NukeSentinel 2.5.04 issue with includes/nukesentinel.php

Posted: Sat Dec 23, 2006 12:57 pm

I just ugrade my test system from 2.5.03 to 2.5.04. The upgrade went smoothly, but I found an issue on the NukeSentinel Admin screen after running nsnst.php.

The following appears in the middle of the screen...

Code:

Warning: base64_decode() expects parameter 1 to be string, array given in /home/doulos/public_html/includes/nukesentinel.php on line 972


Admin Auth List 


 


Warning: base64_decode() expects parameter 1 to be string, array given in /home/doulos/public_html/includes/nukesentinel.php on line 972


Scan for New Admins 


 


Warning: base64_decode() expects parameter 1 to be string, array given in /home/doulos/public_html/includes/nukesentinel.php on line 972


Database Maintenance

I looked at the code around 972, and find this:

Code:

function is_god($axadmin) {


  global $db, $prefix, $aname;


  $tmpadm = base64_decode($axadmin);


  $tmpadm = explode(":", $tmpadm);


  $aname = $tmpadm[0];


  $apwd = $tmpadm[1];


  if(!empty($aname) AND !empty($apwd)) {


    $aname = trim($aname);


    $apwd = trim($apwd);


    $admrow = $db->sql_fetchrow($db->sql_query("SELECT * FROM `".$prefix."_authors` WHERE `aid`='$aname'"));


    //if((strtolower($admrow['name']) == "god" OR $admrow['radminsuper'] == 1) AND $admrow['pwd']==$apwd) { return 1; }


    if(strtolower($admrow['name']) == "god" AND $admrow['pwd']==$apwd) { return 1; }


  }


  return 0;


}

When I changed the function to be similar to is_admin in mainfile.php, it works. Here is my changed code:

Code:

function is_god($axadmin) {


  global $db, $prefix, $aname;


//  Replace with is_admin type if statement.


//  $tmpadm = base64_decode($axadmin);


//  $tmpadm = explode(":", $tmpadm);


//   $aname = $tmpadm[0];


//    $apwd = $tmpadm[1];


  if (!is_array($axadmin)) {


     $tmpadm = base64_decode($axadmin);


    $tmpadm = addslashes($tmpadm);


     $tmpadm = explode(":", $tmpadm);


   $aname = $tmpadm[0];


     $apwd = $tmpadm[1];


  } else {


   $aname = $axadmin[0];


     $apwd = $axadmin[1];


  }


  if(!empty($aname) AND !empty($apwd)) {


    $aname = trim($aname);


    $apwd = trim($apwd);


    $admrow = $db->sql_fetchrow($db->sql_query("SELECT * FROM `".$prefix."_authors` WHERE `aid`='$aname'"));


    //if((strtolower($admrow['name']) == "god" OR $admrow['radminsuper'] == 1) AND $admrow['pwd']==$apwd) { return 1; }


    if(strtolower($admrow['name']) == "god" AND $admrow['pwd']==$apwd) { return 1; }


  }


  return 0;


}

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

Haven't tried the new version yet, but we should notify Bob.

Posted: Sat Dec 23, 2006 10:09 pm

OK. How? Where?

Posted: Sat Dec 23, 2006 10:14 pm

Just did so. Thanks...

registered · Posted: Sun Dec 24, 2006 1:56 am

Strage, it hasn't popped that warning up at me. What's even stranger is that has been coded like that since 2.4.2pl7. I will dive in right after X-Mas on it.

Posted: Sun Jan 14, 2007 1:11 pm

Any ideas as to why this happened?

Posted: Sat Mar 03, 2007 3:46 pm

I'll ensure this goes into 2.5.07 as it completely slipped my mind for 2.5.06 Sad

Posted: Sat Mar 03, 2007 4:16 pm

Nobody reported ever such an issue. I´ve checked all my upgrades and couldn´t find nothing special in NukeSentinel Admin. However, I have still a 3.2b 7.6 website I´ll check what I´ll find there after upgrade NukeSentinel.