Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Get rid of deprecated error
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 8.1
Author Message
hicuxunicorniobestbuildpc
The Mouse Is Extension Of Arm



Joined: Aug 13, 2009
Posts: 1122
PostPosted: Sun Jan 24, 2010 7:50 am Reply with quote
There are many deprecated warning errors in this version. I found this


Code:
error_reporting(E_ALL^E_NOTICE);


if ($display_errors == 1) {


  @ini_set('display_errors', 1);


} else {


  @ini_set('display_errors', 0);


}


What could be the solution to get rid of these codes.n I search a little bit but I couldnt find the answer
 
View user's profile Send private message
nuken
RavenNuke(tm) Development Team



Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina
PostPosted: Sun Jan 24, 2010 8:07 am Reply with quote
Code:
$error_reporting = E_ALL^E_NOTICE^E_DEPRECATED;

_________________
Tricked Out News 
View user's profile Send private message Send e-mail Visit poster's website
hicuxunicorniobestbuildpc
PostPosted: Mon Jan 25, 2010 2:26 am Reply with quote
That didnt helped. I activated php 5.3 and I get many errors again. This part of the codes doesnt change into brown. it stays black. Any other suggestion? Thanks in advance Nuken. How are you doing with your site and your beautiful work.
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Mon Jan 25, 2010 2:53 am Reply with quote
error_reporting(E_ALL^E_NOTICE^E_DEPRECATED);
 
View user's profile Send private message
hicuxunicorniobestbuildpc
PostPosted: Mon Jan 25, 2010 12:00 pm Reply with quote
I tried without & and didnt work either. Sad

I tried

error_reporting(E_ALL^E_NOTICE^E_DEPRECATED); not working

$error_reporting(E_ALL^E_NOTICE^E_DEPRECATED); not working

Shocked

I notice this one doesnt change the color. it stays the same, means something is missing.
 
nuken
PostPosted: Mon Jan 25, 2010 12:19 pm Reply with quote
Are you using a local server like xampp or wamp? If so, you will need to turn error reporting off in the php.ini file.
 
hicuxunicorniobestbuildpc
PostPosted: Mon Jan 25, 2010 12:23 pm Reply with quote
no I am doing online. Thanks for replying but I cant find a solution. On the server I have php 5.2 and 5.3 and when I chose 5.3 I get so many deprecated errors.
 
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
PostPosted: Tue Jan 26, 2010 4:22 am Reply with quote
If this is a production site, you should have errors turned off any way as they can reveal sensitive information.
I think E_DEPRECATED is actually under E_ALL in PHP 5.3.x but I could be wrong.
Try
$error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
 
View user's profile Send private message Send e-mail
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
PostPosted: Tue Jan 26, 2010 6:33 am Reply with quote
BTW, on a related note, RavenNuke(tm) does have known issues on PHP 5.3 and we'll be clearing these up with the 2.50.00 release.

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
hicuxunicorniobestbuildpc
PostPosted: Sat Oct 09, 2010 5:32 am Reply with quote
I decided to change all deprecated errors but I don't remember how to do this one.

Code:
(eregi("/\"", $secvalue)) ||


I tried this one but didn't work.
Code:
(preg_match("//\/i"", $secvalue)) ||
 
montego
PostPosted: Sat Oct 09, 2010 12:37 pm Reply with quote
Well, the first eregi is really looking for this string:

/"

So, for the preg_match(), you can either use different pattern closures like this:

preg_match('#/"#i', $secvalue)

or

preg_match("/\/\"/i", $secvalue) <-- very difficult to read

But, a more quicker implementation in this particular case would be:

strpos($secvalue, '/"')
 
montego
PostPosted: Sat Oct 09, 2010 12:41 pm Reply with quote
Oh, and by the way, if using preg_match, since you're against symbols rather than alphabetic characters, no need to use the "i" option for case insensitive (slower).
 
Palbin
Site Admin



Joined: Mar 30, 2006
Posts: 2583
Location: Pittsburgh, Pennsylvania
PostPosted: Sat Oct 09, 2010 1:10 pm Reply with quote
If you really want to get picky you should not even be using preg_* since you are not using regular expressions. You should be using strstr(). Wink
[ Only registered users can see links on this board! Get registered or login! ]

_________________
"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." — Brian W. Kernighan. 
View user's profile Send private message
montego
PostPosted: Sat Oct 09, 2010 1:32 pm Reply with quote
Palbin, I mentioned strpos() in my post, as in this case, I think its slightly better as you really aren't wanting to bring back elements of the string, just trying to determine if the "needle" exists within the string, but either should work in this case.
 
hicuxunicorniobestbuildpc
PostPosted: Sat Oct 09, 2010 2:20 pm Reply with quote
ok guys thanks a lot for replying to this interesting issue but I would like you to point me in a more specific way.

Did you mean I shouldn't use preg_match
Is it better and faster this code strstr() ????

Examples

Code:
(eregi("/\"", $secvalue)) ||


Replace with

Code:
strpos($secvalue, '/"')



I want more explanation because this time I get confused a little bit with that fact
Code:
(eregi("/\"", $secvalue)) ||
becomes different. Thanks in advance.
 
hicuxunicorniobestbuildpc
PostPosted: Sat Oct 09, 2010 2:38 pm Reply with quote
Maybe this example is better.

Can you convert these one in order to test something. I already did it with preg_match+/i but I want to see yours

Code:
(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||


(eregi("<[^>]body*\"?[^>]*>", $secvalue) && !eregi("<[^>]tbody*\"?[^>]*>", $secvalue)) ||


(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||


(eregi("\"", $secvalue)) ||


(eregi("forum_admin", $sec_key)) ||


(eregi("inside_mod", $sec_key))) {
 
montego
PostPosted: Sun Oct 10, 2010 3:47 pm Reply with quote
Sorry, don't have that kind of time to rewrite this. The first three lines are definitely preg_match() candidates, the fourth strpos() or strstr(), and actually the last two could also be strpos() or strstr().
 
hicuxunicorniobestbuildpc
PostPosted: Sun Oct 10, 2010 5:35 pm Reply with quote
I already did the whole file and if someone has the time to check it will be nice. Many thanks for all people who participate on this deprecated issues. Let me know if the whole file is correct. I didn't get any error but who knows.
Code:
// NEW Disable Switch


if(@$ab_config['disable_switch'] > 0) { return; }


// Load constant vars


$nsnst_const['server_ip'] = get_server_ip();


if(!preg_match(REGEX_IPV4, $nsnst_const['server_ip'])) { $nsnst_const['server_ip'] = "none"; }


$nsnst_const['client_ip'] = get_client_ip();


if(!preg_match(REGEX_IPV4, $nsnst_const['client_ip'])) { $nsnst_const['client_ip'] = "none"; }


$nsnst_const['forward_ip'] = get_x_forwarded();


if(!preg_match(REGEX_IPV4, $nsnst_const['forward_ip'])) { $nsnst_const['forward_ip'] = "none"; }


$nsnst_const['remote_addr'] = get_remote_addr();


if(!preg_match(REGEX_IPV4, $nsnst_const['remote_addr'])) { $nsnst_const['remote_addr'] = "none"; }


$nsnst_const['remote_ip'] = get_ip();


if(!preg_match(REGEX_IPV4, $nsnst_const['remote_ip'])) { $nsnst_const['remote_ip'] = "none"; }


$nsnst_const['remote_long'] = sprintf("%u", ip2long($nsnst_const['remote_ip']));


$nsnst_const['remote_port'] = get_remote_port();


$nsnst_const['request_method'] = get_request_method();


$nsnst_const['script_name'] = get_script_name();


$nsnst_const['http_host'] = get_http_host();


$nsnst_const['query_string'] = st_clean_string(get_query_string());


$nsnst_const['get_string'] = st_clean_string(get_get_string());


$nsnst_const['post_string'] = st_clean_string(get_post_string());


$nsnst_const['query_string_base64'] = st_clean_string(base64_decode($nsnst_const['query_string']));


$nsnst_const['get_string_base64'] = st_clean_string(base64_decode($nsnst_const['get_string']));


$nsnst_const['post_string_base64'] = st_clean_string(base64_decode($nsnst_const['post_string']));


$nsnst_const['user_agent'] = get_user_agent();


$nsnst_const['referer'] = get_referer();


$nsnst_const['ban_time'] = time();


$nsnst_const['ban_ip'] = "";


if (isset($_COOKIE['user'])) $uinfo = getusrinfo($_COOKIE['user']); else $uinfo = getusrinfo('');


if($uinfo['user_id'] > 1 && !empty($uinfo['username'])) {


  $nsnst_const['ban_user_id'] = $uinfo['user_id'];


  $nsnst_const['ban_username'] = $uinfo['username'];


} else {


  $nsnst_const['ban_user_id'] = 1;


  $nsnst_const['ban_username'] = $nuke_config['anonymous'];


}


// Load Blocker Arrays


$result = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blockers` ORDER BY `blocker`");


$num_rows = $db->sql_numrows($result);


for ($i = 0; $i < $num_rows; $i++) { $blocker_array[$i] = $db->sql_fetchrow($result); }


$db->sql_freeresult($result);


// Check for Flood Attack


// CAUTION: This function sometimes can slow your sites load time


$blocker_row = @$blocker_array[11];


if($blocker_row['activate'] > 0) {


  session_start();


  //session_name("NSNST_Flood");


  if(!isset($_SESSION['NSNST_Flood'])){


    $_SESSION['NSNST_Flood'] = time();


    ab_flood($blocker_row);


  }else{


    ab_flood($blocker_row);


    $_SESSION['NSNST_Flood'] = time();


  }


  //session_write_close();


}


// Invalid admin check


if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }


if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }


// Stop Santy Worm


if(@$ab_config['santy_protection'] == 1) {


  $bad_uri_content=array("rush", "highlight=%", "perl", "chr(", "pillar", "visualcoder", "sess_");


  while(list($stid,$uri_content)=each($bad_uri_content)) { if(stristr($_SERVER['REQUEST_URI'], $uri_content)) { die(_AB_SANTY); } }


}


// Invalid ip check


if (@$ab_config['test_switch'] == 1) {;} //Site is in TEST Mode so skip the ipCheck


elseif (isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck===true) {;} //Site is NOT in TEST mode but $bypassNukeSentinelInvalidIPCheck is set to TRUE so skip the ipCheck


else { //Site is NOT in TEST Mode and $bypassNukeSentinelInvalidIPCheck is either not set or it is set to FALSE so do the ipCheck


  if($nsnst_const['remote_ip']=="none") {


    echo abget_template("abuse_invalid.tpl");


    die();


  }


}


// Invalid user agent


if((@$nsnst_const['user_agent']=="none" AND !stristr($_SERVER['PHP_SELF'], "backend.php") AND ($nsnst_const['remote_ip'] != $nsnst_const['server_ip'])) || $nsnst_const['user_agent']=="-") {


  echo abget_template("abuse_invalid2.tpl");


  die();


}


// Invalid request method check


if(strtolower(@$nsnst_const['request_method'])!="get" AND strtolower(@$nsnst_const['request_method'])!="head" AND strtolower(@$nsnst_const['request_method'])!="post" AND strtolower(@$nsnst_const['request_method'])!="put") { die(_AB_INVALIDMETHOD); }


// DOS Attack Blocker


if(@$ab_config['prevent_dos'] == 1 AND !stristr($_SERVER['PHP_SELF'], "backend.php") AND !stristr(@$nuke_config['nukeurl'], $_SERVER['SERVER_NAME'])) {


  if(@empty($nsnst_const['user_agent']) || $nsnst_const['user_agent'] == "-" || @!isset($nsnst_const['user_agent'])) { die(_AB_GETOUT); }


}


// Site Switch Check


if(@$ab_config['site_switch'] == 1 AND !stristr($_SERVER['PHP_SELF'], "".$admin_file.".php") AND !is_admin($_COOKIE['admin'])) {


  $display_page = abget_template($ab_config['site_reason']);


  $display_page = preg_replace("/</body>/i", "<hr noshade='noshade' />\n<div align='right'>"._AB_NUKESENTINEL."</div>\n</body>", $display_page);


  die($display_page);


}


// Clearing of expired blocks


// CAUTION: This function can slow your sites load time


$clearedtime = strtotime(date("Y-m-d 23:59:59", $nsnst_const['ban_time']));


$cleartime = strtotime(date("Y-m-d 23:59:59", $nsnst_const['ban_time'])) - 86400;


if(@$ab_config['self_expire'] == 1 AND @$ab_config['blocked_clear'] < $cleartime) {


  $clearresult = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blocked_ips` WHERE (`expires`<'$clearedtime' AND `expires`!='0')");


  while($clearblock = $db->sql_fetchrow($clearresult)) {


    if(!empty($ab_config['htaccess_path'])) {


      $ipfile = file($ab_config['htaccess_path']);


      $ipfile = implode("", $ipfile);


      $i = 1;


      while ($i <= 3) {


        $tip = substr($clearblock['ip_addr'], -2);


        if($tip == ".*") { $clearblock['ip_addr'] = substr($clearblock['ip_addr'], 0, -2); }


        $i++;


      }


      $testip = "deny from ".$clearblock['ip_addr']."\n";


      $ipfile = str_replace($testip, "", $ipfile);


      $doit = @fopen($ab_config['htaccess_path'], "w");


      @fwrite($doit, $ipfile);


      @fclose($doit);


    }


    $db->sql_query("DELETE FROM `".$prefix."_nsnst_blocked_ips` WHERE `ip_addr`='".$clearblock['ip_addr']."'");


    $db->sql_query("OPTIMIZE TABLE `".$prefix."_nsnst_blocked_ips`");


  }


  $clearresult = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blocked_ranges` WHERE (`expires`<'$clearedtime' AND `expires`!='0')");


  while($clearblock = $db->sql_fetchrow($clearresult)) {


    $old_masscidr = ABGetCIDRs($clearblock['ip_lo'], $clearblock['ip_hi']);


    if(!empty($ab_config['htaccess_path'])) {


      $old_masscidr = explode("||", $old_masscidr);


      for ($i=0, $maxi=sizeof($old_masscidr); $i < $maxi; $i++) {


        if(!empty($old_masscidr[$i])) {


          $old_masscidr[$i] = "deny from ".$old_masscidr[$i]."\n";


        }


      }


      $ipfile = file($ab_config['htaccess_path']);


      $ipfile = implode("", $ipfile);


      $ipfile = str_replace($old_masscidr, "", $ipfile);


      $ipfile = $ipfile;


      $doit = @fopen($ab_config['htaccess_path'], "w");


      @fwrite($doit, $ipfile);


      @fclose($doit);


    }


    $db->sql_query("DELETE FROM `".$prefix."_nsnst_blocked_ranges` WHERE `ip_lo`='".$clearblock['ip_lo']."' AND `ip_hi`='".$clearblock['ip_hi']."'");


    $db->sql_query("OPTIMIZE TABLE `".$prefix."_nsnst_blocked_ranges`");


  }


  $db->sql_query("UPDATE `".$prefix."_nsnst_config` SET `config_value`='$clearedtime' WHERE `config_name`='blocked_clear'");


}


// Proxy Blocker


if(@$ab_config['proxy_switch'] == 1) {


  $proxy0 = $nsnst_const['remote_ip'];


  $proxy1 = $nsnst_const['client_ip'];


  $proxy2 = $nsnst_const['forward_ip'];


  $proxy_host = @getHostByAddr($proxy0);


  //Lite:


  if($ab_config['proxy_switch'] == 1 AND ($proxy1 != "none" OR $proxy2 != "none")) {


    $display_page = abget_template($ab_config['proxy_reason']);


    $display_page = preg_replace("/</body>/i", "<hr noshade='noshade' />\n<div align='right'>"._AB_NUKESENTINEL." ".$ab_config['version_number']." "._AB_BYNSN."</div>\n</body>", $display_page);


    die($display_page);


  }


  //Mild:


  if($ab_config['proxy_switch'] == 2 AND ($proxy1 != "none" OR $proxy2 != "none" OR stristr($proxy_host,"proxy"))) {


    $display_page = abget_template($ab_config['proxy_reason']);


    $display_page = preg_replace("/</body>/i", "<hr noshade='noshade' />\n<div align='right'>"._AB_NUKESENTINEL." ".$ab_config['version_number']." "._AB_BYNSN."</div>\n</body>", $display_page);


    die($display_page);


  }


  //Strong:


  if($ab_config['proxy_switch'] == 3 AND ($proxy1 != "none" OR $proxy2 != "none" OR stristr($proxy_host,"proxy") OR $proxy0 == $proxy_host)) {


    $display_page = abget_template($ab_config['proxy_reason']);


    $display_page = preg_replace("/</body>/i", "<hr noshade='noshade' />\n<div align='right'>"._AB_NUKESENTINEL." ".$ab_config['version_number']." "._AB_BYNSN."</div>\n</body>", $display_page);


    die($display_page);


  }


}


// Check if ip is blocked


$blocked_row = abget_blocked($nsnst_const['remote_ip']);


if($blocked_row) { blocked($blocked_row); }


// Check if range is blocked


$blockedrange_row = abget_blockedrange($nsnst_const['remote_ip']);


if($blockedrange_row) { blockedrange($blockedrange_row); }


// AUTHOR Protection


$blocker_row = @$blocker_array[5];


if($blocker_row['activate'] > 0) {


  if(isset($op) AND ($op=="mod_authors" OR $op=="modifyadmin" OR $op=="UpdateAuthor" OR $op=="AddAuthor" OR $op=="deladmin2" OR $op=="deladmin" OR $op=="assignstories" OR $op=="deladminconf") AND !is_god($_COOKIE['admin'])) {


    block_ip($blocker_row);


  }


}


// ADMIN protection


$blocker_row = @$blocker_array[10];


if($blocker_row['activate'] > 0) {


  if(stristr($_SERVER['PHP_SELF'],"".$admin_file.".php") AND (isset($op) AND $op!="login" AND $op!="adminMain" AND $op!="gfx") AND @!is_admin($_COOKIE['admin'])) {


    block_ip($blocker_row);


  }


}


// Check for UNION attack


// Copyright 2004(c) Raven PHP Scripts


$blocker_row = @$blocker_array[1];


if($blocker_row['activate'] > 0 AND (!isset($_COOKIE['admin']) OR !is_admin($_COOKIE['admin']))) {


  if(stristr($nsnst_const['query_string'],'+or+')


     OR stristr($nsnst_const['query_string'],'*/or/*')


     OR stristr($nsnst_const['query_string_base64'],'+or+')


     OR stristr($nsnst_const['query_string_base64'],'*/or/*')) {


    block_ip($blocker_row);


  }


  //TECHNOCRAT


  if(preg_match(REGEX_UNION, $nsnst_const['query_string'])) {


    block_ip($blocker_row);


  }


}


// Check for CLIKE attack


// Copyright 2004(c) Raven PHP Scripts


$blocker_row = @$blocker_array[2];


if($blocker_row['activate'] > 0) {


  if(stristr($nsnst_const['query_string'],'/*')


     OR stristr($nsnst_const['query_string_base64'],'/*')


     OR stristr($nsnst_const['query_string'],'*/')


     OR stristr($nsnst_const['query_string_base64'],'*/')) {


    block_ip($blocker_row);


  }


}


// Check Filters


$blocker_row = @$blocker_array[7];


if($blocker_row['activate'] > 0) {


  // Check for Forum attack


  // Copyright 2004(c) GanjaUK & ChatServ


  if(!stristr($nsnst_const['query_string'],'&file=nickpage')


     AND stristr($nsnst_const['query_string'],'&user=')


     AND ($name=="Private_Messages" || $name=="Forums" || $name=="Members_List")) {


    block_ip($blocker_row);


  }


  // Check for News attack


  // Copyright 2004(c) ChatServ


  if(stristr($nsnst_const['query_string'],'%25') AND ($name=="News" || $name=="Reviews")) {


    block_ip($blocker_row);


  }


  // Check for XSS attack


  if(!stristr($nsnst_const['query_string'], "index.php?url=") AND (!isset($_COOKIE['admin']) OR !is_admin($_COOKIE['admin']))) {


    if( (isset($name) AND (preg_match("/http\:\/\//i", $name) OR preg_match("/https\:\/\//i", $name)))


    OR (isset($file) AND (preg_match("/http\:\/\//i", $file) OR preg_match("/https\:\/\//i", $file)))


    OR (isset($libpath) AND (preg_match("/http\:\/\//i", $libpath) OR preg_match("/https\:\/\//i", $libpath)))


    OR stristr($nsnst_const['query_string'], "http://") OR stristr($nsnst_const['query_string'], "https://")


    OR stristr($nsnst_const['query_string'], "_SERVER=") OR stristr($nsnst_const['query_string'], "_COOKIE=")


    OR ( stristr($nsnst_const['query_string'], "cmd=") AND !stristr($nsnst_const['query_string'], "&cmd") )


    OR ( stristr($nsnst_const['query_string'], "exec") AND !stristr($nsnst_const['query_string'], "execu") )


    OR stristr($nsnst_const['query_string'],"concat") AND !stristr($nsnst_const['query_string'], "../") ) {


      block_ip($blocker_row);


    }


  }


}


// if (!isset($_COOKIE['admin']) AND !is_admin($_COOKIE['admin'])) {


if (@is_admin($_COOKIE['admin'])==false) {


  // Check for SCRIPTING attack


  // Copyright 2004(c) ChatServ


  $blocker_row = @$blocker_array[4];


  if($blocker_row['activate'] > 0) {


    foreach($_GET as $sec_key => $secvalue) {


      if((preg_match("/<[^>]script*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]style*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/<[^>]body*\"?[^>]*>/i", $secvalue) && !preg_match("/<[^>]tbody*\"?[^>]*>/i", $secvalue)) ||


        (preg_match("/\([^>]*\"?[^)]*\)/i", $secvalue)) ||


        (strpos("/\"", $secvalue)) ||


        (strpos("forum_admin", $sec_key)) ||


        (strpos("inside_mod", $sec_key))) {


           block_ip($blocker_row);


        }


      }


      // BEGIN - Added by Raven 11/19/2007 to exclude Forums and Private_Message Posting blocks


      $qs = $nsnst_const['query_string'];


      $qsName = explode('name=', $qs);


      $qsName = @explode('&',$qsName[1]);


      if (stristr($qs,'name=Forums')!==false && stristr($qs,'file=posting')!==false && (strtolower($qsName[0])=="private_messages" || strtolower($qsName[0])=="forums")) {


        // The following code is strictly for testing purposes.


        // Uncomment the lines and change the 2 email address calls (you@your_domain.xxx) in the mail function call to your address to see the posts that are being allowed.


        // Otherwise this code should not be used.


        //$psValue = empty($nsnst_const['post_string']) ? 'None' : htmlentities($nsnst_const['post_string']);


        //if ($psValue!=='None' && stristr($psValue,'&amp;post=Submit')!==false) @mail('you@your_domain.xxx','NS Script Blocker Activated - Trapped',"name = $name \n module_name = $module_name \n qs = $qs \n qsName[0] = ".$qsName[0]."\n qsName[1] = ".$qsName[1]."\n\n psValue = $psValue \n","From: [ Only registered users can see links on this board! Get registered or login! ]\r\nX-Mailer: "._AB_NUKESENTINEL);


      } else {


      // END - Added by Raven 11/19/2007 to exclude Forums and Private_Message Posting blocks


        foreach($_POST as $secvalue) {


          if((@preg_match("/<[^>]*iframe*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]*object*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]*applet*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]*meta*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]*onmouseover*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]script*\"?[^>]*/i", $secvalue)) ||


            (@preg_match("/<[^>]body*\"?[^>]*>/i", $secvalue) && !preg_match("<[^>]tbody*\"?[^>]*>/i", $secvalue)) ||


            (@preg_match("/<[^>]style*\"?[^>]*/i", $secvalue))) {


            block_ip($blocker_row);


          }


       }


     }


  }


}


// Check for Referer


$blocker_row = @$blocker_array[6];


if($blocker_row['activate'] > 0) {


   if($ab_config['list_referer'] > "") {


      $RefererList = explode("\r\n", $ab_config['list_referer']);


      for ($i=0, $maxi=count($RefererList); $i < $maxi; $i++) {


         $refered = $RefererList[$i];


         if(!empty($refered) AND stristr($nsnst_const['referer'], $refered)) {


            block_ip($blocker_row, $refered);


         }


      }


   }


}


// Check for Harvester


$blocker_row = @$blocker_array[3];


if($blocker_row['activate'] > 0) {


   if($ab_config['list_harvester'] > "") {


      $HarvesterList = explode("\r\n", $ab_config['list_harvester']);


      for ($i=0, $maxi=count($HarvesterList); $i < $maxi; $i++) {


         $harvest = $HarvesterList[$i];


         if(!empty($harvest) AND stristr($nsnst_const['user_agent'], $harvest)) {


            block_ip($blocker_row, $harvest);


         }


    }


  }


}


// Check for Strings


$blocker_row = @$blocker_array[9];


if($blocker_row['activate'] > 0) {


   if($ab_config['list_string'] > "") {


      $StringList = explode("\r\n", $ab_config['list_string']);


      for ($i=0, $maxi=count($StringList); $i < $maxi; $i++) {


         $stringl = $StringList[$i];


         if(!empty($stringl) AND stristr($nsnst_const['query_string'], $stringl) OR stristr($nsnst_const['get_string'], $stringl) OR stristr($nsnst_const['post_string'], $stringl)) {


            block_ip($blocker_row, $stringl);


         }


      }


   }


}


// Check for Request


$blocker_row = @$blocker_array[8];


if($blocker_row['activate'] > 0) {


   if($blocker_row['list'] > "") {


      $RequestList = explode("\r\n",$blocker_row['list']);


      for ($i=0, $maxi=count($RequestList); $i < $maxi; $i++) {


         $request = $RequestList[$i];


         if(!empty($request) AND stristr($nsnst_const['request_method'], $request)) {


            block_ip($blocker_row, $request);


         }


      }


   }


}


// Force to NUKEURL


if(@$ab_config['force_nukeurl'] == 1 AND !stristr($_SERVER['PHP_SELF'], "backend.php")) {


  $servtemp1 = strtolower(str_replace("http://", "", $nuke_config['nukeurl']));


  if(substr($servtemp1, -1) == "/") { $servtemp1 = substr($servtemp1, 0, strlen($servtemp1)-1); }


  $servrqst1 = strtolower($_SERVER['HTTP_HOST']);


  $pos = strpos($servtemp1, '/');


  if($pos){ $servtemp1 = substr($servtemp1,0,$pos); }


  if($servrqst1 != $servtemp1 AND (!stristr($_SERVER['REQUEST_URI'], "modules/Forums/admin/") AND !stristr($_SERVER['REQUEST_URI'], "abuse/"))) {


    $rphp1 = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];


    $rphp2 = str_replace($servrqst1, $servtemp1, $rphp1);


    $rphp2 = "http://".$rphp2;


    header("Location: $rphp2");


  }


}


// IP Tracking


// CAUTION: This function can slow your sites load time


if(@$ab_config['track_active'] == 1 AND !is_excluded($nsnst_const['remote_ip'])) {


  if(!empty($nsnst_const['post_string']) && $nsnst_const['post_string'] != "none") {


    $pg = $nsnst_const['post_string'];


    $mod_check = 0;


    if (isset($name) && !preg_match("/^name=/i".$name, $pg) && stristr($nsnst_const['script_name'], "modules.php")) { $mod_check = 1; }


    if($mod_check == 1) { $mod_check = "name=".$name."&"; } else { $mod_check = ""; }


    $pg = $mod_check.$pg;


    $pg = preg_replace('/&(password|user_password|upassword|pass|upass|user_pass|vpass|pwd|new_pass|name)2?(confirm)?(_confirm)?=\w*/i','',$pg);


    $pg = $nsnst_const['script_name']."?".$pg;


  } elseif(!empty($nsnst_const['get_string']) && $nsnst_const['get_string'] != "none") {


    $pg = $nsnst_const['get_string'];


    $mod_check = 0;


    if (isset($name) && !preg_replace("/^name=/i".$name, $pg) && stristr($nsnst_const['script_name'], "modules.php")) { $mod_check = 1; }


    if($mod_check == 1) { $mod_check = "name=".$name."&"; } else { $mod_check = ""; }


    $pg = $mod_check.$pg;


    $pg = preg_replace('/&(password|user_password|upassword|pass|upass|user_pass|vpass|pwd|new_pass|name)2?(confirm)?(_confirm)?=\w*/i','',$pg);


    $pg = $nsnst_const['script_name']."?".$pg;


  } elseif(!empty($nsnst_const['query_string']) && $nsnst_const['query_string'] != "none") {


    $pg = $nsnst_const['query_string'];


    $mod_check = 0;


    if (isset($name) && !preg_match("/^name=/i".$name, $pg) && stristr($nsnst_const['script_name'], "modules.php")) { $mod_check = 1; }


    if($mod_check == 1) { $mod_check = "name=".$name."&"; } else { $mod_check = ""; }


    $pg = $mod_check.$pg;


    $pg = preg_replace('/&(password|user_password|upassword|pass|upass|user_pass|vpass|pwd|new_pass|name)2?(confirm)?(_confirm)?=\w*/i','',$pg);


    $pg = $nsnst_const['script_name']."?".$pg;


  } else {


    $pg = $nsnst_const['script_name'];


  }


  if($pg != "/backend.php" AND $pg != '/modules.php' AND !stristr($pg, "op=gfx") AND !stristr($pg, "gfx=gfx") AND !stristr($pg, "gfx=gfx_little")) {


    $c2c = '';


    $tresult = $db->sql_query("SELECT `c2c` FROM `".$prefix."_nsnst_ip2country` WHERE `ip_lo`<='".$nsnst_const['remote_long']."' AND `ip_hi`>='".$nsnst_const['remote_long']."' LIMIT 0,1");


    $checkrow = $db->sql_numrows($tresult);


    if($checkrow > 0) {


      list($c2c) = $db->sql_fetchrow($tresult);


    }


    if(!$c2c) { $c2c = "00"; }


    if($nsnst_const['ban_user_id']==1) { $nsnst_const['ban_username2'] = ""; } else { $nsnst_const['ban_username2'] = $nsnst_const['ban_username']; }


    $refered_from = htmlentities ($nsnst_const['referer'], ENT_QUOTES);


    if(!get_magic_quotes_runtime()) {


      $ban_username2 = addslashes($nsnst_const['ban_username2']);


      $user_agent = addslashes($nsnst_const['user_agent']);


      $pg = addslashes($pg);


      $refered_from = addslashes($refered_from);


    }


    $db->sql_query("INSERT INTO `".$prefix."_nsnst_tracked_ips` (`user_id`, `username`, `date`, `ip_addr`, `ip_long`, `page`, `user_agent`, `refered_from`, `x_forward_for`, `client_ip`, `remote_addr`, `remote_port`, `request_method`, `c2c`) VALUES ('".addslashes($nsnst_const['ban_user_id'])."', '$ban_username2', '".addslashes($nsnst_const['ban_time'])."', '".addslashes($nsnst_const['remote_ip'])."', '".addslashes($nsnst_const['remote_long'])."', '$pg', '$user_agent', '$refered_from', '".addslashes($nsnst_const['forward_ip'])."', '".addslashes($nsnst_const['client_ip'])."', '".addslashes($nsnst_const['remote_addr'])."', '".addslashes($nsnst_const['remote_port'])."', '".addslashes($nsnst_const['request_method'])."', '$c2c')");


    $clearedtime = strtotime(date("Y-m-d", $nsnst_const['ban_time']));


    $cleartime = strtotime(date("Y-m-d", $nsnst_const['ban_time']));


    if($ab_config['track_max'] > 0 AND $ab_config['track_clear'] < $cleartime) {


      $ab_config['track_del'] = $cleartime - $ab_config['track_max'];


      $db->sql_query("DELETE FROM `".$prefix."_nsnst_tracked_ips` WHERE `date` < ".$ab_config['track_del']);


      $db->sql_query("UPDATE `".$prefix."_nsnst_config` SET `config_value`='$clearedtime' WHERE `config_name`='track_clear'");


      $db->sql_query("OPTIMIZE TABLE `".$prefix."_nsnst_tracked_ips`");


    }


  }


}





/*******************************/


/* BEGIN FUNCTIONS             */


/*******************************/





function get_env($st_var) {


  global $HTTP_SERVER_VARS;


  if(isset($_SERVER[$st_var])) {


    return $_SERVER[$st_var];


  } elseif(isset($_ENV[$st_var])) {


    return $_ENV[$st_var];


  } elseif(isset($HTTP_SERVER_VARS[$st_var])) {


    return $HTTP_SERVER_VARS[$st_var];


  } elseif(getenv($st_var)) {


    return getenv($st_var);


  } elseif(function_exists('apache_getenv') && apache_getenv($st_var, true)) {


    return apache_getenv($st_var, true);


  }


  return "";


}





function get_remote_port() {


  if(get_env("REMOTE_PORT")) {


    return get_env("REMOTE_PORT");


  }


  return "none";


}





function get_request_method() {


  if(get_env("REQUEST_METHOD")) {


    return get_env("REQUEST_METHOD");


  }


  return "none";


}





function get_script_name() {


  if(get_env("SCRIPT_NAME")) {


    return get_env("SCRIPT_NAME");


  }


  return "none";


}





function get_http_host() {


  if(get_env("HTTP_HOST")) {


    return get_env("HTTP_HOST");


  }


  return "none";


}





function get_query_string() {


  if(get_env("QUERY_STRING")) {


    return str_replace("%09", "%20", get_env("QUERY_STRING"));


  }


  return "";


}





// Copyright 2004(c) Raven PHP Scripts


function st_clean_string($cleanstring) {


  $st_fr1 = array("%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09", "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", "%18", "%19", "%20", "%21", "%22", "%23", "%24", "%25", "%26", "%27", "%28", "%29", "%30", "%31", "%32", "%33", "%34", "%35", "%36", "%37", "%38", "%39", "%40", "%41", "%42", "%43", "%44", "%45", "%46", "%47", "%48", "%49", "%50", "%51", "%52", "%53", "%54", "%55", "%56", "%57", "%58", "%59", "%60", "%61", "%62", "%63", "%64", "%65", "%66", "%67", "%68", "%69", "%70", "%71", "%72", "%73", "%74", "%75", "%76", "%77", "%78", "%79");


  $st_to1 = array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", " ", "!", "\"", "#", "$", "%", "&", "'", "(", ")", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "@", "A", "B", "C", "D", "E", "F", "G", "H", "I", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "`", "a", "b", "c", "d", "e", "f", "g", "h", "i", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y");


  $st_fr2 = array("%0A", "%0B", "%0C", "%0D", "%0E", "%0F", "%1A", "%1B", "%1C", "%1D", "%1E", "%1F", "%2A", "%2B", "%2C", "%2D", "%2E", "%2F", "%3A", "%3B", "%3C", "%3D", "%3E", "%3F", "%4A", "%4B", "%4C", "%4D", "%4E", "%4F", "%5A", "%5B", "%5C", "%5D", "%5E", "%5F", "%6A", "%6B", "%6C", "%6D", "%6E", "%6F", "%7A", "%7B", "%7C", "%7D", "%7E", "%7F", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f", "%2a", "%2b", "%2c", "%2d", "%2e", "%2f", "%3a", "%3b", "%3c", "%3d", "%3e", "%3f", "%4a", "%4b", "%4c", "%4d", "%4e", "%4f", "%5a", "%5b", "%5c", "%5d", "%5e", "%5f", "%6a", "%6b", "%6c", "%6d", "%6e", "%6f", "%7a", "%7b", "%7c", "%7d", "%7e", "%7f");


  $st_to2 = array("", "", "", "", "", "", "", "", "", "", "", "", "*", "+", ",", "-", ".", "/", ":", ";", "<", "=", ">", "?", "J", "K", "L", "M", "N", "O", "Z", "[", "\\", "]", "^", "_", "j", "k", "l", "m", "n", "o", "z", "{", "|", "}", "~", "", "", "", "", "", "", "", "", "", "", "", "", "", "*", "+", ",", "-", ".", "/", ":", ";", "<", "=", ">", "?", "J", "K", "L", "M", "N", "O", "Z", "[", "\\", "]", "^", "_", "j", "k", "l", "m", "n", "o", "z", "{", "|", "}", "~", "");


  $cleanstring = str_replace($st_fr1, $st_to1, $cleanstring);


  $cleanstring = str_replace($st_fr2, $st_to2, $cleanstring);


  return $cleanstring;


}





function get_get_string() {


  global $HTTP_GET_VARS;


  $getstring = "";


  if(isset($_GET)) {


    $ST_GET = $_GET;


  } elseif(isset($HTTP_GET_VARS)) {


    $ST_GET = $HTTP_GET_VARS;


  } elseif(getenv("GET")) {


    $ST_GET = getenv("GET");


  } elseif(function_exists('apache_getenv') && apache_getenv("GET", true)) {


    $ST_GET = apache_getenv("GET", true);


  } else {


    $ST_GET = "";


  }


  foreach ($ST_GET as $getkey => $getvalue) {


    if(!empty($getstring)) {


      $getstring .= "&".$getkey."=".$getvalue;


    } else {


      $getstring .= $getkey."=".$getvalue;


    }


  }


  return str_replace("%09", "%20", $getstring);


}





function get_post_string() {


  global $HTTP_POST_VARS;


  $poststring = "";


  if(isset($_POST)) {


    $ST_POST = $_POST;


  } elseif(isset($HTTP_POST_VARS)) {


    $ST_POST = $HTTP_POST_VARS;


  } elseif(getenv("POST")) {


    $ST_POST = getenv("POST");


  } elseif(function_exists('apache_getenv') && apache_getenv("POST", true)) {


    $ST_POST = apache_getenv("POST", true);


  } else {


    $ST_POST = "";


  }


  foreach ($ST_POST as $postkey => $postvalue) {


    if(!empty($poststring)) {


      $poststring .= "&".$postkey."=".$postvalue;


    } else {


      $poststring .= $postkey."=".$postvalue;


    }


  }


  return str_replace("%09", "%20", $poststring);


}





function get_user_agent() {


  if(get_env("HTTP_USER_AGENT")) {


    return get_env("HTTP_USER_AGENT");


  }


  return "none";


}





function get_referer() {


  global $nuke_config;


  if(get_env("HTTP_REFERER")) {


    if(stristr(get_env("HTTP_REFERER"), $nuke_config['nukeurl'])) {


      return "on site";


    } elseif(stristr(get_env("HTTP_REFERER"), "http://localhost") || stristr(get_env("HTTP_REFERER"), "http://127.0.") || stristr(get_env("HTTP_REFERER"), "http://192.168.") || stristr(get_env("HTTP_REFERER"), "http://10.") || stristr(get_env("HTTP_REFERER"), "file://")) {


      return "local link";


    }


    return get_env("HTTP_REFERER");


  }


  return "none";


}





function get_ip() {


  global $nsnst_const;


  if(strpos($nsnst_const['client_ip'], ', ') AND isset($nsnst_const['client_ip'])) {


    $client_ips = explode(', ', $nsnst_const['client_ip']);


    if($client_ips[0] != 'unknown' AND $client_ips[0] != 'none' AND !empty($client_ips[0]) AND !is_reserved($client_ips[0])) {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $client_ips[0])) { $client_ips[0] = "none"; }


    } else {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $client_ips[1])) { $client_ips[1] = "none"; }


    }


  }


  if(strpos($nsnst_const['forward_ip'], ', ') AND isset($nsnst_const['forward_ip'])) {


    $x_forwardeds = explode(', ', $nsnst_const['forward_ip']);


    if($x_forwardeds[0] != 'unknown' AND $x_forwardeds[0] != 'none' AND !empty($x_forwardeds[0]) AND !is_reserved($x_forwardeds[0])) {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $x_forwardeds[0])) { $x_forwardeds[0] = "none"; }


    } else {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $x_forwardeds[1])) { $x_forwardeds[1] = "none"; }


    }


  }


  if(strpos($nsnst_const['remote_addr'], ', ') AND isset($nsnst_const['remote_addr'])) {


    $remote_addrs = explode(', ', $nsnst_const['remote_addr']);


    if($remote_addrs[0] != 'unknown' AND $remote_addrs[0] != 'none' AND !empty($remote_addrs[0]) AND !is_reserved($remote_addrs[0])) {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $remote_addrs[0])) { $remote_addrs[0] = "none"; }


    } else {


      if(!preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})$/", $remote_addrs[1])) { $remote_addrs[1] = "none"; }


    }


  }


  if(isset($nsnst_const['client_ip']) && !stristr($nsnst_const['client_ip'], "none") && !stristr($nsnst_const['client_ip'], "unknown") AND !is_reserved($nsnst_const['client_ip'])) {


    return $nsnst_const['client_ip'];


  } elseif(isset($nsnst_const['forward_ip']) && !stristr($nsnst_const['forward_ip'], "none") && !stristr($nsnst_const['forward_ip'], "unknown") AND !is_reserved($nsnst_const['forward_ip'])) {


    return $nsnst_const['forward_ip'];


  } elseif(isset($nsnst_const['remote_addr']) && !stristr($nsnst_const['remote_addr'], "none") && !stristr($nsnst_const['remote_addr'], "unknown") AND !is_reserved($nsnst_const['remote_addr'])) {


    return $nsnst_const['remote_addr'];


  } else {


    return "none";


  }


}





function get_server_ip () {


  if(get_env("SERVER_ADDR")) {


    return get_env("SERVER_ADDR");


  }


  return "none";


}





function get_client_ip () {


  if(get_env("HTTP_CLIENT_IP")) {


    return get_env("HTTP_CLIENT_IP");


  } elseif(get_env("HTTP_VIA")) {


    return get_env("HTTP_VIA");


  } elseif(get_env("HTTP_X_COMING_FROM")) {


    return get_env("HTTP_X_COMING_FROM");


  } elseif(get_env("HTTP_COMING_FROM")) {


    return get_env("HTTP_COMING_FROM");


  } else {


    return "none";


  }


}





function get_x_forwarded () {


  if(get_env("HTTP_X_FORWARDED_FOR")) {


    return get_env("HTTP_X_FORWARDED_FOR");


  } elseif(get_env("HTTP_X_FORWARDED")) {


    return get_env("HTTP_X_FORWARDED");


  } elseif(get_env("HTTP_FORWARDED_FOR")) {


    return get_env("HTTP_FORWARDED_FOR");


  } elseif(get_env("HTTP_FORWARDED")) {


    return get_env("HTTP_FORWARDED");


  } else {


    return "none";


  }


}





function get_remote_addr () {


  if(get_env("REMOTE_ADDR")) {


    return get_env("REMOTE_ADDR");


  }


  return "none";


}





function clear_session(){


  global $prefix, $db, $nsnst_const;


  // Clear nuke_session location


  $x_forwarded = $nsnst_const['forward_ip'];


  $client_ip = $nsnst_const['client_ip'];


  $remote_addr = $nsnst_const['remote_addr'];


  $db->sql_query("DELETE FROM `".$prefix."_session` WHERE `host_addr`='$x_forwarded' OR `host_addr`='$client_ip' OR `host_addr`='$remote_addr'");


  // Clear nuke_bbsessions location


  $x_f = explode(".", $x_forwarded);


  $x_forwarded = @str_pad(dechex($x_f[0]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($x_f[1]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($x_f[2]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($x_f[3]), 2, "0", STR_PAD_LEFT);


  $c_p = explode(".", $client_ip);


  $client_ip = @str_pad(dechex($c_p[0]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($c_p[1]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($c_p[2]), 2, "0", STR_PAD_LEFT).@str_pad(dechex($c_p[3]), 2, "0", STR_PAD_LEFT);


  $r_a = explode(".", $remote_addr);


  $remote_addr = str_pad(dechex($r_a[0]), 2, "0", STR_PAD_LEFT).str_pad(dechex($r_a[1]), 2, "0", STR_PAD_LEFT).str_pad(dechex($r_a[2]), 2, "0", STR_PAD_LEFT).str_pad(dechex($r_a[3]), 2, "0", STR_PAD_LEFT);


  $db->sql_query("DELETE FROM `".$prefix."_bbsessions` WHERE `session_ip`='$x_forwarded' OR `session_ip`='$client_ip' OR `session_ip`='$remote_addr'");


}





function is_excluded($rangeip){


  global $prefix, $db;


  $longip = sprintf("%u", ip2long($rangeip));


  $excludenum = $db->sql_fetchrow($db->sql_query("SELECT * FROM `".$prefix."_nsnst_excluded_ranges` WHERE `ip_lo`<='$longip' AND `ip_hi`>='$longip'"));


  if($excludenum > 0) { return 1; } else { return 0; }


  return 0;


}





function is_protected($rangeip){


  global $prefix, $db;


  $longip = sprintf("%u", ip2long($rangeip));


  $protectnum = $db->sql_fetchrow($db->sql_query("SELECT * FROM `".$prefix."_nsnst_protected_ranges` WHERE `ip_lo`<='$longip' AND `ip_hi`>='$longip'"));


  if($protectnum > 0) { return 1; } else { return 0; }


  return 0;


}





function is_reserved($rangeip) {


  global $db, $prefix;


  $rangelong = sprintf("%u", ip2long($rangeip));


  $rangenum = $db->sql_numrows($db->sql_query("SELECT * FROM `".$prefix."_nsnst_ip2country` WHERE (`ip_lo`<='$rangelong' AND `ip_hi`>='$rangelong') AND `c2c`='01'"));


  if($rangenum > 0) { return 1; } else { return 0; }


  return 0;


}





function abget_blocked($remoteip){


  global $prefix, $db;


  $ip = array();


  $ip = explode(".", $remoteip);


  $ip[0] = (isset($ip[0])) ? intval($ip[0]) : '';


  $ip[1] = (isset($ip[1])) ? intval($ip[1]) : '';


  $ip[2] = (isset($ip[2])) ? intval($ip[2]) : '';


  $ip[3] = (isset($ip[3])) ? intval($ip[3]) : '';


  $testip1 = "$ip[0].*.*.*";


  $testip2 = "$ip[0].$ip[1].*.*";


  $testip3 = "$ip[0].$ip[1].$ip[2].*";


  $testip4 = "$ip[0].$ip[1].$ip[2].$ip[3]";


  $blocked_result = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blocked_ips` WHERE `ip_addr` = '$testip1' OR `ip_addr` = '$testip2' OR `ip_addr` = '$testip3' OR `ip_addr` = '$testip4'");


  $blocked_row = $db->sql_fetchrow($blocked_result);


  return $blocked_row;


}





function abget_blockedrange($remoteip){


  global $prefix, $db;


  $longip = sprintf("%u", ip2long($remoteip));


  $blockedrange_result = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blocked_ranges` WHERE `ip_lo`<='$longip' AND `ip_hi`>='$longip'");


  $blockedrange_row = $db->sql_fetchrow($blockedrange_result);


  return $blockedrange_row;


}





function abget_blocker($blocker_name){


  global $prefix, $db;


  $blockerresult = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blockers` WHERE `block_name`='$blocker_name'");


  $blocker_row = $db->sql_fetchrow($blockerresult);


  return $blocker_row;


}





function abget_blockerrow($reason){


  global $prefix, $db;


  $blockerresult = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_blockers` WHERE `blocker`='$reason'");


  $blocker_row = $db->sql_fetchrow($blockerresult);


  return $blocker_row;


}





function abget_admin($author){


  global $prefix, $db;


  $adminresult = $db->sql_query("SELECT * FROM `".$prefix."_nsnst_admins` WHERE `aid`='$author'");


  $admin_row = $db->sql_fetchrow($adminresult);


  return $admin_row;


}





function abget_configs(){


  global $prefix, $db, $config;


  $configresult = $db->sql_query("SELECT `config_name`, `config_value` FROM `".$prefix."_nsnst_config`");


  while (list($config_name, $config_value) = $db->sql_fetchrow($configresult)) {


    $config[$config_name] = $config_value;


  }


  return $config;


}


function abget_reason($reason_id){


  global $prefix, $db;


  $reasonresult = $db->sql_query("SELECT `reason` FROM `".$prefix."_nsnst_blockers` WHERE `blocker`='$reason_id'");


  list($title_long) = $db->sql_fetchrow($reasonresult);


  $reason_value = $title_long;


  return $reason_value;


}





function write_ban($banip, $htip, $blocker_row) {


  global $ab_config, $nuke_config, $db, $prefix, $user_prefix, $admin, $nsnst_const, $blocker_array;


  $a_aid = '';


  if(isset($_COOKIE['admin']) && !empty($_COOKIE['admin'])) {


    $abadmin = st_clean_string(base64_decode($_COOKIE['admin']));


    if (preg_match(REGEX_UNION, $abadmin)) { block_ip($blocker_array[1]); }


    if (preg_match(REGEX_UNION, base64_decode($abadmin))) { block_ip($blocker_array[1]); }


    $abadmin = explode(":", $abadmin);


    $a_aid = addslashes($abadmin[0]);


  }


  $admin_row = abget_admin($a_aid);


  if((!isset($_COOKIE['admin']) || empty($_COOKIE['admin'])) || $admin_row['protected'] < 1) {


    if(($blocker_row['activate'] > 3 AND $blocker_row['activate'] < 6) OR $blocker_row['activate'] > 7) {


      if($blocker_row['duration'] > 0) {


        $abexpires = $blocker_row['duration'] + $nsnst_const['ban_time'];


      } else {


        $abexpires = 0;


      }


      if(!empty($nsnst_const['query_string']) && $nsnst_const['query_string'] > "") {


        $query_url = $nsnst_const['query_string'];


      } else {


        $query_url = _AB_NOTAVAILABLE;


      }


      if(!empty($nsnst_const['get_string']) && $nsnst_const['get_string'] > "") {


        $get_url = $nsnst_const['get_string'];


      } else {


        $get_url = _AB_NOTAVAILABLE;


      }


      if(!empty($nsnst_const['post_string']) && $nsnst_const['post_string'] > "") {


        $post_url = $nsnst_const['post_string'];


      } else {


        $post_url = _AB_NOTAVAILABLE;


      }


      $addby = _AB_ADDBY." "._AB_NUKESENTINEL;


      $querystring = base64_encode($query_url);


      $getstring = base64_encode($get_url);


      $poststring = base64_encode($post_url);


      $checkrow = $db->sql_numrows($db->sql_query("SELECT * FROM `".$prefix."_nsnst_ip2country`"));


      if($checkrow > 0) {


        list($c2c) = $db->sql_fetchrow($db->sql_query("SELECT `c2c` FROM `".$prefix."_nsnst_ip2country` WHERE `ip_lo`<='".$nsnst_const['remote_long']."' AND `ip_hi`>='".$nsnst_const['remote_long']."'"));


      }


      if(!$c2c) { $c2c = "00"; }


      if(!get_magic_quotes_runtime()) {


        $addby = addslashes($addby);


        $ban_username = addslashes($nsnst_const['ban_username']);


        $user_agent = addslashes($nsnst_const['user_agent']);


      }


      $bantemp = str_replace("*", "0", $banip);


      $banlong = sprintf("%u", ip2long($bantemp));


      $db->sql_query("INSERT INTO `".$prefix."_nsnst_blocked_ips` VALUES ('$banip', '$banlong', '".addslashes($nsnst_const['ban_user_id'])."', '$ban_username', '$user_agent', '".addslashes($nsnst_const['ban_time'])."', '$addby', '".addslashes($blocker_row['blocker'])."', '$querystring', '$getstring', '$poststring', '".addslashes($nsnst_const['forward_ip'])."', '".addslashes($nsnst_const['client_ip'])."', '".addslashes($nsnst_const['remote_addr'])."', '".addslashes($nsnst_const['remote_port'])."', '".addslashes($nsnst_const['request_method'])."', '$abexpires', '$c2c')");


      if(!empty($ab_config['htaccess_path']) AND $blocker_row['htaccess'] > 0 AND file_exists($ab_config['htaccess_path'])) {


        $ipfile = file($ab_config['htaccess_path']);


        $ipfile = implode("", $ipfile);


        if(!stristr($ipfile, $htip)) {


          $doit = @fopen($ab_config['htaccess_path'], "a");


          @fwrite($doit, $htip);


          @fclose($doit);


        }


      }


    }


  }


}


function write_mail($banip, $blocker_row, $abmatch="") {


  global $ab_config, $nuke_config, $db, $prefix, $user_prefix, $nsnst_const;


  if($blocker_row['activate'] > 0 AND $blocker_row['activate'] < 6) {


    $admincontact = explode("\r\n", $ab_config['admin_contact']);


    if(!empty($nsnst_const['query_string']) && $nsnst_const['query_string'] > "") {


      $query_url = $nsnst_const['query_string'];


    } else {


      $query_url = _AB_NOTAVAILABLE;


    }


    if(!empty($nsnst_const['get_string']) && $nsnst_const['get_string'] > "") {


      $get_url = $nsnst_const['get_string'];


    } else {


      $get_url = _AB_NOTAVAILABLE;


    }


    if(!empty($nsnst_const['post_string']) && $nsnst_const['post_string'] > "") {


      $post_url = $nsnst_const['post_string'];


    } else {


      $post_url = _AB_NOTAVAILABLE;


    }


    $subject = _AB_BLOCKEDFROM." ".$banip;


    $message  = _AB_CREATEDBY.": "._AB_NUKESENTINEL." ".$ab_config['version_number']."\n";


    $message .= _AB_DATETIME.": ".date("Y-m-d H:i:s T \G\M\T O",$nsnst_const['ban_time'])."\n";


    $message .= _AB_IPBLOCKED.": ".$banip."\n";


    $message .= _AB_USERID.": ".$nsnst_const['ban_username']." (".$nsnst_const['ban_user_id'].")\n";


    $message .= _AB_REASON.": ".$blocker_row['reason']."\n";


    if($abmatch != "") { $message .= _AB_MATCH.": ".$abmatch."\n"; }


    $message .= "--------------------\n";


    $message .= _AB_REFERER.": ".$nsnst_const['referer']."\n";


    $message .= _AB_USERAGENT.": ".$nsnst_const['user_agent']."\n";


    $message .= _AB_HTTPHOST.": ".$nsnst_const['http_host']."\n";


    $message .= _AB_SCRIPTNAME.": ".$nsnst_const['script_name']."\n";


    $message .= _AB_QUERY.": ".$query_url."\n";


    $message .= _AB_GET.": ".$get_url."\n";


    $message .= _AB_POST.": ".$post_url."\n";


    $message .= _AB_X_FORWARDED.": ".$nsnst_const['forward_ip']."\n";


    $message .= _AB_CLIENT_IP.": ".$nsnst_const['client_ip']."\n";


    $message .= _AB_REMOTE_ADDR.": ".$nsnst_const['remote_addr']."\n";


    $message .= _AB_REMOTE_PORT.": ".$nsnst_const['remote_port']."\n";


    $message .= _AB_REQUEST_METHOD.": ".$nsnst_const['request_method']."\n";


    if($blocker_row['email_lookup'] == 1) {


      $message .= "--------------------\n"._AB_WHOISFOR."\n";


      // Copyright 2004(c) Raven PHP Scripts


      $msg = '';


      if(!@file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$nsnst_const['remote_ip'])) {


        $msg = ('Unable to query WhoIs information for '.$nsnst_const['remote_ip'].'.');


      } else {


        $data = @file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput=".$nsnst_const['remote_ip']);


        $data = explode('Search results for: ',$data);


        $data = @explode('#',$data[1]);


        $data = explode('(NET-',strip_tags($data[0]));


        if(@empty($data[1])) $msg .= $data[0];


        else {


          $data = explode(')',$data[1]);


          if(!@file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput="."!%20NET-".strip_tags($data[0]))) {


            $data = 'Unable to query WhoIs information for '.strip_tags($data[0]).'.';


          } else {


            $data = @file_get_content
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 8.1


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©