| Author |
Message |
JRSweets
Worker
Joined: Aug 06, 2004
Posts: 192
|
 Posted:
Mon Mar 07, 2005 1:12 pm |
|
There is a bug in nukesentienl's module to display all the blocked ips, and the reason they where blocked. The bug causes all the reasons to display as "Other"
To fix open:
modules/Sentinel/public/STIPS.php and find:
Code:list($getIPs['reason']) = $db->sql_fetchrow($db->sql_query("SELECT reason FROM ".$prefix."_nsnst_blockers WHERE blocker='".$getIPs['reason']."'"));
$getIPs['reason'] = str_replace("Abuse-", "", $getIPs['reason']);
|
Replace with:
Code:$ip_reason = $getIPs['reason'];
// list($getIPs['reason']) = $db->sql_fetchrow($db->sql_query("SELECT reason FROM ".$prefix."_nsnst_blockers WHERE blocker='".$getIPs['reason']."'"));
//$getIPs['reason'] = str_replace("Abuse-", "", $getIPs['reason']);
|
|
| |
|
|
|
BobMarion
Former Admin in Good Standing
Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)
|
| Posted:
Tue Mar 08, 2005 12:23 am |
|
You also need to make one other change, find:Code: if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
$result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='$ip_reason'");
list($reason) = $db->sql_fetchrow($result2);
$reason = str_replace("Abuse-","",$reason);
}
|
and change the "WHERE" clause:Code: if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
$result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
list($reason) = $db->sql_fetchrow($result2);
$reason = str_replace("Abuse-","",$reason);
}
|
|
_________________
Bob Marion
Codito Ergo Sum
http://www.nukescripts.net |
|
 
|
|
JRSweets
|
| Posted:
Tue Mar 08, 2005 8:32 am |
|
Yeah I guess you could do it either way, I just commented out the extra code and added:
Code:$ip_reason = $getIPs['reason'];
|
So I didn't have to change the WHERE clause. |
| |
|
|
|
|
RaDiKaL
New Member
Joined: Jun 10, 2004
Posts: 23
|
| Posted:
Mon Mar 14, 2005 1:33 am |
|
I dowloaded the latest package 2.2.0 pl-1 and in the module it still displays the reason for the blocked IPs as "other"
I can't find the code JRSweets is talking about 
Here's the code
Code:<?php
/********************************************************/
/* NukeSentinel(tm) */
/* By: NukeScripts Network (webmaster@nukescripts.net) */
/* http://www.nukescripts.net */
/* Copyright © 2000-2005 by NukeScripts Network */
/********************************************************/
/* CLIKE, UNION, & Email elements from HackAlert */
/* HTTPAuth element */
/* By: Raven PHP Scripts */
/* http://www.ravenphpscripts.com */
/* Copyright © 2004 by Raven PHP Scripts */
/********************************************************/
/* Scripting Blocker elements */
/* By: ChatServ */
/* http://www.nukeresources.com */
/* Copyright © 2004 by Nuke Resources */
/********************************************************/
$pagetitle = _AB_NUKESENTINEL.": "._AB_BLOCKEDIPS;
@include("header.php");
title($pagetitle);
stmain_menu();
echo "<br>\n";
OpenTable();
$perpage = $abconfig['block_perpage'];
if ($perpage == 0) { $perpage = 25; }
if (!isset($min)) $min=0;
if (!isset($max)) $max=$min+$perpage;
if(!$column or $column=="") $column = $abconfig['block_sort_column'];
if(!$direction or $direction=="") $direction = $abconfig['block_sort_direction'];
$totalselected = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_nsnst_blocked_ips"));
if ($totalselected > 0) {
echo "<table align='center' border='0' cellpadding='2' cellspacing='2' bgcolor='$bgcolor2' width='100%'>\n";
echo "<tr><td align='right' bgcolor='$bgcolor2' colspan='3'>";
// Page Sorting
echo "<form method='post' action='modules.php?name=$module_name'>\n";
echo "<input type='hidden' name='op' value='STIPS'>\n";
echo "<input type='hidden' name='min' value='$min'>\n";
echo "<b>"._AB_SORT.":</b> ";
echo "<select name='column'>\n";
if($column == "ip_addr") $selcolumn1 = "selected";
echo "<option value='ip_addr' $selcolumn1>"._AB_IPBLOCKED."</option>\n";
if($column == "date") $selcolumn2 = "selected";
echo "<option value='date' $selcolumn2>"._AB_DATE."</option>\n";
if($column == "reason") $selcolumn3 = "selected";
echo "<option value='reason' $selcolumn3>"._AB_REASON."</option>\n";
echo "</select> ";
echo "<select name='direction'>\n";
if($direction == "asc") $seldirection1 = "selected";
echo "<option value='asc' $seldirection1>"._AB_ASC."</option>\n";
if($direction == "desc") $seldirection2 = "selected";
echo "<option value='desc' $seldirection2>"._AB_DESC."</option>\n";
echo "</select> ";
echo "<input type='submit' value='"._AB_SORT."'>\n";
echo "</form>";
// Page Sorting
echo "</td></tr>\n";
echo "<tr><td bgcolor='$bgcolor1' colspan='3'><img src='images/pix.gif' height='2' width='2'></td></tr>\n";
echo "<tr bgcolor='$bgcolor2'>\n";
echo "<td align='center' width='34%'><b>"._AB_IPBLOCKED."</b></td>\n";
echo "<td align='center' width='33%'><b>"._AB_DATE."</b></td>\n";
echo "<td align='center' width='33%'><b>"._AB_REASON."</b></td>\n";
echo "</tr>\n";
$result = $db->sql_query("SELECT * FROM ".$prefix."_nsnst_blocked_ips ORDER BY $column $direction LIMIT $min,$perpage");
while ($getIPs = $db->sql_fetchrow($result)) {
$bdate = date("Y-m-d @ H:i:s", $getIPs['date']);
$lookupip = str_replace("*", "0", $getIPs['ip_addr']);
echo "<tr onmouseover=\"this.style.backgroundColor='$bgcolor2'\" onmouseout=\"this.style.backgroundColor='$bgcolor1'\" bgcolor='$bgcolor1'>\n";
if((is_admin($admin) AND $ab_config['display_link']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_link']==2) OR $ab_config['display_link']==3) {
$lookupip = str_replace("*", "0", $getIPs['ip_addr']);
$ipcontent = "<a href=\"".$ab_config['lookup_link']."$lookupip\" target=\"_blank\">".$getIPs['ip_addr']."</a>";
} else {
$ipcontent = $getIPs['ip_addr'];
}
echo "<td align='center'>$ipcontent</td>\n";
echo "<td align='center'>$bdate</td>\n";
$reason = "----------";
if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
$result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
list($reason) = $db->sql_fetchrow($result2);
$reason = str_replace("Abuse-","",$reason);
}
echo "<td align='center'>$reason</td>\n";
echo "<input type='hidden' name='min' value='$min'>\n";
echo "<input type='hidden' name='column' value='$column'>\n";
echo "<input type='hidden' name='direction' value='$direction'>\n";
echo "</tr>\n";
}
// Page Numbering
$pagesint = ($totalselected / $perpage);
$pageremainder = ($totalselected % $perpage);
if ($pageremainder != 0) {
$pages = ceil($pagesint);
if ($totalselected < $perpage) { $pageremainder = 0; }
} else {
$pages = $pagesint;
}
if ($pages != 1 && $pages != 0) {
echo "<tr><td bgcolor='$bgcolor1' colspan='3'><img src='images/pix.gif' height='2' width='2'></td></tr>\n";
echo "<tr><td align='right' bgcolor='$bgcolor2' colspan='3'>\n";
echo "<form action='modules.php?name=$module_name' method='post'>\n";
echo "<input type='hidden' name='op' value='STIPS'>\n";
echo "<b>"._AB_PAGE."</b> ";
$counter = 1;
$currentpage = ($max / $perpage);
echo "<input type='hidden' name='column' value='$column'>\n";
echo "<input type='hidden' name='direction' value='$direction'>\n";
echo "<select name='min'>\n";
while ($counter <= $pages ) {
$cpage = $counter;
$mintemp = ($perpage * $counter) - $perpage;
if ($counter == $currentpage) {
echo "<option selected>$counter</option>";
} else {
echo "<option value='$mintemp'>$counter</option>";
}
$counter++;
}
echo "</select> <b>"._AB_OF." $pages</b> <input type='submit' value='"._AB_GO."'>\n</form>\n";
echo "</tr>\n";
}
// Page Numbering
echo "</table>\n";
} else {
echo "<center><b>"._AB_NOIPS."</b></center>\n";
}
CloseTable();
@include("footer.php");
?>
|
|
| |
|
|
|
|
BobMarion
|
| Posted:
Mon Mar 14, 2005 1:11 pm |
|
Have you set in NukeSentinel Administration to display the blocked reason? If not it will always show other until you set it so that everyone, members only, or admins only can see the reason the ip was blocked. |
| |
|
|
|
|
RaDiKaL
|
| Posted:
Tue Mar 15, 2005 1:14 am |
|
Yes, I have it set up for Users/Admins Only |
| |
|
|
|
|
BobMarion
|
| Posted:
Wed Mar 16, 2005 2:08 am |
|
This is the section that controls it:Code: if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
$result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
list($reason) = $db->sql_fetchrow($result2);
$reason = str_replace("Abuse-","",$reason);
}
|
For a test try commenting out the first and last line of this section like so:Code:// if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
$result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
list($reason) = $db->sql_fetchrow($result2);
$reason = str_replace("Abuse-","",$reason);
// }
|
See if it shows the correct reason then. If it does we can work on the if statement to find why it's not. |
| |
|
|
|
|
RaDiKaL
|
| Posted:
Thu Mar 17, 2005 10:55 pm |
|
Thanks. I'll try it out today and let you know. |
| |
|
|
|
|
RaDiKaL
|
| Posted:
Fri Mar 18, 2005 7:11 am |
|
No, that didn't do it.
That's ok though, I don't really use the module and the block reason is displayed correctly in the administration menu.
Thank you anyway  |
| |
|
|
|
|
BobMarion
|
| Posted:
Fri Mar 18, 2005 10:24 pm |
|
I'm still going to do some testing to try and figure out why it's doing it. I don't want a display fault in the script to be a deciding factor for someone that wants to secure their site. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
