Mainfile.php and patched 3.1

manunkind · Posted: Tue Oct 25, 2005 6:05 pm

Hey, I'm re-doing my site and realizing that the instructions for installing NukeSentinel are not matching my files.

What we are supposed to do:

Quote:

#
#-----[ FIND ]------------------------------------------
#
if (defined('FORUM_ADMIN')) {
@require_once("../../../config.php");
@require_once("../../../db/db.php");
@require_once("../../../includes/sql_layer.php");
if (file_exists("../../../includes/custom_files/custom_mainfile.php")) { @include_once("../../../includes/custom_files/custom_mainfile.php"); }
@require_once("../../../includes/ipban.php");
if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_head.php")) { @include_once("../../../includes/custom_files/custom_head.php"); }
if (defined('NUKE_HEADER') && file_exists("../../../includes/custom_files/custom_header.php")) { @include_once("../../../includes/custom_files/custom_header.php"); }
} elseif (defined('INSIDE_MOD')) {
@require_once("../../config.php");
@require_once("../../db/db.php");
@require_once("../../includes/sql_layer.php");
if (file_exists("../../includes/custom_files/custom_mainfile.php")) { @include_once("../../includes/custom_files/custom_mainfile.php"); }
@require_once("../../includes/ipban.php");
if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_head.php")) { @include_once("../../includes/custom_files/custom_head.php"); }
if (defined('NUKE_HEADER') && file_exists("../../includes/custom_files/custom_header.php")) { @include_once("../../includes/custom_files/custom_header.php"); }
} else {
@require_once("config.php");
@require_once("db/db.php");
@require_once("includes/sql_layer.php");
if (file_exists("includes/custom_files/custom_mainfile.php")) { @include_once("includes/custom_files/custom_mainfile.php"); }
@require_once("includes/ipban.php");
if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_head.php")) { @include_once("includes/custom_files/custom_head.php"); }
if (defined('NUKE_HEADER') && file_exists("includes/custom_files/custom_header.php")) { @include_once("includes/custom_files/custom_header.php"); }

What is in my file:

Quote:

if(defined('FORUM_ADMIN')) {
define('INCLUDE_PATH', '../../../');
} elseif(defined('INSIDE_MOD')) {
define('INCLUDE_PATH', '../../');
} else {
define('INCLUDE_PATH', './');
}

@require_once(INCLUDE_PATH."config.php");
@require_once(INCLUDE_PATH."db/db.php");
@require_once(INCLUDE_PATH."includes/sql_layer.php");
@require_once(INCLUDE_PATH."includes/ipban.php");
if (file_exists(INCLUDE_PATH."includes/custom_files/custom_mainfile.php")) {
@include_once(INCLUDE_PATH."includes/custom_files/custom_mainfile.php");
}

if (!defined('FORUM_ADMIN')) {
if(empty($admin_file)) {
die ("You must set a value for admin_file in config.php");
} elseif (!empty($admin_file) && !file_exists($admin_file.".php")) {
die ("The admin_file you defined in config.php does not exist");
}
}

// Error reporting, to be set in config.php
if($display_errors) {
@ini_set('display_errors', 1);
error_reporting(E_ALL^E_NOTICE);
} else {
@ini_set('display_errors', 0);
error_reporting(0);
}

Not even close to matching! This is a fresh download of both NukeSentinel and Patched 3.1

Help! Smile

What should I do?

Raven · Posted: Tue Oct 25, 2005 7:07 pm

What version of phpnuke are you using?

manunkind · Posted: Tue Oct 25, 2005 7:10 pm

7.6

Raven · Posted: Tue Oct 25, 2005 7:19 pm

If you are using nuke v7.6 with a patch level of 3.1, then the instructions in NukeSentinel mainfile7.6.txt are correct. Make sure that you have the latest 3.1 patch as Chat has reissued it several times.

manunkind · Posted: Tue Oct 25, 2005 7:28 pm

I'm not sure what's going on then. I'm downloading it right from his site:

Only registered users can see links on this board!
Get registered or login to the forums!

I just did it again now to make sure I got the right one. Is there a newer one somewhere else?

Raven · Posted: Tue Oct 25, 2005 7:32 pm

If that's the case then it appears that it may be changed from when NukeSentinel was last released. We'll look into it.

evaders99 · Posted: Tue Oct 25, 2005 8:32 pm

Correct, chatserv did some streamlining to the code. I don't think he reported these code changes, sorry.

chatserv · Posted: Tue Oct 25, 2005 8:46 pm

Code:

if(defined('FORUM_ADMIN')) {
define('INCLUDE_PATH', '../../../');
} elseif(defined('INSIDE_MOD')) {
define('INCLUDE_PATH', '../../');
} else {
define('INCLUDE_PATH', './');
}

@require_once(INCLUDE_PATH."config.php");
@require_once(INCLUDE_PATH."db/db.php");
@require_once(INCLUDE_PATH."includes/sql_layer.php");
@require_once(INCLUDE_PATH."includes/ipban.php");
@include_once(INCLUDE_PATH."includes/nukesentinel.php");
if (file_exists(INCLUDE_PATH."includes/custom_files/custom_mainfile.php")) {
@include_once(INCLUDE_PATH."includes/custom_files/custom_mainfile.php");
}

pinkbeef · Client Joined: Jul 19, 2005 Posts: 68

Chatserve Im happy you confirmed the code, but im thick. is that the nwe code for mainfile for the 3.1 patch or the replacement code for 3.1 patched or is that the replacement code for Sentianel.
if its the new code what code does it replace.
thank you

faded · New Member Joined: Nov 19, 2005 Posts: 1

This the same issue I am having on phpnuke 7.9. I too am curious on the fix.

Raven · Posted: Sat Nov 19, 2005 7:38 pm

That is the fix that Chatserv posted.

dude69th · New Member Joined: Nov 01, 2005 Posts: 1

its not a fix it is what is in our mainfile.php already. thats what the problem is it doesnt match what what the instructions tell us to find. chat serve i beg you please clarify im anxious to try sentinal im a virgin

Embarassed

dude69th

Raven · Posted: Thu Nov 24, 2005 8:47 pm

These questions are all answered in the forum if you would search for them Smile

After this line
@require_once(INCLUDE_PATH."includes/ipban.php");
add this
@require_once(INCLUDE_PATH."includes/nukesentinel.php");

pinkbeef · Client Joined: Jul 19, 2005 Posts: 68

the problem i found with searching the forums is you get 1000's of answers. on some of the problems ive encountered, ive ended up with hours of answers to look through before i foin the correct one. but i guess that is the price you pay when using a popular forum like Ravens

pinkbeef · Client Joined: Jul 19, 2005 Posts: 68

how about you selecting a single word or sentance, which will pull up the correct answer. if you do it ill eat my mouse. HAHA

blaize · New Member Joined: Dec 01, 2005 Posts: 14

I downloaded 76patched to 3.1 from this link

Only registered users can see links on this board!
Get registered or login to the forums!

, and I'm trying to install NukeSentinel_242_71-79.

My question is this; In the 3.1 patched version of mainfile.php everything is commented out from the middle of line 136 to line 831 where it says /*********************************************************/
/* text filter */
/*********************************************************/ <(line 831)

Code:

if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {
die('Illegal Operation');
}
}
}

if(isset($admin) && $admin == $_COOKIE['admin'])
{
$admin = base64_decode($admin);
$admin = addslashes($admin);
$admin = base64_encode($admin);
}

if(isset($user) && $user == $_COOKIE['user'])
{
$user = base64_decode($user);
$user = addslashes($user);
$user = base64_encode($user);
}

// Die message for not allowed HTML tags
$htmltags = "<center><img src=\"images/logo.gif\"> ";
$htmltags .= "The html tags you attempted to use are not allowed ";
$htmltags .= "[ <a href=\"javascript:history.go(-1)\">Go Back</a> ]";

// Die message for empty HTTP_REFERER
$posttags = "Warning: your browser doesn't send the HTTP_REFERER header to the website. ";
$posttags .= "This can be caused due to your browser, using a proxy server or your firewall. ";
$posttags .= "Please change browser or turn off the use of a proxy ";
$posttags .= "or turn off the 'Deny servers to trace web browsing' in your firewall ";
$posttags .= "and you shouldn't have problems when sending a POST on this website.";

if (!defined('ADMIN_FILE') && !file_exists('includes/nukesentinel.php')) {
foreach ($_GET as $sec_key => $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*body*\"?[^>]*>", $secvalue)) ||
(eregi("$[^>]*\"?[^)]*$", $secvalue)) ||
(eregi("\"", $secvalue)) ||
(eregi("forum_admin", $sec_key)) ||
(eregi("inside_mod", $sec_key))) {
die ($htmltags);
}
}

foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*body*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
die ($htmltags);
}
}
}

// Posting from other servers in not allowed
// Fix by Quake
// Bug found by PeNdEjO
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
} else {
die($posttags);
}
}

if(defined('FORUM_ADMIN')) {
define('INCLUDE_PATH', '../../../');
} elseif(defined('INSIDE_MOD')) {
define('INCLUDE_PATH', '../../');
} else {
define('INCLUDE_PATH', './');
}

@require_once(INCLUDE_PATH."config.php");
@require_once(INCLUDE_PATH."db/db.php");
@require_once(INCLUDE_PATH."includes/sql_layer.php");
@require_once(INCLUDE_PATH."includes/ipban.php");
if (file_exists(INCLUDE_PATH."includes/custom_files/custom_mainfile.php")) {
@include_once(INCLUDE_PATH."includes/custom_files/custom_mainfile.php");
}

if (!defined('FORUM_ADMIN')) {
if(empty($admin_file)) {
die ("You must set a value for admin_file in config.php");
} elseif (!empty($admin_file) && !file_exists($admin_file.".php")) {
die ("The admin_file you defined in config.php does not exist");
}
}

// Error reporting, to be set in config.php
if($display_errors) {
@ini_set('display_errors', 1);
error_reporting(E_ALL^E_NOTICE);
} else {
@ini_set('display_errors', 0);
error_reporting(0);
}

define('NUKE_FILE', true);
$dbi = sql_connect($dbhost, $dbuname, $dbpass, $dbname);
$result = $db->sql_query("SELECT * FROM ".$prefix."_config");
$row = $db->sql_fetchrow($result);
$sitename = $row['sitename'];
$nukeurl = $row['nukeurl'];
$site_logo = $row['site_logo'];
$slogan = $row['slogan'];
$startdate = $row['startdate'];
$adminmail = stripslashes($row['adminmail']);
$anonpost = $row['anonpost'];
$Default_Theme = $row['Default_Theme'];
$foot1 = $row['foot1'];
$foot2 = $row['foot2'];
$foot3 = $row['foot3'];
$commentlimit = intval($row['commentlimit']);
$anonymous = $row['anonymous'];
$minpass = intval($row['minpass']);
$pollcomm = intval($row['pollcomm']);
$articlecomm = intval($row['articlecomm']);
$broadcast_msg = intval($row['broadcast_msg']);
$my_headlines = intval($row['my_headlines']);
$top = intval($row['top']);
$storyhome = intval($row['storyhome']);
$user_news = intval($row['user_news']);
$oldnum = intval($row['oldnum']);
$ultramode = intval($row['ultramode']);
$banners = intval($row['banners']);
$backend_title = $row['backend_title'];
$backend_language = $row['backend_language'];
$language = $row['language'];
$locale = $row['locale'];
$multilingual = intval($row['multilingual']);
$useflags = intval($row['useflags']);
$notify = intval($row['notify']);
$notify_email = $row['notify_email'];
$notify_subject = $row['notify_subject'];
$notify_message = $row['notify_message'];
$notify_from = $row['notify_from'];
$moderate = intval($row['moderate']);
$admingraphic = intval($row['admingraphic']);
$httpref = intval($row['httpref']);
$httprefmax = intval($row['httprefmax']);
$CensorMode = intval($row['CensorMode']);
$CensorReplace = $row['CensorReplace'];
$copyright = $row['copyright'];
$Version_Num = floatval($row['Version_Num']);
$domain = str_replace("http://", "", $nukeurl);
$mtime = microtime();
$mtime = explode(" ",$mtime);
$mtime = $mtime[1] + $mtime[0];
$start_time = $mtime;

if (!defined('FORUM_ADMIN')) {
if (isset($newlang) AND !stripos_clone($newlang,".")) {
 if (file_exists("language/lang-".$newlang.".php")) {
 setcookie("lang",$newlang,time()+31536000);
 include_once("language/lang-".$newlang.".php");
 $currentlang = $newlang;
 } else {
 setcookie("lang",$language,time()+31536000);
 include_once("language/lang-".$language.".php");
 $currentlang = $language;
 }
} elseif (isset($lang)) {
 include_once("language/lang-".$lang.".php");
 $currentlang = $lang;
} else {
 setcookie("lang",$language,time()+31536000);
 include_once("language/lang-".$language.".php");
 $currentlang = $language;
}
}

function get_lang($module) {
global $currentlang, $language;
if (file_exists("modules/$module/language/lang-".$currentlang.".php")) {
 if ($module == "admin") {
 include_once("admin/language/lang-".$currentlang.".php");
 } else {
 include_once("modules/$module/language/lang-".$currentlang.".php");
 }
} else {
 if ($module != "Forums") {
 if ($module == "admin") {
 include_once("admin/language/lang-".$currentlang.".php");
 } else {
 include_once("modules/$module/language/lang-".$language.".php");
 }
 }
}
}

function is_admin($admin) {
if (!$admin) { return 0; }
if (isset($adminSave)) return $adminSave;
if (!is_array($admin)) {
$admin = base64_decode($admin);
$admin = addslashes($admin);
$admin = explode(":", $admin);
}
$aid = $admin[0];
$pwd = $admin[1];
$aid = substr(addslashes($aid), 0, 25);
if (!empty($aid) && !empty($pwd)) {
global $prefix, $db;
$sql = "SELECT pwd FROM ".$prefix."_authors WHERE aid='$aid'";
$result = $db->sql_query($sql);
$pass = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($pass[0] == $pwd && !empty($pass[0])) {
static $adminSave;
return $adminSave = 1;
}
}
static $adminSave;
return $adminSave = 0;
}

function is_user($user) {
if (!$user) { return 0; }
if (isset($userSave)) return $userSave;
if (!is_array($user)) {
$user = base64_decode($user);
$user = addslashes($user);
$user = explode(":", $user);
}
$uid = $user[0];
$pwd = $user[2];
$uid = intval($uid);
if (!empty($uid) AND !empty($pwd)) {
global $db, $user_prefix;
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row[0] == $pwd && !empty($row[0])) {
static $userSave;
return $userSave = 1;
}
}
static $userSave;
return $userSave = 0;
}

function is_group($user, $name) {
global $prefix, $db, $user_prefix, $cookie, $user;
if (is_user($user)) {
if(!is_array($user)) {
$cookie = cookiedecode($user);
$uid = intval($cookie[0]);
} else {
$uid = intval($user[0]);
}
$result = $db->sql_query("SELECT points FROM ".$user_prefix."_users WHERE user_id='$uid'");
list($points) = $db->sql_fetchrow($result);
$points = intval($points);
$db->sql_freeresult($result);
$result2 = $db->sql_query("SELECT mod_group FROM ".$prefix."_modules WHERE title='$name'");
list($mod_group) = $db->sql_fetchrow($result2);
$mod_group = intval($mod_group);
$db->sql_freeresult($result2);
$result3 = $db->sql_query("SELECT points FROM ".$prefix."_groups WHERE id='$mod_group'");
list($rpoints) = $db->sql_fetchrow($result3);
$grp = intval($rpoints);
$db->sql_freeresult($result3);
if (($points >= 0 AND $points >= $grp) OR $mod_group == 0) {
return 1;
}
}
return 0;
}

$postString = "";
foreach ($_POST as $postkey => $postvalue) {
if ($postString > "") {
$postString .= "&".$postkey."=".$postvalue;
} else {
$postString .= $postkey."=".$postvalue;
}
}
str_replace("%09", "%20", $postString);
$postString_64 = base64_decode($postString);
if (!is_admin($admin) && stripos_clone($postString,'%20union%20') OR stripos_clone($postString,'*/union/*') OR stripos_clone($postString,' union ') OR stripos_clone($postString_64,'%20union%20') OR stripos_clone($postString_64,'*/union/*') OR stripos_clone($postString_64,' union ') OR stripos_clone($postString_64,'+union+') OR stripos_clone($postString,'http-equiv') OR stripos_clone($postString_64,'http-equiv')) {
header("Location: index.php");
die();
}

function update_points($id) {
global $user_prefix, $prefix, $db, $user;
if (is_user($user)) {
if(!is_array($user)) {
$cookie = cookiedecode($user);
$username = trim($cookie[1]);
} else {
$username = trim($user[1]);
}
if ($db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_groups")) > '0') {
$id = intval($id);
$result = $db->sql_query("SELECT points FROM ".$prefix."_groups_points WHERE id='$id'");
list($points) = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$rpoints = intval($points);
$db->sql_query("UPDATE ".$user_prefix."_users SET points=points+".$rpoints." WHERE username='$username'");
}
}
}

function title($text) {
OpenTable();
echo "<center>$text</center>";
CloseTable();
echo " ";
}

function is_active($module) {
global $prefix, $db;
static $save;
if (is_array($save)) {
if (isset($save[$module])) return ($save[$module]);
return 0;
}
$sql = "SELECT title FROM ".$prefix."_modules WHERE active=1";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$save[$row[0]] = 1;
}
$db->sql_freeresult($result);
if (isset($save[$module])) return ($save[$module]);
return 0;
}

function render_blocks($side, $blockfile, $title, $content, $bid, $url) {
if(!defined('BLOCK_FILE')) {
define('BLOCK_FILE', true);
}
if (empty($url)) {
 if (empty($blockfile)) {
 if ($side == "c") {
 themecenterbox($title, $content);
 } elseif ($side == "d") {
 themecenterbox($title, $content);
 } else {
 themesidebox($title, $content);
 }
 } else {
 if ($side == "c") {
 blockfileinc($title, $blockfile, 1);
 } elseif ($side == "d") {
 blockfileinc($title, $blockfile, 1);
 } else {
 blockfileinc($title, $blockfile);
 }
 }
} else {
 if ($side == "c" OR $side == "d") {
 headlines($bid,1);
 } else {
 headlines($bid);
 }
}
}

function blocks($side) {
global $storynum, $prefix, $multilingual, $currentlang, $db, $admin, $user;
if ($multilingual == 1) {
$querylang = "AND (blanguage='$currentlang' OR blanguage='')";
} else {
$querylang = "";
}
if (strtolower($side[0]) == "l") {
 $pos = "l";
} elseif (strtolower($side[0]) == "r") {
 $pos = "r";
} elseif (strtolower($side[0]) == "c") {
 $pos = "c";
} elseif (strtolower($side[0]) == "d") {
 $pos = "d";
}
$side = $pos;
$sql = "SELECT bid, bkey, title, content, url, blockfile, view, expire, action, subscription FROM ".$prefix."_blocks WHERE bposition='$pos' AND active='1' $querylang ORDER BY weight ASC";
$result = $db->sql_query($sql);
while($row = $db->sql_fetchrow($result)) {
$bid = intval($row['bid']);
$title = stripslashes(check_html($row['title'], "nohtml"));
$content = stripslashes($row['content']);
$url = stripslashes($row['url']);
$blockfile = $row['blockfile'];
$view = intval($row['view']);
$expire = intval($row['expire']);
$action = $row['action'];
$action = substr("$action", 0,1);
 $now = time();
 $sub = intval($row['subscription']);
 if ($sub == 0 OR ($sub == 1 AND !paid())) {
 if ($expire != 0 AND $expire <= $now) {
 if ($action == "d") {
 $db->sql_query("UPDATE ".$prefix."_blocks SET active='0', expire='0' WHERE bid='$bid'");
 return;
 } elseif ($action == "r") {
 $db->sql_query("DELETE FROM ".$prefix."_blocks WHERE bid='$bid'");
 return;
 }
 }
 if ($row['bkey'] == "admin") {
 adminblock();
 } elseif ($row['bkey'] == "userbox") {
 userblock();
 } elseif (empty($row['bkey'])) {
 if ($view == 0) {
 render_blocks($side, $blockfile, $title, $content, $bid, $url);
 } elseif ($view == 1 AND is_user($user) || is_admin($admin)) {
 render_blocks($side, $blockfile, $title, $content, $bid, $url);
 } elseif ($view == 2 AND is_admin($admin)) {
 render_blocks($side, $blockfile, $title, $content, $bid, $url);
 } elseif ($view == 3 AND !is_user($user) || is_admin($admin)) {
 render_blocks($side, $blockfile, $title, $content, $bid, $url);
 }
 }
 }
}
$db->sql_freeresult($result);
}

function message_box() {
global $bgcolor1, $bgcolor2, $user, $admin, $cookie, $textcolor2, $prefix, $multilingual, $currentlang, $db, $admin_file;
if ($multilingual == 1) {
 $querylang = "AND (mlanguage='$currentlang' OR mlanguage='')";
} else {
 $querylang = "";
}
$result = $db->sql_query("SELECT mid, title, content, date, expire, view FROM ".$prefix."_message WHERE active='1' $querylang");
if ($numrows = $db->sql_numrows($result) == 0) {
 return;
} else {
while ($row = $db->sql_fetchrow($result)) {
 $mid = intval($row['mid']);
 $title = stripslashes(check_html($row['title'], "nohtml"));
 $content = stripslashes($row['content']);
 $mdate = $row['date'];
 $expire = intval($row['expire']);
 $view = intval($row['view']);
if (!empty($title) && !empty($content)) {
 if ($expire == 0) {
 $remain = _UNLIMITED;
 } else {
 $etime = (($mdate+$expire)-time())/3600;
 $etime = (int)$etime;
 if ($etime < 1) {
 $remain = _EXPIRELESSHOUR;
 } else {
 $remain = ""._EXPIREIN." $etime "._HOURS."";
 }
 }
 if ($view == 5 AND paid()) {
OpenTable();
echo "<center>$title</center> \n"
 ."$content";
 if (is_admin($admin)) {
 echo " <center>[ "._MVIEWSUBUSERS." - $remain - <a href=\"".$admin_file.".php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>";
 }
 CloseTable();
 echo " ";
 } elseif ($view == 4 AND is_admin($admin)) {
OpenTable();
echo "<center>$title</center> \n"
 ."$content"
 ." <center>[ "._MVIEWADMIN." - $remain - <a href=\"".$admin_file.".php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>";
 CloseTable();
 echo " ";
 } elseif ($view == 3 AND is_user($user) || is_admin($admin)) {
OpenTable();
echo "<center>$title</center> \n"
 ."$content";
 if (is_admin($admin)) {
 echo " <center>[ "._MVIEWUSERS." - $remain - <a href=\"".$admin_file.".php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>";
 }
 CloseTable();
 echo " ";
 } elseif ($view == 2 AND !is_user($user) || is_admin($admin)) {
OpenTable();
echo "<center>$title</center> \n"
 ."$content";
 if (is_admin($admin)) {
 echo " <center>[ "._MVIEWANON." - $remain - <a href=\"".$admin_file.".php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>";
 }
 CloseTable();
 echo " ";
 } elseif ($view == 1) {
OpenTable();
echo "<center>$title</center> \n"
 ."$content";
 if (is_admin($admin)) {
 echo " <center>[ "._MVIEWALL." - $remain - <a href=\"".$admin_file.".php?op=editmsg&mid=$mid\">"._EDIT."</a> ]</center>";
 }
 CloseTable();
 echo " ";
 }
 if ($expire != 0) {
 $past = time()-$expire;
 if ($mdate < $past) {
 $db->sql_query("UPDATE ".$prefix."_message SET active='0' WHERE mid='$mid'");
 }
 }
 }
}
}
}

function online() {
global $user, $cookie, $prefix, $db;
$ip = $_SERVER['REMOTE_ADDR'];
$guest = 0;
if (is_user($user)) {
cookiedecode($user);
$uname = $cookie[1];
if (!isset($uname)) {
$uname = $ip;
$guest = 1;
}
} else {
$uname = $ip;
$guest = 1;
}
$past = time()-3600;
$sql = "DELETE FROM ".$prefix."_session WHERE time < '$past'";
$db->sql_query($sql);
$sql = "SELECT time FROM ".$prefix."_session WHERE uname='$uname'";
$result = $db->sql_query($sql);
$ctime = time();
if (!empty($uname)) {
$uname = substr($uname, 0,25);
$row = $db->sql_fetchrow($result);
if ($row) {
$db->sql_query("UPDATE ".$prefix."_session SET uname='$uname', time='$ctime', host_addr='$ip', guest='$guest' WHERE uname='$uname'");
} else {
$db->sql_query("INSERT INTO ".$prefix."_session (uname, time, host_addr, guest) VALUES ('$uname', '$ctime', '$ip', '$guest')");
}
}
$db->sql_freeresult($result);
}

function blockfileinc($title, $blockfile, $side=0) {
$blockfiletitle = $title;
$file = file_exists("blocks/".$blockfile."");
if (!$file) {
$content = _BLOCKPROBLEM;
} else {
include("blocks/".$blockfile."");
}
if (empty($content)) {
$content = _BLOCKPROBLEM2;
}
if ($side == 1) {
themecenterbox($blockfiletitle, $content);
} elseif ($side == 2) {
themecenterbox($blockfiletitle, $content);
} else {
themesidebox($blockfiletitle, $content);
}
}

function selectlanguage() {
global $useflags, $currentlang;
if ($useflags == 1) {
$title = _SELECTLANGUAGE;
$content = "<center>"._SELECTGUILANG." ";
$langdir = dir("language");
while($func=$langdir->read()) {
if(substr($func, 0, 5) == "lang-") {
 $menulist .= "$func ";
}
}
closedir($langdir->handle);
$menulist = explode(" ", $menulist);
sort($menulist);
for ($i=0; $i < sizeof($menulist); $i++) {
if($menulist[$i]!="") {
 $tl = str_replace("lang-","",$menulist[$i]);
 $tl = str_replace(".php","",$tl);
 $altlang = ucfirst($tl);
 $content .= "<a href=\"index.php?newlang=".$tl."\"><img src=\"images/language/flag-".$tl.".png\" border=\"0\" alt=\"$altlang\" title=\"$altlang\" hspace=\"3\" vspace=\"3\"></a> ";
}
}
$content .= "</center>";
themesidebox($title, $content);
} else {
$title = _SELECTLANGUAGE;
$content = "<center>"._SELECTGUILANG." ";
$content .= "<form action=\"index.php\" method=\"get\"><select name=\"newlanguage\" onChange=\"top.location.href=this.options[this.selectedIndex].value\">";
 $handle=opendir('language');
 while ($file = readdir($handle)) {
 if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
 $langFound = $matches[1];
 $languageslist .= "$langFound ";
 }
 }
 closedir($handle);
 $languageslist = explode(" ", $languageslist);
 sort($languageslist);
 for ($i=0; $i < sizeof($languageslist); $i++) {
 if($languageslist[$i]!="") {
$content .= "<option value=\"index.php?newlang=$languageslist[$i]\" ";
 if($languageslist[$i]==$currentlang) $content .= " selected";
$content .= ">".ucfirst($languageslist[$i])."</option>\n";
 }
}
$content .= "</select></form></center>";
themesidebox($title, $content);
}
}

function ultramode() {
global $prefix, $db;
$ultra = "ultramode.txt";
$file = fopen($ultra, "w");
fwrite($file, "General purpose self-explanatory file with news headlines\n");
$sql = "SELECT s.sid, s.catid, s.aid, s.title, s.time, s.hometext, s.comments, s.topic, t.topictext, t.topicimage FROM ".$prefix."_stories s LEFT JOIN ".$prefix."_topics t ON t.topicid = s.topic WHERE s.ihome = '0' ".$querylang." ORDER BY s.time DESC LIMIT 0,10";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
 $rsid = intval($row['sid']);
 $raid = $row['aid'];
 $rcatid = $row['catid'];
 $rtitle = check_html(stripslashes($row['title']), "nohtml");
 $rtime = $row['time'];
 $rhometext = check_html(stripslashes($row['hometext']), "nohtml");
 $rcomments = $row['comments'];
 $rtopic = $row['topic'];
 $topictext = stripslashes(check_html($row['topictext'], "nohtml"));
 $topicimage = stripslashes($row['topicimage']);
$content = "%%\n".$rtitle."\n/modules.php?name=News&file=article&sid=".$rsid."\n".$rtime."\n".$raid."\n".$topictext."\n".$rcomments."\n".$topicimage."\n";
fwrite($file, $content);
}
fclose($file);
$db->sql_freeresult($result);
}

function cookiedecode($user) {
global $cookie, $db, $user_prefix;
static $pass;
if(!is_array($user)) {
$user = base64_decode($user);
$user = addslashes($user);
$cookie = explode(":", $user);
} else {
$cookie = $user;
}
if (!isset($pass) AND isset($cookie[1])) {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE username='$cookie[1]'";
$result = $db->sql_query($sql);
list($pass) = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
if (isset($cookie[2]) AND ($cookie[2] == $pass) AND (!empty($pass))) { return $cookie; }
}

function getusrinfo($user) {
global $user_prefix, $db, $userinfo, $cookie;
if (!$user OR empty($user)) {
return NULL;
}
cookiedecode($user);
$user = $cookie;
if (isset($userrow) AND is_array($userrow)) {
if ($userrow['username'] == $user[1] && $userrow['user_password'] == $user[2]) {
return $userrow;
}
}
$sql = "SELECT * FROM ".$user_prefix."_users WHERE username='$user[1]' AND user_password='$user[2]'";
$result = $db->sql_query($sql);
if ($db->sql_numrows($result) == 1) {
static $userrow;
$userrow = $db->sql_fetchrow($result);
return $userinfo = $userrow;
}
$db->sql_freeresult($result);
unset($userinfo);
}

// Speed up this function with stripos_clone and str_replace
function FixQuotes ($what = "") {
$what = str_replace("'","''",$what);
while (stripos_clone($what, "\\\\'")) {
 $what = str_replace("\\\\'","'",$what);
}
return $what;
}

/*********************************************************/
/* text filter */
/*********************************************************/

When installing nukesentinel the instructions say to make changes to code that is commented out in the actual mainfile and making the changes does not make the code active.

Please someone make some sense of this and don't tell me to search the forums for the answer because that's exactly what brought me here. The search returned about 500 posts and yes I have tried to look at as many of them as possible.

Thanks in advance for your help

blaize

Raven · Posted: Sun Dec 04, 2005 5:40 pm

Why don't you just download my RavenNuke76? It's all done for you.

blaize · New Member Joined: Dec 01, 2005 Posts: 14

Umm tried that Raven and no disrespect to you but after the install everything was blank. had to manually upload the sql as well since the installSQL file kept returning errors and would not recognize the ravensql uploaded through the installSQL browser or by

Only registered users can see links on this board!
Get registered or login to the forums!

I don't understand why there are so many different versions of mainfile.php for 7.6 surely this must make installing sentinel a security nightmare?

Anyway thanks for your reply.

blaize

blaize · New Member Joined: Dec 01, 2005 Posts: 14

Just a quick question again Raven, since I had already downloaded RavenNuke76 can I just substitute the mainfile.php from there for the one from patched 3.1 or would that cause serious upset?

Thanks for your patience.

blaize

Raven · Posted: Sun Dec 04, 2005 6:01 pm

Have you tried the latest 1.05.00 just released yesterday? I don't take any disrespect Wink

. I have installed that, out of the box, on at least a dozen sites and never had to change anything, so I know it works.

blaize · New Member Joined: Dec 01, 2005 Posts: 14

My host is godaddy so that might have something to do with with it. Thanks for the heads up I'll download 1.05 and try that one. I like nuke and think Sentinel is a great program so if this one works you're more than welcome to a measly old $5.00.

Thanks again

blaize

Raven · Posted: Sun Dec 04, 2005 6:23 pm

Let me know. We usually can figure out the outliars, er, I mean the outliers ROTFL

blaize · New Member Joined: Dec 01, 2005 Posts: 14

Will do LOL, thanks.

blaize

chatserv · Posted: Sun Dec 04, 2005 10:40 pm

A line like:
/*********************************************************/
only comments out that particular line and not anything before or after it.

blaize · New Member Joined: Dec 01, 2005 Posts: 14

Ok I downloaded and installed the 7.6 v1.05 distro and installed it but had problems with nuke sentinel blocking access to the admin function immediately, couldn't even create a super user account. So I dropped all the ns tables from the db and then one I had my nuke admin account setup I uploaded the install files for sentinel and proceeded to reinstall the tables from there. Everything seems to functioning ok except that I only have access to CGIAUTH which doesn't function even though the .htaccess and .staccess files were created properly.

Oh well, everything else is functioning as it should and protecting the site so thanks again Raven.

blaize