| Author |
Message |
bauhaus6970
Nuke Cadet
Joined: Feb 05, 2004
Posts: 1
|
 Posted:
Thu Feb 05, 2004 4:42 am |
  |
1) Nukecops should set up a default install of PHPNuke 6.5 and the latest release.
2) People should be invited to test security issues on those default installs.
3) First person to find security holes and report them responsibly should be rewarded in some way.
Basically a competiton for 'white hat' hackers.
I think this a lot better way forward than taking direct action against FB to make him listen. |
|
|
   |
|
djmaze
Captain
Joined: Nov 29, 2003
Posts: 566
Location: Netherlands
|
| Posted:
Thu Feb 05, 2004 1:20 pm |
|
It's a damn pain in the arse to fix the bugs over and over again in each new PHP-Nuke release.
It's better to check what FB has changed and then merge that into the old one, cos that is faster.
I don't like the points system so i stick to my heavily secured Nuke, it even has a speed increase with about 300%. |
_________________
Famous people never give their signature 
http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please  |
|
 |
|
PoC2
Corporal
Joined: Jul 18, 2003
Posts: 61
|
| Posted:
Fri Feb 06, 2004 12:38 pm |
|
How did you manage the acceleration?
BTW, good work on Protector, appreciated. |
|
|
|
|
djmaze
Captain
Joined: Nov 29, 2003
Posts: 566
Location: Netherlands
|
| Posted:
Fri Feb 06, 2004 4:00 pm |
|
The speedup is mostly realised by decreasing the SQL queries.
I modified the mysql.php to generate a list queries of the page and echo that list in the footer.
Then i noticed a few things like:
30x SELECT user_password FROM nuke_users WHERE user_id='$uid'
10x SELECT * FROM nuke_users WHERE username='$user1[1]' AND user_password='$user1[2]'
8x SELECT pwd FROM nuke_authors WHERE aid='$aid'
The function in order:
is_user()
getusrinfo()
is_admin()
I just changed those functions to only 1 call to DB because why ask 30x is_user() when it has been asked already ?
So for example i did this:
| Code: |
function is_user($user) {
global $prefix, $db, $user_prefix;
if (!$user) { return 0; }
if(!is_array($user)) {
$user1 = base64_decode($user);
$user1 = explode(":", $user1);
$uid = "$user1[0]";
$pwd = "$user1[2]";
} else {
$uid = "$user[0]";
$pwd = "$user[2]";
}
if (defined("isuser")) {
if (isuser == $pwd) {
return 1;
}
}
$uid = addslashes($uid);
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row['user_password'];
if($pass == $pwd && $pass != "") {
define("isuser", $pwd);
return 1;
}
}
return 0;
} |
explain:
define("isuser", $pwd); if it's a user set a define with his encrypted password, because defines can't be edited and are available all over the place.
if (defined("isuser")) { Check if define exists due to a previous call
if (isuser == $pwd) { return 1; Ok the define matches the cookie password and it should be ok so return, no need to check the pwd against the database cos it's in the define.
Well you can figure out the rest or just download mainfile.php from the CPG-Nuke source.
Note: I even managed to decrease the SQL queries from 180 to 13 on a few occasions |
_________________
Famous people never give their signature
http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please |
|
|
|
PoC2
Corporal
Joined: Jul 18, 2003
Posts: 61
|
| Posted:
Sat Feb 07, 2004 5:50 am |
|
This would suggest FB's code could be a lot tighter and cleaner.
Of course the usual thing is, like Microsoft, people follow the big names even if they're bad because they believe they will have large and on-going support.
Would it be a good idea to work with NukeCops to produce a super version of PHPNuke? I'm guessing NC has the big support. |
|
|
|
|
djmaze
Captain
Joined: Nov 29, 2003
Posts: 566
Location: Netherlands
|
| Posted:
Sat Feb 07, 2004 9:15 am |
|
| PoC2 wrote: |
This would suggest FB's code could be a lot tighter and cleaner.
Of course the usual thing is, like Microsoft, people follow the big names even if they're bad because they believe they will have large and on-going support.
Would it be a good idea to work with NukeCops to produce a super version of PHPNuke? I'm guessing NC has the big support. |
PoC i already headed my own direction with a copy of PHP-Nuke 6.5 and already modified it heavily in just one month.
I named it CPG-Nuke and a first release is available soon.
The CVS is always available to everyone so FB and NC can grab code from it.
It isn't hold back for "Club" members as FB does.
NC also has a CVS where you can get the latest file releases.
So NC and CPG are doing the right ways to give support in the best way we can.
If the first release is out (which has to much fixes and upgrades to mention anywhere) i will contact NC if they want to incorporate. |
_________________
Famous people never give their signature
http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please |
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Fri Feb 20, 2004 10:07 am |
|
Hi djmaze,
Just a quick thing--since you do so many valuable patches....
I would rather use "static" variables inside a function to "remember" the state from one call to the other, vs. using a global constant.
Although constants in PHP are interpretively bound (late bound), I think we are getting away from the "spirit" of constants, and there are no guarantees, IMHO, that future versions of PHP would work this way (?).
I am going to implement your patch  Thanks.
steve |
|
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Fri Feb 20, 2004 10:15 am |
|
implementation using "static"
| Code: |
function is_user($user) {
global $prefix, $db, $user_prefix;
static $userSave; //save from one call to the other
if (isset($userSave)) return ($userSave);
if(!is_array($user)) {
$user = base64_decode($user);
$user = explode(":", $user);
$uid = "$user[0]";
$pwd = "$user[2]";
} else {
$uid = "$user[0]";
$pwd = "$user[2]";
}
$uid = addslashes($uid);
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row[user_password];
if($pass == $pwd && $pass != "") {
$userSave = 1;
return 1;
}
}
$userSave = 0;
return 0;
} |
|
|
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Fri Feb 20, 2004 10:26 am |
|
optimizing function is_admin (in mainfile.php on Nuke7.0)
| Code: |
function is_admin($admin) {
global $prefix, $db;
static $adminSave; //maintain state from one call to next
if (isset($adminSave)) return ($adminSave); //steve
if(!is_array($admin)) {
$admin = base64_decode($admin);
$admin = explode(":", $admin);
$aid = "$admin[0]";
$pwd = "$admin[1]";
} else {
$aid = "$admin[0]";
$pwd = "$admin[1]";
}
if ($aid != "" AND $pwd != "") {
$aid = trim($aid);
$sql = "SELECT pwd FROM ".$prefix."_authors WHERE aid='$aid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row[pwd];
if($pass == $pwd && $pass != "") {
$adminSave = 1;
return 1;
}
}
$adminSave = 0;
return 0;
} |
|
|
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Fri Feb 20, 2004 10:44 am |
|
this is called a few times too, mainfile.php (Nuke7.0) djmaze, you are great!!
| Code: |
function cookiedecode($user) {
global $cookie, $prefix, $db, $user_prefix;
static $cookieSave;
$user = base64_decode($user);
$cookie = explode(":", $user);
if (!isset($cookieSave)) {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE username='$cookie[1]'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$cookieSave = $row;
}
else {
$row = $cookieSave;
}
$pass = $row[user_password];
if ($cookie[2] == $pass && $pass != "") {
return $cookie;
} else {
unset($user);
unset($cookie);
}
} |
|
|
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Fri Feb 20, 2004 10:56 am |
|
Themes are read from the directory 4 times 
So, in mainfile.php, make the following change:
| Code: |
function get_theme() {
global $user, $cookie, $Default_Theme;
static $ThemeSelSave; //save from one call to another
if (isset($ThemeSelSave)) return ($ThemeSelSave);
if(is_user($user)) {
$user2 = base64_decode($user);
$t_cookie = explode(":", $user2);
if($t_cookie[9]=="") $t_cookie[9]=$Default_Theme;
if(isset($theme)) $t_cookie[9]=$theme;
if(!$tfile=@opendir("themes/$t_cookie[9]")) {
$ThemeSel = $Default_Theme;
} else {
$ThemeSel = $t_cookie[9];
}
} else {
$ThemeSel = $Default_Theme;
}
$ThemeSelSave = $ThemeSel;
return($ThemeSel);
} |
|
|
|
|
|
Paul_k
Nuke Soldier
Joined: Jul 07, 2003
Posts: 31
Location: England
|
| Posted:
Sun Feb 22, 2004 4:44 am |
|
Hi,
This is great stuff! Changed my mainfile.php to match the changes above and knocked my page generation time from 2.99 seconds to 1.04 
Cheers, Paul K |
|
|
|
|
djmaze
Captain
Joined: Nov 29, 2003
Posts: 566
Location: Netherlands
|
| Posted:
Sun Feb 22, 2004 7:17 am |
|
Steven thanks for your "static" option i will merge it into CPG-Nuke |
_________________
Famous people never give their signature
http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please |
|
|
|
djmaze
Captain
Joined: Nov 29, 2003
Posts: 566
Location: Netherlands
|
| Posted:
Sun Feb 22, 2004 7:32 am |
|
I noticed a bug in your cookiedecode function so here's the correct one
| Code: |
function cookiedecode($user) {
global $cookie, $db, $user_prefix;
static $pass;
if(!is_array($user)) {
$user1 = base64_decode($user);
$cookie = explode(":", $user1);
} else {
$cookie = $user;
}
if (!isset($pass)) {
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE username='$cookie[1]'";
$result = $db->sql_query($sql);
list($pass) = $db->sql_fetchrow($result);
}
if ($cookie[2] == $pass && $pass != "") {
return $cookie;
} else {
unset($user);
unset($cookie);
}
} |
|
_________________
Famous people never give their signature
http://www.cpgnuke.com <- back online thanks to dedicatednow.com
Don't ask me to be admin on your site please |
|
|
|
steven111
Lieutenant
Joined: Dec 30, 2003
Posts: 283
|
| Posted:
Sun Feb 22, 2004 12:22 pm |
|
|
|
|
|
|
If you want to get more into optimization, check out the following links: