Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x
Author Message
dad7732
RavenNuke(tm) Development Team


Joined: Mar 18, 2007
Posts: 1242

PostPosted: Wed Aug 12, 2009 6:50 am Reply with quote

Logged in as Admin of course. Created a new block with FCKEditor, added the script for Google Adsense, saved and was blocked by the script blocker.

Quote:
Created By: NukeSentinel(tm) 2.6.02
Date & Time: 2009-08-12 07:30:43 CDT GMT -0500
Blocked IP: xxx.xxx.xxx
User ID: Anonymous (1)
Reason: Abuse-String
String Match: Java


If I am logged in as Admin, how can the User ID be anonymous just by saving the block? Also, how can the script blocker come in to play?

Cheers
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Sun Aug 16, 2009 6:04 am Reply with quote

If the script blocker (string) is activated it will always be called. If you are not also logged in as a registered user then to NS/RN you are Anonymous.


Last edited by Raven on Sat Aug 22, 2009 9:54 am; edited 1 time in total 
View user's profile Send private message
dad7732
PostPosted: Sun Aug 16, 2009 6:33 am Reply with quote

Yahbuttt .. a "user" other than the admin cannot save a block. I guess what you're saying makes sense nonetheless. I'll remember to login as a user AND as admin when using the editor.

Cheers
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Sat Aug 22, 2009 8:15 am Reply with quote

dad7732, I believe that your original post really had two questions in it. The one as to why it is showing up as "anonymous", of which Raven has replied. Logging in as a regular user will not stop the block message, just it won't show "anonymous" any more.

The issue really is that the script blocker is quite aggressive. I am not sure why it is stopping an admin from doing this, but I do know that I tend to shy away from creating HTML blocks with javascript code in it. If I need that kind of block, I just create a very simple block file and pull it in that way.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
dad7732
PostPosted: Sat Aug 22, 2009 8:37 am Reply with quote

I just thought it rather ironic and amusing that the "Admin" would get blocked for adding a script blocker. Smile

Cheers
 
Raven
PostPosted: Sat Aug 22, 2009 9:57 am Reply with quote

dad7732 wrote:
I just thought it rather ironic and amusing that the "Admin" would get blocked for adding a script blocker. Smile

Cheers


Is your admin userid Protected in NukeSentinel(tm)?
 
dad7732
PostPosted: Sat Aug 22, 2009 10:18 am Reply with quote

Yes, it is now.
 
Raven
PostPosted: Sat Aug 22, 2009 10:41 am Reply with quote

Think that might explain it Smile ?
 
dad7732
PostPosted: Sat Aug 22, 2009 10:50 am Reply with quote

Well, could have, except for the fact that I've added script blockers in the past without a problem. May be the particular script, who knows. Gremlins are responsible for everything not easily explained. Smile

Cheers
 
Raven
PostPosted: Sat Aug 22, 2009 11:01 am Reply with quote

Occam's Razor!
 
dad7732
PostPosted: Sat Aug 22, 2009 11:57 am Reply with quote

Ok, since the principle is "entities should not be multiplied unnecessarily", maybe it was just ONE Gremlin .. Smile
 
Raven
PostPosted: Sat Aug 22, 2009 12:58 pm Reply with quote

A more generalized translation is "when alternative hypotheses exist, the one requiring the fewest assumptions should be preferred.". In other words, sometimes the simplest answer is the best Wink
 
montego
PostPosted: Sat Aug 22, 2009 3:33 pm Reply with quote

dad7732 wrote:
Well, could have, except for the fact that I've added script blockers in the past without a problem. May be the particular script, who knows.


I agree. Could very well be. I have always had the opinion that an admin should be allowed to do anything that they wish without having to resort to direct DB updates via phpMyAdmin. This would mean that all NS blocks should be bypassed if you are logged in as admin... but, that can be a scary proposition to some.

What I might like to see at least, though, is a way to bypass for SuperUser Admins or maybe just the God admin(s). That might be a reasonable compromise. Just a thought for chewing on...
 
eldorado
Involved
Involved


Joined: Sep 10, 2008
Posts: 424
Location: France,Translator

PostPosted: Sat Aug 22, 2009 4:43 pm Reply with quote

montego wrote:

What I might like to see at least, though, is a way to bypass for SuperUser Admins or maybe just the God admin(s). That might be a reasonable compromise. Just a thought for chewing on...

sounds like fun... i'm up for it.

_________________
Only registered users can see links on this board! Get registered or login! (My RN site)- Only registered users can see links on this board! Get registered or login!(cod4 clan) - Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website MSN Messenger
Raven
PostPosted: Sat Aug 22, 2009 4:48 pm Reply with quote

I have been under the impression that admins that are protected see the screen rejection and may even get the email but that they are not banned. This is supposed to be by design. Is this not working?
 
dad7732
PostPosted: Sat Aug 22, 2009 5:00 pm Reply with quote

I guess this is a silly question but WHY does an "admin" have to be protected in the first place? Isn't a login ID/password protection enough? If you're going to protect the ID and login with that ID then it seems sorta redundant .. to me at least. Wink

Cheers
 
Raven
PostPosted: Sat Aug 22, 2009 5:18 pm Reply with quote

Since most nuke type system don't have a real "role" administration system, NS was designed to only protect admins who are looked at as having the same admin "role" as the founding admin that was assigned when NS was set up. This manual assigning is basically an intermediate stop gap type procedure. If we had a true role based administration system then this could be bypassed.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©