Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> CNB Your Account
Author Message
slappy
New Member
New Member



Joined: May 28, 2006
Posts: 23

PostPosted: Sat Jun 24, 2006 11:50 pm Reply with quote

Hi,

I'm haveing a strange issue, and I don't know if I've been hacked or what. Maybe someone here can explane whats going on.

When I'm logged in as an admin, and I view a users information via: [ Only registered users can see links on this board! Get registered or login! ]

, It shows the last user IP as my IP address. In our database, in the nuke_users table 2nd colum from the end, I am no longer getting IP addresses saved. They are showing up as zero. There are users who have IP addresses instead of zeros, but they are users who created accounts months ago. The last 15 users are not showing last IP address information other than zero. I am thinking that this started happening after I installed CNBYA, but I could be wrong because I just noticed it about a week ago. (Many weeks after installing CNBYA)

Does anyone know if installing CNBYA could have affected the last user IP address?

Is it a bug, or have I been hacked?

Server Info:
Website: [ Only registered users can see links on this board! Get registered or login! ]
PHP-NUKE v7.6 / patched 1.3
Apache2Triad version 1.4.4
Apache version 2.0.55
MySQL version 4.0.26
PHP version 4.4.2
CNB Your Account version 4.4.0

Thanks,
Slappy
 
View user's profile Send private message
gregexp
The Mouse Is Extension Of Arm



Joined: Feb 21, 2006
Posts: 1497
Location: In front of a screen....HELP! lol

PostPosted: Sun Jun 25, 2006 1:13 am Reply with quote

ive seen this on others site..but it had sentinel installed and tracked ips listed...and in sentinels tracked ips it was correct but in your_accunt it wasnt.

its definitley a weird issue but never resolved.

_________________
For those who stand shall NEVER fall and those who fall shall RISE once more!! 
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
slappy







PostPosted: Sun Jun 25, 2006 2:14 am Reply with quote

Hmm,

Well, I have looked over the index.php of the CNBYA and the origional index.php that is default with Nuke, and I am seeing several differances in the area's where last_ip is written. In the origional file last_ip is written in 4 different places.

Here are the first 3:
Code:


if (is_admin($admin)) {
       echo "<br>";
          OpenTable2();
          if ($userinfo['last_ip'] != 0) {
              echo "<center>"._LASTIP." <b>".$userinfo['last_ip']."</b><br><br>";
           echo "[ <a href='".$admin_file.".php?op=ipban&amp;ip=".$userinfo['last_ip']."'>"._BANTHIS."</a> | <a href=\"".$admin_file.".php?op=modifyUser&amp;chng_uid=".$userinfo['username']."\">"._EDITUSER."</a> ]</center>";
          } else {
           echo "<center>[ <a href=\"".$admin_file.".php?op=modifyUser&amp;chng_uid=".$userinfo['username']."\">"._EDITUSER."</a> ]</center>";
       }

And then here:
Code:


docookie($setinfo['user_id'], $username, $new_pass, $setinfo['storynum'], $setinfo['umode'], $setinfo['uorder'], $setinfo['thold'], $setinfo['noscore'], $setinfo['ublockon'], $setinfo['theme'], $setinfo['commentmax']);
       $uname = $_SERVER['REMOTE_ADDR'];
       $db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$uname' AND guest='1'");
          $db->sql_query("UPDATE ".$prefix."_users SET last_ip='$uname' WHERE username='$username'");
   }


In the CNBYA index.php file, last_ip is only written once:

Code:


docookie($setinfo['user_id'], $username, $new_pass, $setinfo['storynum'], $setinfo['umode'], $setinfo['uorder'], $setinfo['thold'], $setinfo['noscore'], $setinfo['ublockon'], $setinfo['theme'], $setinfo['commentmax']);
       $uname = $_SERVER['REMOTE_ADDR'];
       $db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$uname' AND guest='1'");
          $db->sql_query("UPDATE ".$prefix."_users SET last_ip='$uname' WHERE username='$username'");
   }


I am not that great with code, so if someone could look this over and lend a hand. I am pretty sure that last_ip address's were being saved, and if the index.php of the origional Your_account is responsible for doing this function, then theres gotta be a way to incorporate the origional code into the new CNBYA index.php.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> CNB Your Account

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©