You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 272 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Users getting banned when submitting [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

Users getting banned when submitting
 
This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies.printer-friendly view Nuke Cops Forum Index » Admin Secure
View previous topic Log in to check your private messages View next topic
Author Message
OCSupertones
Lieutenant
Lieutenant


Joined: Jan 20, 2004
Posts: 213
PostPosted: Fri Jul 23, 2004 4:37 pm Reply with quoteBack to top
I have users getting banned when they submit news. Also, I have a user getting banned when he tries to add content (he is an admin).

The script thinks they are inserting an SQL...but they are not...I thought it might be a hidden character in the text, but it is not.

Any suggestions?

Here is two examples of the email I get:

Code:
Date: 23 July 2004, 17:34
- IP Address: 152.163.253.6
- Host: cache-rm06.proxy.aol.com
- User-agent: Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows 98; Win 9x 4.90)
- Referrer: http://www.afterhim.com/admin.php?op=content_edit&pid=81
- Request: /admin.php
- Variable: $text = Looking back...text...text


Code:
- Date: 15 July 2004, 14:52
- IP Address: 69.47.87.27
- Host: d47-69-27-87.try.wideopenwest.com
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8
- Referrer: http://www.afterhim.com/submit.html
- Request: /submit.html
- Variable: $story = God has been known as the Great Physician...text...text

_________________
Free advertising for your website, free info here.

Join Here.
Find all posts by OCSupertonesView user's profileSend private messageVisit poster's website
Raptor1
Sergeant
Sergeant


Joined: Oct 06, 2003
Posts: 85

Location: Conway SC
PostPosted: Fri Jul 23, 2004 7:14 pm Reply with quoteBack to top
I may be wrong but looks likte the 1st one was a attempt to edit a admin from within your admin panel or they used html codes in the sig.
2nd do you have Admin Secure to block/ban html codes if so thats waht happened.
I have this set on my site and no1 can add [img] [/img] to anything along with many other html tags. I'm new to this stuff so if I am wrong sorry. Holla!!!

_________________
Knowledge is not gained by just learning, but by teaching those that do not understand. Learning is something we all do without knowing, while gaining knowledge to understand. Wisdom is reserved for others, not you. Understand?
Find all posts by Raptor1View user's profileSend private messageSend e-mailVisit poster's websiteAIM AddressYahoo MessengerMSN MessengerICQ Number
OCSupertones
Lieutenant
Lieutenant


Joined: Jan 20, 2004
Posts: 213
PostPosted: Sat Jul 24, 2004 9:38 am Reply with quoteBack to top
The content section, and news section do not pull the signature. They were trying to add news and add content when the ban happened.

_________________
Free advertising for your website, free info here.

Join Here.
Find all posts by OCSupertonesView user's profileSend private messageVisit poster's website
madman
Support Mod
Support Mod


Joined: Feb 15, 2004
Posts: 806
PostPosted: Sat Jul 24, 2004 10:20 am Reply with quoteBack to top
You can disable "Filtering HTML Tags" option in Admin Secure configuration. For more secure, set "Filter Proofing" to "All Administrators" so all your admins won't be blocked due of editing submitted news articles.

There is an alternative for "Submit News" module replacement, where people can writes and submit article using bbcode instead of html tags. Once I found is in pitcher.no website (nice submit news module, though).

_________________
I'm Image
Find all posts by madmanView user's profileSend private messageVisit poster's websiteYahoo MessengerMSN Messenger
OCSupertones
Lieutenant
Lieutenant


Joined: Jan 20, 2004
Posts: 213
PostPosted: Wed Jul 28, 2004 1:57 pm Reply with quoteBack to top
Thanks madman,

I did that, hopefully it will work.

Brandon

_________________
Free advertising for your website, free info here.

Join Here.
Find all posts by OCSupertonesView user's profileSend private messageVisit poster's website
Display posts from previous:      
This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies.printer-friendly view Nuke Cops Forum Index » Admin Secure
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.220 Seconds - 390 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::