| Author |
Message |
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
 Posted:
Mon May 31, 2004 6:58 pm |
 
|
I put the sentinel banner at the bottom of my site and everything was fine. However, just now I went back into preferences to put a link to this site on the image, and got a page come up 'The html tags you attempted to use are not allowed'
So I tried to put the same link to the sentinal image in my info box and got the same page up.
I'm just using the normal html code for links to images.
Is this a bug or is this normal? Seems odd I can't put links to images tho. |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Mon May 31, 2004 7:34 pm |
|
'The html tags you attempted to use are not allowed'
Is the error result of the native filter in the begining of mainfile.php
| Code: |
foreach ($_GET as $secvalue) {
if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
(eregi("\"", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
foreach ($_POST as $secvalue) {
if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
|
If you are entering code like that in a block it would be a good idea to disable the Sentinel script blocker then create and test your new block then reactivate the Sentinel script blocker. |
|
|
|
|
|
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
| Posted:
Tue Jun 01, 2004 2:08 am |
|
I don't think so.
I just put in <a href="http://www.ravenscripts.com/index.php"> as the link then the image url which was already there with the html tags and </a> at the end. Same as you always put a link in.
I turned off the script blocker and tried it and I still got the same message.
This happens on blocks and the footer box in Preferences. I tested in Stories and when you put the html in the article it doesnt happen there, posts as normal.
Any suggestions?
I'm pretty new to phpNuke so can you explain in simple terms please.  |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Tue Jun 01, 2004 5:33 am |
|
Its the word script in ravenphpscripts.com
Try this which is
%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D |
|
|
|
|
|
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
| Posted:
Tue Jun 01, 2004 8:29 am |
|
Thanks it's sorted the parse error, but not the error when using links to images  |
|
|
|
|
|
djw2
Regular
Joined: Sep 19, 2003
Posts: 95
Location: St. Louis, MO
|
| Posted:
Wed Jun 02, 2004 12:03 am |
|
I'm also having a little trouble linking the banner here from my footer.
I've entered...
| Quote: | | <a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D" target="_parent"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a> |
and it links to...
| Quote: | | http://www.majorityreporter.com/%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D |
Why is it entering the part, and is there a way to over ride it?
Thanks in advance... and thanks for another great product.
Peace! |
|
|
 
 |
|
Muffin
Client
Joined: Apr 10, 2004
Posts: 649
Location: UK
|
| Posted:
Wed Jun 02, 2004 5:32 am |
|
I'm also having problems putting hyperlinks into articles, I get the same error about not being able to use html tags.
 |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Wed Jun 02, 2004 6:04 am |
|
| sixonetonoffun wrote: | Its the word script in ravenphpscripts.com
Try this which is
%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D |
Actually you just need to encode only one of the letters in "script", so should work. |
|
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Wed Jun 02, 2004 6:08 am |
|
As Six said, if you are getting the message about HTML tags, that is probably the core nuke logic in mainfile. A simple way to tell is to momentarily comment out the Sentinel(tm) include statement in mainfile.php and try it again. If it works, then it would appear that we may some tweaking to do. If you still get the html message then that will confirm our suspicions. |
|
|
|
|
|
djw2
Regular
Joined: Sep 19, 2003
Posts: 95
Location: St. Louis, MO
|
| Posted:
Wed Jun 02, 2004 8:41 am |
|
Hey,
I'm not having the link error. I'm going to a 404 because the link is directed to
See what I mean? It's calling ravenscripts.com like a subdirectory from my root rather than an outside link.
Just go to my site and click the banner in the footer... you'll see what I mean.
Thanks.
|
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Wed Jun 02, 2004 10:51 am |
|
Please post your code for that image. |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed Jun 02, 2004 11:35 am |
|
I think its with the mainfile.php filter I tried on 7.3 and it works fine but on 6.5 it gets stripped out I'd imagine your version of 7 is still using some $_POST variable filter that has been removed in more recent versions.
| Code: |
foreach ($_POST as $secvalue) {
if (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) {
Header("Location: index.php");
die();
}
}
|
Was changed to
| Code: |
foreach ($_POST as $secvalue) {
if ((eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
|
and | Code: |
(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
|
Was removed from the $_GET Filter. |
|
|
|
|
|
djw2
Regular
Joined: Sep 19, 2003
Posts: 95
Location: St. Louis, MO
|
| Posted:
Wed Jun 02, 2004 11:36 am |
|
Here's the link that's in the Footer Line 1: text box...
| Quote: | | <a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D" target="_parent"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a> |
I also tried it without the parent tag, like this...
| Quote: | | <a href="%77%77%77%2E%72%61%76%65%6E%70%68%70%73%63%72%69%70%74%73%2E%63%6F%6D"><img src="images/sentinel/Sentinel_Large.png" width="468" height="60" border="0"></a> |
Thanks again.
Peace! |
|
|
|
|
|
blith
Client
Joined: Jul 18, 2003
Posts: 977
|
| Posted:
Wed Jun 02, 2004 11:40 am |
|
Shouldn't it be <a href="http://URL"> otherwise it looks in the root... |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Wed Jun 02, 2004 11:40 am |
|
You are missing the in the href tag. <a href="http:// |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed Jun 02, 2004 11:44 am |
|
This works with the mainfile.php changes I posted above. Without any silly changes to the code for anyone who wants to give that a try.
<div align="center"><a href="http://www.ravenphpscripts.com" target="blank"><img src="images/sentinel/Sentinel_Large_Red.png" border="0" Alt="Web site protected by Sentinel (tm)" hspace="10"></a><br></div> |
|
|
|
|
|
djw2
Regular
Joined: Sep 19, 2003
Posts: 95
Location: St. Louis, MO
|
| Posted:
Wed Jun 02, 2004 11:51 am |
|
Oops.
Sorry about that guys. Thanks again for the help and the patients.
Isn't it funny how we sometimes miss the simplest things.
Peace! |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::