| Author |
Message |
digitalpimp
Client
Joined: Aug 11, 2005
Posts: 32
|
 Posted:
Thu Aug 11, 2005 7:40 pm |
|
Hello all. I have read everywhere that Sentinel is a must when running a phpnuke site so I got the newest release (2.4.0) and tried to install it.
Everything was going smooth untill I got to edits for core files. Most of the changes to be made in the mainfile7.8 could not be done because alot of the code referenced to be changed was not there. I am at a loss at this point since mose of the edits I need to do I cannot seem to do? Not sure where to go from here... |
| |
|
|
|
CurtisH
Life Cycles Becoming CPU Cycles
Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI
|
| Posted:
Thu Aug 11, 2005 8:49 pm |
|
Step one...start over using 7.6
It has been said time and time again that 7.7 and 7.8 are security NIGHTMARES with or without Sentinel. In fact, we currently do not offer support for it due to this security issue. |
_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe |
|
 
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 8:55 pm |
|
Little too late LoL... Unfortunately I found out after I purchased and installed nuke 7.8 and all my original website content arghhhh
There has to be a way to install it anyways right? I mean the newest sentinel release says 7.1-7.8?? Is there no way for me to get sentinel running on 7.8? I would revert to 7.6 if I could but that isn't really an option for me at this point.... |
| |
|
|
|
|
CurtisH
|
| Posted:
Thu Aug 11, 2005 8:58 pm |
|
You can downgrade to 7.6 using this nifty utility and then don't have to worry about the 7.7/7.8 exploits. Be sure to install Sentinel of course.
http://www.nukescripts.net/modules.php?name=Downloads&op=getit&lid=100270
If you are determined to use the unstable 7.8 maybe one of the other moderators can offer suggestions on getting Sentinel installed. I personally don't want to risk exposing my server to hackers so I cannot install it to see what needs modding. Sorry.  |
| |
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 9:01 pm |
|
Thank you immensly for your help. I will take a look at the script and see about downgrading. Info on getting Sentinel to work with 7.8 would also still be most appreciated... |
| |
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 9:03 pm |
|
I looked at the script, so it will downgrade the database for me but I still need to upload the original 7.6 source files? Just a straight ftp of the 7.6 files or do I need to configure or change any code?
Thanks for helping a n00b! |
| |
|
|
|
|
CurtisH
|
| Posted:
Thu Aug 11, 2005 9:06 pm |
|
I am almost 100 percent sure you delete all and upload 7.6, but be sure to copy your database details from config.php so that you can edit the one that comes with 7.6 so that it can connect to the database. The instructions should detail what to do as well. |
| |
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 9:13 pm |
|
d***, that would mean I would have to re-install all blocks and modules etc? |
| |
|
|
|
|
CurtisH
|
| Posted:
Thu Aug 11, 2005 9:14 pm |
|
No....just the core nuke modules and blocks. |
| |
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 9:27 pm |
|
Ok I have some time to stay up late tonight so I am contemplating just scratching my current install and starting all over fresh with 7.6. Once I do this I should have no problems installing Sentinel? WHat version of Sentinal do i wann install? |
| |
|
|
|
|
CurtisH
|
| Posted:
Thu Aug 11, 2005 10:02 pm |
|
I cannot imagine you experiencing any problems as long as you follow the instructions. I haven't installed the newest yet so I don't know if there are any issues but I do know that 2.3.2 is stable |
| |
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 10:21 pm |
|
Thanks alot for your help! Once I finish I will make a donation. Thanks for your fast replies and help! |
| |
|
|
|
|
CurtisH
|
| Posted:
Thu Aug 11, 2005 10:22 pm |
|
|
|
|
|
digitalpimp
|
| Posted:
Thu Aug 11, 2005 11:53 pm |
|
Ok so check this out. I installed 7.6 fresh, tried to install Sentinel 2.3.2 and when I get to edits for core files I still have a snag.
for example I cannot find the code in admin.php that I should be able to find?
Code:/************************************************************************/
/* This file is for instructional use. */
/* By: NukeScripts Network (webmaster@nukescripts.net) */
/* http://www.nukescripts.net */
/* Modifications Copyright © 2000-2005 by NukeScripts Network */
/************************************************************************/
#
#-----[ OPEN ]------------------------------------------
#
admin.php
#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}
#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}
|
How can I install Sentinel if I cannot find the code I am suppose to edit? Most of the code I cannot find?? |
| |
|
|
|
|
digitalpimp
|
| Posted:
Fri Aug 12, 2005 8:03 pm |
|
Got Sentinel installed!! W00t!!!!
For the other noobs out there a word of advice. Make sure to download your phpnuke files ALREADY patched!!!! LoL
Thanks for your help CurtisH, off to paypal now. =) |
| |
|
|
|
|
CurtisH
|
| Posted:
Sat Aug 13, 2005 8:24 am |
|
Glad you got it sorted! Thank you also for supporting Raven monetarily. This helps keep things going here as well as showing true gratitude.  |
| |
|
|
|
|
pinkbeef
Client
Joined: Jul 19, 2005
Posts: 68
|
| Posted:
Fri Sep 02, 2005 10:35 pm |
|
where did you get your patched Nuke from becouse the one i got still does not have the right code.
admin.php
#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}
#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//}
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($checkurl,'AddAuthor')) OR (stripos_clone($checkurl,'VXBkYXRlQXV0aG9y')) OR (stripos_clone($checkurl,'QWRkQXV0aG9y')) OR (stripos_clone($checkurl,'UpdateAuthor')) OR (stripos_clone($checkurl, "?admin")) OR (stripos_clone($checkurl, "&admin"))) {
die("Illegal Operation");
}
and that is the first edit, i give up. |
| |
|
|
|
|
Dacubz
Worker
Joined: Apr 27, 2004
Posts: 156
Location: Homer Glen, Illinois
|
| Posted:
Sat Sep 03, 2005 8:42 am |
|
Same problem here. The comment out is wrong, and I can't get it right. It starts with one of the ")" in (stripos_clone($checkurl, "&admin"))) { and I can't correct the code from there. Unexpected character, can't parse. |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sun Sep 04, 2005 11:39 pm |
|
Please post what your code looks like, uncommented, and we'll correct it for you. |
| |
|
|
|
|
Dacubz
|
| Posted:
Sat Sep 10, 2005 11:48 am |
|
Here's the idit that doesn't work.
#
#-----[ OPEN ]------------------------------------------
#
admin.php
#
#-----[ FIND ]------------------------------------------
#
$checkurl = $_SERVER['REQUEST_URI'];
if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
die("Illegal Operation");
}
#
#-----[ COMMENT OUT ]------------------------------------------
#
//$checkurl = $_SERVER['REQUEST_URI'];
//if((stripos_clone($_SERVER["QUERY_STRING"],'AddAuthor')) || (stripos_clone($_SERVER["QUERY_STRING"],'VXBkYXRlQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'QWRkQXV0aG9y')) || (stripos_clone($_SERVER["QUERY_STRING"],'UpdateAuthor')) || (preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
//die("Illegal Operation");
//} |
| |
|
|
|
|
Raven
|
| Posted:
Sat Sep 10, 2005 12:39 pm |
|
I mean post your code that you aren't able to comment out. |
| |
|
|
|
|
Dacubz
|
| Posted:
Sun Sep 11, 2005 8:31 am |
|
That's just it. When I comment out as instructed here, the code won't parse, and states that there's an extra ")" on this line: \&admin/", "$checkurl"))) { . I remove that, and more errors begin to pop up. |
| |
|
|
|
|
Raven
|
| Posted:
Sun Sep 11, 2005 9:49 am |
|
Just remove all that code completely. It isn't needed. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
