| Author |
Message |
dxgame
New Member
Joined: Jul 08, 2006
Posts: 4
|
 Posted:
Sat Jul 08, 2006 6:21 pm |
|
Since I have a custom name for admin.php created by Nuke Sentinal, I cannot access to admin controls for the Donations 2006 module.
When I click on the Admin Control Panel icon "Treasury" that leads to the setup of the module, I get an not found error. If I sub the custom admin.php name I get a Access Denied error.
Any ideas where to go to change the path to access the module setup features using my renamed admin.php? Looks like all refs in the code refer to admin.php as opposed to admin_file
Note: this issue also also keeps my Admin block from working.
All of my other icons in Admin control Panel work fine.
Using RavenNuke76_v2.02.00
Thanks |
| |
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6437
|
| Posted:
Sat Jul 08, 2006 8:28 pm |
|
Welcome. Where did you get the Donations 2006 module? Just curious as it has been around for several years.
Most likely, there is a check in the admin program for NukeTreasury that checks to see if admin.php is in the URL and generates the access denied message if it isn't. You'll need to replace that with updated logic that uses the admin file variable, instead of the hard-coded admin.php.
We can add some checks in RN to help the admin block work in a future release. But I'd suggest using HTTP Admin Authentication, which provides sufficient protection against XSS attacks (which is why you want to rename the admin.php file). |
_________________
I search, therefore I exist...
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
dxgame
|
| Posted:
Sat Jul 08, 2006 8:45 pm |
|
Oh jeez..
Im pretty sure I got it at codewiz. Nope, I got it here.
Im not ssure what HTTP Admin Authentication is. Im not exaclty that great at this stuff. |
| |
|
|
|
|
kguske
|
| Posted:
Sat Jul 08, 2006 8:56 pm |
|
Look at the NukeSentinel manual on this site to learn more about HTTP Admin Authentication.
Also, I checked the RN 2.10 package I'm testing, and I didn't see hard-coded references to the admin.php file, nor could I find references in the RN bug tracker.
As for the Telli / Codezwiz version, I haven't looked at that. I'll take a look. |
| |
|
|
|
|
kguske
|
| Posted:
Sat Jul 08, 2006 9:05 pm |
|
If you mean the CZ Donations module, I can't download without making a donation (and it appears to include some changes very similar to the ones I developed and are available for free on http://sassasys.com). I love Telli's work, but just can't justify paying for something I already developed. |
| |
|
|
|
|
dxgame
|
| Posted:
Sat Jul 08, 2006 9:13 pm |
|
Hey thanks.
Ill give that one a try..
No, I downloaded it here. Nuke Treasury V1.1.1 US and UK.
I like the CZ stuff too, but have the same opinion. |
| |
|
|
|
|
dxgame
|
| Posted:
Sat Jul 08, 2006 9:26 pm |
|
Well I thought I had it.
I seem to remember sentinal telling me I could delete the admin.php file after I created the custom one. I put a admin.php back in root and I was able to access the treasury CP. However, I still cant access the config button, nor can I edit/delete any of the current values. I get an access denied error..
Grrr.
woot!
Got it kind of..
I can now edit the URL to the name of the custom admin.php name and get to where Im going. Ill have to make sure everything works right, but itll do I guess..
Any other ideas on getting this going without having to edit the url would be great..
I checked out the Sentinal manual and didnt see anything on HTTP Admin auth..
Added:
Well I can access the menus now, but it wont save any changes made. I hit submit and it drops me back to the access denied error, and the url goes straight to admin.php.
Nutz.. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
