Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports
Author Message
JRSweets
Worker
Worker


Joined: Aug 06, 2004
Posts: 192

PostPosted: Mon Mar 07, 2005 1:12 pm Reply with quote

There is a bug in nukesentienl's module to display all the blocked ips, and the reason they where blocked. The bug causes all the reasons to display as "Other"

To fix open:
modules/Sentinel/public/STIPS.php and find:

Code:
list($getIPs['reason']) = $db->sql_fetchrow($db->sql_query("SELECT reason FROM ".$prefix."_nsnst_blockers WHERE blocker='".$getIPs['reason']."'"));

    $getIPs['reason'] = str_replace("Abuse-", "", $getIPs['reason']);


Replace with:

Code:
$ip_reason = $getIPs['reason'];

   // list($getIPs['reason']) = $db->sql_fetchrow($db->sql_query("SELECT reason FROM ".$prefix."_nsnst_blockers WHERE blocker='".$getIPs['reason']."'"));
    //$getIPs['reason'] = str_replace("Abuse-", "", $getIPs['reason']);
 
View user's profile Send private message
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Tue Mar 08, 2005 12:23 am Reply with quote

You also need to make one other change, find:
Code:
    if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {

      $result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='$ip_reason'");
      list($reason) = $db->sql_fetchrow($result2);
      $reason = str_replace("Abuse-","",$reason);
    }


and change the "WHERE" clause:
Code:
    if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {

      $result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
      list($reason) = $db->sql_fetchrow($result2);
      $reason = str_replace("Abuse-","",$reason);
    }

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
JRSweets
PostPosted: Tue Mar 08, 2005 8:32 am Reply with quote

Yeah I guess you could do it either way, I just commented out the extra code and added:
Code:
$ip_reason = $getIPs['reason']; 


So I didn't have to change the WHERE clause.
 
RaDiKaL
New Member
New Member


Joined: Jun 10, 2004
Posts: 23

PostPosted: Mon Mar 14, 2005 1:33 am Reply with quote

I dowloaded the latest package 2.2.0 pl-1 and in the module it still displays the reason for the blocked IPs as "other"

I can't find the code JRSweets is talking about Razz

Here's the code
Code:
<?php


/********************************************************/
/* NukeSentinel(tm)                                     */
/* By: NukeScripts Network (webmaster@nukescripts.net)  */
/* http://www.nukescripts.net                           */
/* Copyright © 2000-2005 by NukeScripts Network         */
/********************************************************/
/* CLIKE, UNION, & Email elements from HackAlert        */
/* HTTPAuth element                                     */
/* By: Raven PHP Scripts                                */
/* http://www.ravenphpscripts.com                       */
/* Copyright © 2004 by Raven PHP Scripts                */
/********************************************************/
/* Scripting Blocker elements                           */
/* By: ChatServ                                         */
/* http://www.nukeresources.com                         */
/* Copyright © 2004 by Nuke Resources                   */
/********************************************************/

$pagetitle = _AB_NUKESENTINEL.": "._AB_BLOCKEDIPS;
@include("header.php");
title($pagetitle);
stmain_menu();
echo "<br>\n";
OpenTable();
$perpage = $abconfig['block_perpage'];
if ($perpage == 0) { $perpage = 25; }
if (!isset($min)) $min=0;
if (!isset($max)) $max=$min+$perpage;
if(!$column or $column=="") $column = $abconfig['block_sort_column'];
if(!$direction or $direction=="") $direction = $abconfig['block_sort_direction'];
$totalselected = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_nsnst_blocked_ips"));
if ($totalselected > 0) {
  echo "<table align='center' border='0' cellpadding='2' cellspacing='2' bgcolor='$bgcolor2' width='100%'>\n";
  echo "<tr><td align='right' bgcolor='$bgcolor2' colspan='3'>";
  // Page Sorting
  echo "<form method='post' action='modules.php?name=$module_name'>\n";
  echo "<input type='hidden' name='op' value='STIPS'>\n";
  echo "<input type='hidden' name='min' value='$min'>\n";
  echo "<b>"._AB_SORT.":</b> ";
  echo "<select name='column'>\n";
  if($column == "ip_addr") $selcolumn1 = "selected";
  echo "<option value='ip_addr' $selcolumn1>"._AB_IPBLOCKED."</option>\n";
  if($column == "date") $selcolumn2 = "selected";
  echo "<option value='date' $selcolumn2>"._AB_DATE."</option>\n";
  if($column == "reason") $selcolumn3 = "selected";
  echo "<option value='reason' $selcolumn3>"._AB_REASON."</option>\n";
  echo "</select> ";
  echo "<select name='direction'>\n";
  if($direction == "asc") $seldirection1 = "selected";
  echo "<option value='asc' $seldirection1>"._AB_ASC."</option>\n";
  if($direction == "desc") $seldirection2 = "selected";
  echo "<option value='desc' $seldirection2>"._AB_DESC."</option>\n";
  echo "</select> ";
  echo "<input type='submit' value='"._AB_SORT."'>\n";
  echo "</form>";
  // Page Sorting
  echo "</td></tr>\n";
  echo "<tr><td bgcolor='$bgcolor1' colspan='3'><img src='images/pix.gif' height='2' width='2'></td></tr>\n";
  echo "<tr bgcolor='$bgcolor2'>\n";
  echo "<td align='center' width='34%'><b>"._AB_IPBLOCKED."</b></td>\n";
  echo "<td align='center' width='33%'><b>"._AB_DATE."</b></td>\n";
  echo "<td align='center' width='33%'><b>"._AB_REASON."</b></td>\n";
  echo "</tr>\n";
  $result = $db->sql_query("SELECT * FROM ".$prefix."_nsnst_blocked_ips ORDER BY $column $direction LIMIT $min,$perpage");
  while ($getIPs = $db->sql_fetchrow($result)) {
    $bdate = date("Y-m-d @ H:i:s", $getIPs['date']);
    $lookupip = str_replace("*", "0", $getIPs['ip_addr']);
    echo "<tr onmouseover=\"this.style.backgroundColor='$bgcolor2'\" onmouseout=\"this.style.backgroundColor='$bgcolor1'\" bgcolor='$bgcolor1'>\n";
    if((is_admin($admin) AND $ab_config['display_link']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_link']==2) OR $ab_config['display_link']==3) {
      $lookupip = str_replace("*", "0", $getIPs['ip_addr']);
      $ipcontent = "<a href=\"".$ab_config['lookup_link']."$lookupip\" target=\"_blank\">".$getIPs['ip_addr']."</a>";
    } else {
      $ipcontent = $getIPs['ip_addr'];
    }
    echo "<td align='center'>$ipcontent</td>\n";
    echo "<td align='center'>$bdate</td>\n";
    $reason = "----------";
    if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {
      $result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
      list($reason) = $db->sql_fetchrow($result2);
      $reason = str_replace("Abuse-","",$reason);
    }
    echo "<td align='center'>$reason</td>\n";
    echo "<input type='hidden' name='min' value='$min'>\n";
    echo "<input type='hidden' name='column' value='$column'>\n";
    echo "<input type='hidden' name='direction' value='$direction'>\n";
    echo "</tr>\n";
  }
  // Page Numbering
  $pagesint = ($totalselected / $perpage);
  $pageremainder = ($totalselected % $perpage);
  if ($pageremainder != 0) {
    $pages = ceil($pagesint);
    if ($totalselected < $perpage) { $pageremainder = 0; }
  } else {
    $pages = $pagesint;
  }
  if ($pages != 1 && $pages != 0) {
    echo "<tr><td bgcolor='$bgcolor1' colspan='3'><img src='images/pix.gif' height='2' width='2'></td></tr>\n";
    echo "<tr><td align='right' bgcolor='$bgcolor2' colspan='3'>\n";
    echo "<form action='modules.php?name=$module_name' method='post'>\n";
    echo "<input type='hidden' name='op' value='STIPS'>\n";
    echo "<b>"._AB_PAGE."</b> ";
    $counter = 1;
    $currentpage = ($max / $perpage);
    echo "<input type='hidden' name='column' value='$column'>\n";
    echo "<input type='hidden' name='direction' value='$direction'>\n";
    echo "<select name='min'>\n";
    while ($counter <= $pages ) {

      $cpage = $counter;
      $mintemp = ($perpage * $counter) - $perpage;
      if ($counter == $currentpage) {
        echo "<option selected>$counter</option>";
      } else {
        echo "<option value='$mintemp'>$counter</option>";
      }
      $counter++;
    }
    echo "</select> <b>"._AB_OF." $pages</b> <input type='submit' value='"._AB_GO."'>\n</form>\n";
    echo "</tr>\n";
  }
  // Page Numbering
  echo "</table>\n";
} else {
  echo "<center><b>"._AB_NOIPS."</b></center>\n";
}
CloseTable();
@include("footer.php");

?>
 
View user's profile Send private message
BobMarion
PostPosted: Mon Mar 14, 2005 1:11 pm Reply with quote

Have you set in NukeSentinel Administration to display the blocked reason? If not it will always show other until you set it so that everyone, members only, or admins only can see the reason the ip was blocked.
 
RaDiKaL
PostPosted: Tue Mar 15, 2005 1:14 am Reply with quote

Yes, I have it set up for Users/Admins Only
 
BobMarion
PostPosted: Wed Mar 16, 2005 2:08 am Reply with quote

This is the section that controls it:
Code:
    if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {

      $result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
      list($reason) = $db->sql_fetchrow($result2);
      $reason = str_replace("Abuse-","",$reason);
    }


For a test try commenting out the first and last line of this section like so:
Code:
//    if((is_admin($admin) AND $ab_config['display_reason']==1) OR ((is_user($user) OR is_admin($admin)) AND $ab_config['display_reason']==2) OR $ab_config['display_reason']==3) {

      $result2 = $db->sql_query("SELECT reason FROM $prefix"._nsnst_blockers." WHERE blocker='".$getIPs['reason']."'");
      list($reason) = $db->sql_fetchrow($result2);
      $reason = str_replace("Abuse-","",$reason);
//    }


See if it shows the correct reason then. If it does we can work on the if statement to find why it's not.
 
RaDiKaL
PostPosted: Thu Mar 17, 2005 10:55 pm Reply with quote

Thanks. I'll try it out today and let you know.
 
RaDiKaL
PostPosted: Fri Mar 18, 2005 7:11 am Reply with quote

No, that didn't do it.

That's ok though, I don't really use the module and the block reason is displayed correctly in the administration menu.

Thank you anyway Smile
 
BobMarion
PostPosted: Fri Mar 18, 2005 10:24 pm Reply with quote

I'm still going to do some testing to try and figure out why it's doing it. I don't want a display fault in the script to be a deciding factor for someone that wants to secure their site.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©