Encoding problem

Involved Joined: Dec 28, 2003 Posts: 276 Location: Israel

I was trying to create an Hebrew god account with the same as username.
Everytime I try to login with the Hebrew god account I get "Begone", while I can login with my Hebrew username with no problem.

Anyway, I've changed the god account to an English one - and it works perfectly.

Also, when changing the site's name to an Hebrew one under Administration -> configuration - I get questions mark instead of the Hebrew name.

For all I know, I've changed the encoding to the correct one: windows-1255 like this "<META http-equiv=Content-Type content="text/html; charset=windows-1255">", and still...

Any idea what am I doing wrong?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Here again, basic nuke Wink

In admin.php you have this code
if (isset($aid) && (ereg("[^a-zA-Z0-9_-]",trim($aid)))) {
die("Begone");
}

Those are the only characters allowed in the admin name. You will need to modify those for Hebrew character acceptance.

The ?? do appear to be a charset issue although I can't be sure w/o more exploration. I'll leave that one up to you Smile

Posted: Sun Dec 04, 2005 4:39 am

Raven wrote:

Here again, basic nuke Wink

In admin.php you have this code
if (isset($aid) && (ereg("[^a-zA-Z0-9_-]",trim($aid)))) {
die("Begone");
}

Those are the only characters allowed in the admin name. You will need to modify those for Hebrew character acceptance.

So I'm not THAT rusty!
I did change the admin to that:

Code:

        if (isset($aid) && (ereg("[^a-zA-Zא-ת0-9_-]",trim($aid)))) {


           die("Begone");


        }

And still no go...

I'll try again, though...

Raven wrote:

The ?? do appear to be a charset issue although I can't be sure w/o more exploration. I'll leave that one up to you Smile

Gee... same as above only in mainfile.php ? I think I've changed this one as well. checking reverting...

Posted: Sun Dec 04, 2005 4:48 am

Quote:

I'll try again, though...

yet no go...

registered · Posted: Sun Dec 04, 2005 8:11 am

ring_c, I hope you don't mind, but you had a duplicate topic posted. I checked the verbiage and it was identical. So, I removed the earlier (by less than 2 minutes) topic/post. Regards, montego

Posted: Sun Dec 04, 2005 8:17 am

Quote:

ring_c, I hope you don't mind, but you had a duplicate topic posted. I checked the verbiage and it was identical. So, I removed the earlier (by less than 2 minutes) topic/post. Regards, montego

Oh, did I? Sorry for that...

Posted: Mon Feb 27, 2006 4:51 am

I'm sorry to raise this issue again, but I still experience this issue.
I have to admit I've announced a defeat with distro 1.x but now i've tried reinstalling the latest 2.02 distro, and same issue again.
I've changed the admin.php as was told by raven, and yet I get the Begone message. Sad

Posted: Mon Feb 27, 2006 7:43 am

Maybe check this thread too to see if it offers a solution:

http://www.ravenphpscripts.com/postp61008.html#61008

Posted: Mon Feb 27, 2006 9:39 am

Couldn't find any help in that thread. Sad

Posted: Mon Feb 27, 2006 9:59 am

So you tried urlencoding the username?

Posted: Tue Feb 28, 2006 12:58 am

Raven wrote:

So you tried urlencoding the username?

Yes, Indeed. After the change, I've deleted my god user and recreated via the web, and still the Begone message appears... Sad

Posted: Tue Feb 28, 2006 11:47 pm

So, out of ideas? Sad

Posted: Wed Mar 01, 2006 8:31 am

What is the exact username (adminname) you are trying to use? I want to try to replicate this issue. Thanks.

Posted: Wed Mar 08, 2006 6:16 am

ring_c?

Posted: Thu Mar 09, 2006 1:38 am

I'm so sorry!!! Haven't I reply to that one? Really sorry for that, Raven/montego.
The exact name is דתי_ברשת. The name is stored in the table as ãúé_áøùú (these are non-Hebrew characters, if you're wondering) for some weird reason.

If you have any problem seeing the Hebrew characters, tell me and I'll capture it as a gif.

Again, I'm very sorry for the late reply. I was certain I've answered it already.
montego, thanks for the reminder!

Posted: Thu Mar 09, 2006 1:52 am

Have you tried this?

Edit admin.php
if (isset($aid) && (ereg("[^a-zA-Z0-9_-&#1491;&#1514;&#1497;_&#1489;&#1512;&#1513;&#1514;]",trim($aid)))) {
die("Begone");
}

In place of the & just use a plain &

Posted: Thu Mar 09, 2006 2:21 am

Nope. I'll try. thanks!

Posted: Sun Mar 12, 2006 7:36 am

Raven wrote:

Have you tried this?

Edit admin.php
if (isset($aid) && (ereg("[^a-zA-Z0-9_-&#1491;&#1514;&#1497;_&#1489;&#1512;&#1513;&#1514;]",trim($aid)))) {
die("Begone");
}

In place of the & just use a plain &

Sorry, Raven, but I couldn't find anything alike your code n admin.php.
This is my admin.php's login function:

Code:

function login() {


    include ("header.php");


    mt_srand ((double)microtime()*1000000);


    $maxran = 1000000;


    $random_num = mt_rand(0, $maxran);


    OpenTable();


    echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";


    CloseTable();


    echo "<br>";


    OpenTable();


    echo "<form action=\"admin.php\" method=\"post\">"


        ."<table border=\"0\">"


   ."<tr><td>"._ADMINID."</td>"


   ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"


   ."<tr><td>"._PASSWORD."</td>"


   ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";


    if (0) {


   echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&amp;random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"


       ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";


    }


    echo "<tr><td>"


   ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"


   ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"


   ."<input type=\"submit\" VALUE=\""._LOGIN."\">"


   ."</td></tr></table>"


   ."</form>";


    CloseTable();


    include ("footer.php");


}

Posted: Sun Mar 12, 2006 7:56 am

Why are you looking in function login? This is the same piece of code we have been working with all along. Check the second post above and modify that code to

if (isset($aid) && (ereg("[^a-zA-Z0-9_-&#1491;&#1514;&#1497;_&#1489;&#1512;&#1513;&#1514;]",trim($aid)))) {
die("Begone");
}

In place of the & just use a plain &

Posted: Sun Mar 12, 2006 8:12 am

Oh, d***! I'm so clumsy! I was working on my current site's files, instead of the new ones... sorry for that!

Anyway, it seems to work great, thanks!
One question, though, what are all the codes I have to add to the admin/user logins?

PS: I didn't use to have those issues with v6.7 - how come?

Posted: Sun Mar 12, 2006 8:16 am

They are the html entities for the characters you need. What is messing you up are the noble, but erred, approaches to cleansing 'input'. This was the simplest solution, for now, until some core code gets corrected/rewritten.

Posted: Sun Mar 12, 2006 8:24 am

So, should I continue updating/building the site, or should I better yet just wait for a newer version (of RavenNuke?) with a fix?

Posted: Sun Mar 12, 2006 8:27 am

PS: Doesn't this issue happen with other languages?!

Posted: Sun Mar 12, 2006 8:47 am

It's not a RavenNuke issue. It's a v7.6 issue afaict. I don't know about the other languages. I am not looking at this as a bug in RavenNuke at the moment. It's on a higher level. We will log it as an issue but I don't expect to fix it in v2.02.02.

Posted: Sun Mar 12, 2006 8:54 am

Ok, so I'm being left with my v6.7 Sad