certain words can't be sent in pm or posts please help

Regular Joined: Nov 28, 2005 Posts: 92 Location: UK

hi all,
can someone help please with a problem i'm having with sending certain words when placed in a sentence, but can be sent on it's own in pm or post!

example i and other users can send the word "union" on it's own

but

when sent as i do not live in the european union countries (in a pm)

then when you click submit the system returns you to the homepage !!!!!

is it linked to sentinel security blocker config on union attacks blocker etc

thanks in advance

B2Z

Posted: Tue Mar 06, 2007 7:16 am

I think if you do a search in the forums here you may find an answer, as this has been discussed before.

What version of Sentinel are you using?

Posted: Tue Mar 06, 2007 7:22 am

thanks for the fast reply,

version: NukeSentinel(tm) 2.5.05: Enabled:

TIA
B2Z

Posted: Tue Mar 06, 2007 7:25 am

can you give me a clue as what search criteria i should use?

tia

B2Z

Posted: Tue Mar 06, 2007 7:38 am

Try this patch by fkelly: http://www.ravenphpscripts.com/posts11081-highlight-.html

Posted: Tue Mar 06, 2007 8:09 am

was just coming back to say i found this lol

http://www.ravenphpscripts.com/posts11081-highlight-.html

thanks already altered and works fine

ta
B2Z

registered · Posted: Tue Mar 06, 2007 8:12 am

I had this problem, and it wasn't Nuke Sentinel. It was PHP-Nuke 7.9. It had it's own logic in mainfile.php that if it detected union, alert, http-equiv, and maybe something else, it would just throw you to the index.php page. Please see this thread:

http://www.ravenphpscripts.com/postt11069.html

If you have that logic, I suggest removing it.

What version of Nuke are you using?

Posted: Tue Mar 06, 2007 8:17 am

Looks like both threads came to similar conclusions.

Posted: Tue Mar 06, 2007 10:45 am

Quote:

Looks like both threads came to similar conclusions.

Yep, and that whole set of logic has been removed from mainfile in 2.10.

Posted: Tue Mar 06, 2007 11:26 am

hi all,

so sorry to ask but relating to post http://www.ravenphpscripts.com/posts11081-highlight-.html

is it still ok or do i now need to alter it again? as i can post the union now!

TIA
B2Z

Posted: Tue Mar 06, 2007 4:51 pm

If you can post it then I'd leave it alone. Just get 2.10 when it's available and the problem will really be taken care of without having to go in and hack code (lol, we did it for you).

Posted: Tue Mar 06, 2007 6:18 pm

ok cheers
B2Z

Hangin' Around Joined: Oct 17, 2006 Posts: 25

i have nuke 7,9 patched3.2 and followed the patching instruction for mainfile.php
using NS 5.2 05 version but still have this problem remain .. ????

all the work like union arlert .. is can not post in the forums but can post in the news article ...
any help????

Posted: Wed Apr 04, 2007 5:55 am

Have you carried out the fixes in the posts posted above?

Posted: Wed Apr 04, 2007 6:06 am

but as the posts of posted to fix that problem .. the solution is VS the instruction of the nuke NS
i have really code exact as the posts of posted above in the code .. then when install the NS .. flow instructions .. i have comment out all of that codes ( as i think the NS really make to cover this securitis issuse so the some code in the mainfile.php is not nessesery any more ) ..
please suggestion..
what i need to do??
ignoge the NS instruction installation then enable those code above ???
( then use post here http://www.ravenphpscripts.com/posts11081-highlight-.html )..

what i need to do??
thank for any help..!!

Posted: Wed Apr 04, 2007 6:54 am

Hi, I'm having trouble understanding you, but...

You need to comment out or remove the code in PHP-Nuke 7.9's mainfile.php that checks for union, alert, http-equiv, etc as outlined in this thread:

http://www.ravenphpscripts.com/postt11069.html

I see you have already posted on that thread. Did you comment out that code?

Posted: Wed Apr 04, 2007 7:07 am

yes.. i did exact as the NS tell me to..
have comented out both of the code on the thread you mentions

my code now look like this

Code:







$postString = "";


foreach ($_POST as $postkey => $postvalue) {


    if ($postString > "") {


     $postString .= "&".$postkey."=".$postvalue;


    } else {


     $postString .= $postkey."=".$postvalue;


    }


}


str_replace("%09", "%20", $postString);


$postString_64 = base64_decode($postString);


if ((!is_admin($admin)) AND (stristr($postString,'%20union%20')) OR (stristr($postString,'*/union/*')) OR (stristr($postString,' union ')) OR (stristr($postString_64,'%20union%20')) OR (stristr($postString_64,'*/union/*')) OR (stristr($postString_64,' union ')) OR (stristr($postString_64,'+union+')) OR (stristr($postString,'http-equiv')) OR (stristr($postString_64,'http-equiv')) OR (stristr($postString,'alert(')) OR (stristr($postString_64,'alert('))) {


header("Location: index.php");


die();


}








/*


// Additional security (Union, CLike, XSS)


if(!file_exists('includes/nukesentinel.php')) {


  //Union Tap


  //Copyright Zhen-Xjell 2004 http://nukecops.com


  //Beta 3 Code to prevent UNION SQL Injections


  unset($matches);


  unset($loc);


  if(isset($_SERVER['QUERY_STRING'])) {


    if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER['QUERY_STRING']), $matches)) {


      die('Illegal Operation');


    }


  }


*/


//  if((!is_admin($admin)) AND (isset($_SERVER['QUERY_STRING'])) AND (!stristr($_SERVER['QUERY_STRING'], "ad_click"))) {


//    $queryString = $_SERVER['QUERY_STRING'];


//    if ((stristr($queryString,'%20union%20')) OR (stristr($queryString,'/*')) OR (stristr($queryString,'*/union/*')) OR (stristr($queryString,'c2nyaxb0')) OR (stristr($queryString,'+union+')) OR (stristr($queryString,'http://')) OR ((stristr($queryString,'cmd=')) AND (!stristr($queryString,'&cmd'))) OR ((stristr($queryString,'exec')) AND (!stristr($queryString,'execu'))) OR (stristr($queryString,'concat'))) {


//      die('Illegal Operation');


//    }


//  }


//}

so all the securities of union attach to similar type is depend on the NS ..

what i need to do to help user can post the posts with can have words like " union " " arlert " like this forums here ..??
thank for any infor ..

Posted: Wed Apr 04, 2007 7:28 am

You still haven't commented out all the code.

Comment out or remove this also:

Code:




$postString = ""; 


foreach ($_POST as $postkey => $postvalue) { 


    if ($postString > "") { 


     $postString .= "&".$postkey."=".$postvalue; 


    } else { 


     $postString .= $postkey."=".$postvalue; 


    } 


} 


str_replace("%09", "%20", $postString); 


$postString_64 = base64_decode($postString); 


if ((!is_admin($admin)) AND (stristr($postString,'%20union%20')) OR (stristr($postString,'*/union/*')) OR (stristr($postString,' union ')) OR (stristr($postString_64,'%20union%20')) OR (stristr($postString_64,'*/union/*')) OR (stristr($postString_64,' union ')) OR (stristr($postString_64,'+union+')) OR (stristr($postString,'http-equiv')) OR (stristr($postString_64,'http-equiv')) OR (stristr($postString,'alert(')) OR (stristr($postString_64,'alert('))) { 


header("Location: index.php"); 


die(); 


}

Posted: Wed Apr 04, 2007 7:30 am

i i have just folow the second post of the thread you mention.. to wrap the code
( just copy and past to the mainfile )

and then commented out all the code i just post last post here...

now i can post the words like " union arlert " in the forums .. but not make sure that security .. by that way not mention to comment out in the NS .. have you got any way to test that secure ..

thannks

Posted: Wed Apr 04, 2007 8:14 am

Again, I'm having trouble understanding you...sorry...but if you have NukeSentinel it will protect you far better than that code in mainfile.php that you removed.

Posted: Wed Apr 04, 2007 8:02 pm

sorry my explained ..

Quote:

but if you have NukeSentinel it will protect you far better than that code in mainfile.php that you removed.

so now i know .. the NS is better replacement of the code we talk above to removed..
thanks anyway.. i feel great now Smile

---- mysign -
to entertain you ->> thousands colections of clip over internet -> *http://www.tv.xaluan.com