun 02, 2004 11:44 am Reply with quote

This works with the mainfile.php changes I posted above. Without any silly changes to the code for anyone who wants to give that a try.

<div align="center"><a href="http://www.ravenphpscripts.com" target="blank"><img src="images/sentinel/Sentinel_Large_Red.png" border="0" Alt="Web site protected by Sentinel ™" hspace="10"></a><br></div>
 
djw2
PostPosted: Wed Jun 02, 2004 11:51 am Reply with quote

Oops.

Sorry about that guys. Thanks again for the help and the patients.

Isn't it funny how we sometimes miss the simplest things.

Embarassed


Peace!
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©