UNITED-NUKE

New Member Joined: Oct 30, 2004 Posts: 21

dean wrote:

Considering the following that this site has and the breadth and depth of the the coders that come here: why not brand a new version of nuke and leave this developer behind?

Solution for tired PHP-Nuke's users now exists: Removed Wave

I am very happy Groovy

P.S. I love emoticons used on this site Smile

[Admin Note]I have removed your link. See my reason why a few posts down.

Posted: Thu Jul 07, 2005 9:49 pm

I obviously misinterpreted their posts - I was under the impression they would, provided it was under the guise of an 'ongoing project' in its own right under a different name.

Posted: Thu Jul 07, 2005 10:06 pm

Correct - my impression from their comments was they would include an alternative to nuke which basically consisted of phpNuke fixed code under the guise of a different name provided it was an ongoing project?

registered · Worker Joined: Oct 07, 2003 Posts: 211

Wow, did you know you had "ugly" code?

Quote:

Why is included NukeSentinel(tm) in UNITED-NUKE?
UNITED-NUKE does not need this add-on at all. There is only for two reasons. First one is a fact that many users like features if this tool (such as Users tracking, DoS protection...) and second one is for securing insecure add-ons installed to UNITED-NUKE. If you are not using any insecure add-on, it is possible (and we recommend to do that) to deactivate NukeSentinel(tm) engine by make required changes to www/includes/un_tweak.php file. By deactivating NukeSentinel(tm) will be very increased speed, because this tool very stress database (NukeSentinel(tm) uses many not optimized SQL queries - we will try to optimize his ugly code in the future (we will try post these fixes to official development team of NukeSentinel(tm)).

Edit: Now just a dang minute, that post was there just a second ago.......LOL!!!

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Quote:

Why is included NukeSentinel(tm) in UNITED-NUKE?
UNITED-NUKE does not need this add-on at all. There is only for two reasons. First one is a fact that many users like features if this tool (such as Users tracking, DoS protection...) and second one is for securing insecure add-ons installed to UNITED-NUKE. If you are not using any insecure add-on, it is possible (and we recommend to do that) to deactivate NukeSentinel(tm) engine by make required changes to www/includes/un_tweak.php file. By deactivating NukeSentinel(tm) will be very increased speed, because this tool very stress database (NukeSentinel(tm) uses many not optimized SQL queries - we will try to optimize his ugly code in the future (we will try post these fixes to official development team of NukeSentinel(tm)).

Excuse me, but this is bulls**t (excuse the language). You are so totally offbase and wrong about what NukeSentinel secures and does. NS in no way secures insecure addons! And NS does not sress your database anymore than nuke stresses your database. You know this post, wherever it came from, has me so infuriated that I cannot even respond right now. And it's ugly code? Well, I have removed your News item about your product because you don't know what you're talking about and I do not want my userbase being misled by your false assumptions and comments! Mad

Posted: Thu Jul 07, 2005 11:47 pm

The post came from here:

http://united-nuke.openland.cz/content/information/introduction-to-united-nuke-project/item/pa/showpage/pid/27/

I just thought you may have wanted to see what was said. I wasn't trying to be an arse or anything.

registered · Regular Joined: May 28, 2005 Posts: 90

Dauthus wrote:

It wasn't me.

right for you Smile

LOL!

i've never seen raven so angry but he has reason

Posted: Thu Jul 07, 2005 11:57 pm

Dauthus, I know it wasn't you. Thanks for making us aware of iRay's remarks.

registered · Posted: Fri Jul 08, 2005 12:03 am

http://www.nukescripts.net/modules.php?name=News&file=article&sid=1848

My finial thoughts about United-Nuke.

Posted: Fri Jul 08, 2005 12:04 am

Just for clarification, it has been stated countless times that Chatserv's patches attempt to sanitize exploitable nuke code. NukeSentinel attempts to guard against XSS and other site attacks by sanitizing the URL's. That's just an in-a-nutshell synopsis. Each product has its own sandbox.

Posted: Fri Jul 08, 2005 6:29 am

I reply on Bob Marion email with following digital signed message:

Quote:

> It is the opinion of the NukeSentinel(tm) dev team that you are to remove
> it from your distro post haste. It does not secure insecure addons as you
> seem to think it does. It filters and protects the main nuke engine.

I think, you are not right. By securing insecure add-ons I bear in mind for
example UNION, Filters, Script atack protections and etc. And as you know too
- this is not for nuke engine only.

>
> As I stated before you needed a better english translator as the "Ugly
> Code" reference has greatly angered the community and the dev team.
>

First of all, sorry to you and the dev team for this translation (I am making
english website without my translators) so I don't know, how "Ugly Code" word
is terrible for english speaking people (I will modify sentence to something
better).
Second, I think, that for you and your dev team can be prestigious, when
NukeSentinel(tm) will be in UNITED-NUKE.

So, as I wrote already to discussion (that now I am looking is removed - there
is some censorship?) NukeSentinel(tm) is good of course, but need some
improvements fot better speed.

In short: I am sorry to my bad translation. If you and your dev team will
still request my company (after this apology) to remove NukeSentinel(tm), I
will do that.
--
Jiri Stavinoha | UNITED-NUKE
------------------------------------------------
UNITED-NUKE | product manager & maintainer
e-mail: united-nuke@openland.cz
web site: http://united-nuke.openland.cz

registered · Posted: Fri Jul 08, 2005 9:17 am

I do not really want to add fuel to the fire but this is in your mainfile.php

// NukeSentinel(tm) integration - begin
// UNITED-NUKE doesnt need to use NukeSentinel(tm), but users like this tool... (unluckily)

It seems to me that its more than just translation issues

Posted: Fri Jul 08, 2005 9:29 am

I wanted to comment that I took a look at this forks' code about a week ago.

When I got to the mainfile, I decided that I would delete it from my system. I saw the various notations in documentation and elsewhere about NukeSentinel and I almost died. I knew that if I brought up this issue (given my own recent events with situations like this) it would not bode well with some people, so I remained silent. Probably not the greatest idea in hindsight, but oh well, I've never claimed to be perfect.

I would only say to the authors of this fork, if you are going to use someone's modules or security tools, you shouldn't insult them in your credits or documentation which is clearly the case here.

Just my two-cents for what little my comments are worth.

Posted: Fri Jul 08, 2005 9:48 am

technocrat wrote:

I do not really want to add fuel to the fire but this is in your mainfile.php

// NukeSentinel(tm) integration - begin
// UNITED-NUKE doesnt need to use NukeSentinel(tm), but users like this tool... (unluckily)

It seems to me that its more than just translation issues

I am happy that at least one users noticed and read this message in mainfile.php. It is our instigation (I hope this is right word, I am not sure) to NukeSentinel(tm) dev team.
The reason for this message was, that we hope to critical to us or to any others. It is great way how to tell, that something can be better. Similar messages are very often used in Linux kernel source for example. It does not mean anything badness of course Wink

Posted: Fri Jul 08, 2005 10:01 am

Well, I think NukeSentinel (tm) is a good solution and I would only comment that if your developers think that having to include it is painful and if you feel that you don't need it, remove it and let your users add it in manually. Please also be aware that if the Developers of NukeSentinel (tm) find you in non-compliance of licensing, distribution or policy restrictions, they can ask that your remove NukeSentinel (tm) from your distribution, which I think was what has happened here.

I would also comment that the Linux kernel code doesn't have comments like this for add-ons by other people as far as I have ever seen. I have seen situations where an author of a section of code comments about his own code like, "God, I need to rewrite this junk" or "I need to figure out a better way to code this" but as far back as I can remember, I've never seen any comments about anyone else's code. (Note: If you look in Mandrake, you'll find my name with exactly comments like this because it's okay for me to insult my own lousy coding.)

Finally, I can't speak to instigating. I think if you have suggestions for ways to improve NukeSentinel (tm) that those comments would be appreciated and accepted as positive feedback in a positive context and submitted here at Raven's in the official NukeSentinel (tm) support forum. However, I think if you don't have anything good to say, "don't say anything at all".

Again, just my two-pitiful-cents.

Posted: Fri Jul 08, 2005 10:28 am

64bitguy wrote:

Well, I think NukeSentinel (tm) is a good solution and I would only comment that if your developers think that having to include it is painful and if you feel that you don't need it, remove it and let your users add it in manually.

I wrote several times, that NukeSentinel(tm) is good solution. Adding manually seems to be real solution for us and our users and I hope for the dev team too (but I am still waiting on reply from Bob Marion to re-approve me to distribute NukeSentinel(tm)).

64bitguy wrote:

I would also comment that the Linux kernel code doesn't have comments like this for add-ons by other people as far as I have ever seen. I have seen situations where an author of a section of code comments about his own code like, "God, I need to rewrite this junk" or "I need to figure out a better way to code this" but as far back as I can remember, I've never seen any comments about anyone else's code.

Is is true. I looked through this fact and now I am feeling very bad and awkwardness.

64bitguy wrote:

Finally, I can't speak to instigating. I think if you have suggestions for ways to improve NukeSentinel (tm) that those comments would be appreciated and accepted as positive feedback in a positive context and submitted here at Raven's in the official NukeSentinel (tm) support forum. However, I think if you don't have anything good to say, "don't say anything at all".

As I wrote on my site, we will post our improvements to NukeSentinel(tm) dev team. But I post 6 month ago fix for one of the NukeSentinel's blocks, that fix W3C issues (but it was rejected, I dont know why). I will hope that speed improvements will be accepted in the future.

And for the end. I would like to notice, that we release Beta version for testing and for resolving other issues that can be found (and as you can see one was founded - it is style of integration of NukeSentinel(tm) and our comments in source code).

We are open for discussion about anything and we do as much as possible to accommodate dev team of NukeSentinel(tm), users or any other, who have valid suggestions.
We want to make clean system (including code, licence, credits and morality). If anyone have some other suggestions or comments, just let me know.

Posted: Fri Jul 08, 2005 12:50 pm

I visit this forum again and I see BIG censoring here. Now I understand, why PHP-Nuke's community is not very popular on the net. So final, NukeSentinel(tm) will be removed from UNITED-NUKE.

Additionally we did take a look at nukesentinel sources and we found some GPL code (but NukeSentinel is distributed under EULA). So it seems to be GPL violations for us and we do not support using GPL code in propriatery software.

Posted: Fri Jul 08, 2005 1:02 pm

I have read this thread several times whilst trying to remain impartial.
I was coming to the conclusion that irays intentions were 'good' in providing an alternative solution to virgin nuke code with an emphasis on speed / lowering sql calls etc.

As someone not technically proficient with php I can see where they may be some misinterpretation of 'NS is bad' i.e the intention not to state simply 'NS is bad - period' but 'NS is bad as it creates extra calls to the DB which is what we were trying to avoid with this fork'.

However I am not convinced that NS loads a sql server to an extent which would have perfomance impacts, otherwise the devs would have either found a way around it or included that information within the distro - pleae bear in mind I am not speaking from a technical perspective as I am not qualified to judge that issue - but the perspective of a 'user'.

Having said all that, I feel it was completely wrong to include adverse comments within the files especially when the author of those comments is aware of translation problems which may give rise to misinterpretation.

BUT, what really flipped me out and altered what I was hoping would be an impartial decision was the actual comment itself;

Quote:

// UNITED-NUKE doesnt need to use NukeSentinel(tm), but users like this tool... (unluckily)

I know of no known fork of nuke which would not benefit from NS and in addition, I can not see (however hard I try) how there is a misinterpretation issue, the language is clear, the message derogatory toward NS and the lack of qualifying the statement leaves the author wide open.

Posted: Fri Jul 08, 2005 1:03 pm

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=PostNuke

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=Xoops

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=MyPHPNuke

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=phpWebSite

Mr. Green

Posted: Fri Jul 08, 2005 1:06 pm

chatserv wrote:

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=PostNuke

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=Xoops

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=MyPHPNuke

http://www.googlefight.com/index.php?lang=en_GB&word1=PHP-Nuke&word2=phpWebSite

Mr. Green

Quantity is not quality Wink

This is the problem of PHP-Nuke's community.

Posted: Fri Jul 08, 2005 1:11 pm

True but it still equals popular and on a side note while we are not coding Gods i'd say we do a pretty decent job at doing what others won't Smile

Posted: Fri Jul 08, 2005 1:20 pm

Now I'm upset!

Quote:

Now I understand, why PHP-Nuke's community is not very popular on the net.

iray, quit while you are ahead!
By saying your fork will help the nuke community and then say there is no nuke community... ???
Is this your attempt at an oxymoron?

Posted: Fri Jul 08, 2005 1:24 pm

chatserv wrote:

True but it still equals popular and on a side note while we are not coding Gods i'd say we do a pretty decent job at doing what others won't Smile

Chatserv, you know me for a loooong time. I post big amount of bugfixes to your project and you are still great man for me. But stance from some other users/developers to my project is very strange.

I did what other never proved. Increase speed and security. And the result? Community is censoring and deleting my posts... Did you know, what is fair play?

Posted: Fri Jul 08, 2005 1:26 pm

Guardian2003 wrote:

By saying your fork will help the nuke community and then say there is no nuke community... ???

I didnt write anything like this.

Posted: Fri Jul 08, 2005 1:28 pm

chatserv wrote:

True but it still equals popular and on a side note while we are not coding Gods i'd say we do a pretty decent job at doing what others won't Smile

I think thats the understatement of the year - without the likes of people such as yourself, there would be no nuke as no one would be around to fix the d*** thing.