Welcome to Geeklog, Anonymous Friday, November 08 2024 @ 08:42 pm EST
Geeklog Forums
Ban plugin 1.0.1
ironmax
Anonymous
I just installed a new site 1.4.0sr5 and tried to install the ban plugin 1.0.1. I've done just about everything I could think of. I tried it with globals on and still nothing. Nothing in the error log at all on it. Has anyone else had any problems installing it with the latest prodution ver of geeklog? Any help would be great. I know the plugin needs to be updated. Not that good in programming.
Thanks in advance
Michael
Thanks in advance
Michael
7
13
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Here's a late reply!
The latest ban plugin I can find is 1.0, where is 1.0.1
Just tried installing this on a new install of geeklog and it didn't work no error message nothing. I checked into it and noticed it accesses form variables directly and not with $_REQUEST so global variables need to be on. This doesn't work in my situation as I like having global variables off. I have been running the ban plugin on other sites for a while now thinking it was working!
Is TomW (ban plugin author around anymore) or has someone updated the ban plugin for registered globals to be off, maybe this is 1.0.1? If not I can do it since it's not very big but I rather release it as a new version of the ban plugin and not as a brand new plugin.
One of the Geeklog Core Developers.
The latest ban plugin I can find is 1.0, where is 1.0.1
Just tried installing this on a new install of geeklog and it didn't work no error message nothing. I checked into it and noticed it accesses form variables directly and not with $_REQUEST so global variables need to be on. This doesn't work in my situation as I like having global variables off. I have been running the ban plugin on other sites for a while now thinking it was working!
Is TomW (ban plugin author around anymore) or has someone updated the ban plugin for registered globals to be off, maybe this is 1.0.1? If not I can do it since it's not very big but I rather release it as a new version of the ban plugin and not as a brand new plugin.
One of the Geeklog Core Developers.
8
8
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
The old plugin toolkit required register_globals to install the plugin. Does the rest of the plugin require register_globals or just the install.php? You could enable register_globals just long enough to install it and then turn register_globals back off. (Or as you say, just fix it and rerelease it.)
7
7
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
I went ahead and updated the ban plugin. It was failing on any page that required user input (install,adding, logfile). As far as I can tell after a quick look everything else worked. If your ban table contained data before switching to registered globals off it still banned those ips, you just couldn't delete or add new ones.
I'll upload the 1.0.2 ban plugin to geeklog.
jmucchiello, I emailed you back a while ago regarding testing the new version of the autotag plugin, did you get it?
One of the Geeklog Core Developers.
I'll upload the 1.0.2 ban plugin to geeklog.
jmucchiello, I emailed you back a while ago regarding testing the new version of the autotag plugin, did you get it?
One of the Geeklog Core Developers.
24
7
Quote
ironmax
Anonymous
Quote by: Laugh
I went ahead and updated the ban plugin. It was failing on any page that required user input (install,adding, logfile). As far as I can tell after a quick look everything else worked. If your ban table contained data before switching to registered globals off it still banned those ips, you just couldn't delete or add new ones.
I'll upload the 1.0.2 ban plugin to geeklog.
Laugh, did you ever upload the updated Ban plugin?
7
7
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
jmucchiello, I emailed you back a while ago regarding testing the new version of the autotag plugin, did you get it?[/p]
Yes, it fell off my radar again. I'll get around to it next week some time. I've had a busy couple weeks with no time for personal programming projects.
7
6
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
No rush, I didn't know if my reply was flagged as spam or something.
IRONMAX - opps, I'll upload the ban plugin now.
One of the Geeklog Core Developers.
Quote by: jmucchiello
Yes, it fell off my radar again. I'll get around to it next week some time. I've had a busy couple weeks with no time for personal programming projects.[/p][/QUOTE]jmucchiello, I emailed you back a while ago regarding testing the new version of the autotag plugin, did you get it?
IRONMAX - opps, I'll upload the ban plugin now.
One of the Geeklog Core Developers.
7
7
Quote
ironmax
Anonymous
Quote by: Laugh
IRONMAX - opps, I'll upload the ban plugin now.
Thanx for the update...works like its supposed to now.
Michael
5
7
Quote
ironmax
Anonymous
I don't know if this is isolated or not. Anyways, I have noticed in the updated version that the Ban plugin seems to not block the referrals when the site name that it refers to is put in the system. Also the logging does not seem to record that fact either. Anyone else having this issue?
Michael
Update....
Would help if I read the regex better. You have to excape the periods with a backslash.
Example: www.example.com should read as www\.example\.com
Michael
Update....
Would help if I read the regex better. You have to excape the periods with a backslash.
Example: www.example.com should read as www\.example\.com
7
8
Quote
ironmax
Anonymous
Quote by: ironmax
I don't know if this is isolated or not. Anyways, I have noticed in the updated version that the Ban plugin seems to not block the referrals when the site name that it refers to is put in the system. Also the logging does not seem to record that fact either. Anyone else having this issue?
Michael
Update....
Would help if I read the regex better. You have to excape the periods with a backslash.
Example: www.example.com should read as www.example.com
Okay...so my original message stands. There still seems to be a problem. The referrers that I put in are still coming back to my site and and leaving referral links in the referrer area listed in GUS. Any ideas? Dirk, login and have a look to verify what I mean. Look at the 10:45am entry.
7
7
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
I'll take a closer look when I get a chance. The only code I touched was any form that required user input. The actual code that deals with banning an ip, etc... I had left alone.
One of the Geeklog Core Developers.
One of the Geeklog Core Developers.
8
22
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Wow, I just took a look at the ban plugin code for banning ips. No way it will work. I double checked Source Forge and this is what they have as well (checked previous versions as well). Not sure how this got released before, Dirk or anyone else have any ideas what happened or does anyone have some older code for when it use to work?
function BAN_check()
{
global $HTTP_USER_AGENT, $REMOTE_ADDR, $HTTP_REFERER, $_TABLES, $SCRIPT_NAME, $_BAN_log, $_BAN_page;
$result = DB_Query("SELECT * FROM {$_TABLES['ban']}",1);
$nrows = DB_numRows( $result );
for( $i = 1; $i <= $nrows; $i++ ) {
$A = DB_fetchArray($result);
if (eregi($A['data'],$$A['bantype'])) {
if ($_BAN_log) {
BAN_Log('Access Banned because ' . $$A['bantype'] . " matches {$A['data']}");
}
if ($_BAN_page != '') {
echo COM_refresh($_BAN_page);
die();
} else {
die();
}
}
}
}
The code doesn't even refer to the remote IP plus for some reason it is trying to compare the banned ips in the db with the current records ban type??
Plus the ban type variable has a double $$.
One of the Geeklog Core Developers.
Text Formatted Code
function BAN_check()
{
global $HTTP_USER_AGENT, $REMOTE_ADDR, $HTTP_REFERER, $_TABLES, $SCRIPT_NAME, $_BAN_log, $_BAN_page;
$result = DB_Query("SELECT * FROM {$_TABLES['ban']}",1);
$nrows = DB_numRows( $result );
for( $i = 1; $i <= $nrows; $i++ ) {
$A = DB_fetchArray($result);
if (eregi($A['data'],$$A['bantype'])) {
if ($_BAN_log) {
BAN_Log('Access Banned because ' . $$A['bantype'] . " matches {$A['data']}");
}
if ($_BAN_page != '') {
echo COM_refresh($_BAN_page);
die();
} else {
die();
}
}
}
}
The code doesn't even refer to the remote IP plus for some reason it is trying to compare the banned ips in the db with the current records ban type??
Plus the ban type variable has a double $$.
One of the Geeklog Core Developers.
5
5
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
Quote by: Laugh
Plus the ban type variable has a double $$.
Calm. That is the magic of the code. I have never ever looked at the ban plugin but I will bet that the "bantype" column in the ban table is supposed to contain one of the following strings: HTTP_USER_AGENT, REMOTE_ADDR, HTTP_REFERER, or SCRIPT_NAME.
The magic eregi line look at the variable contained in the variable name by $A['bantype'] and that's why there are 2 dollar signs.
So if the ban table has a record where data = '^192\.168\.' and bantype = 'REMOTE_ADDR' than anyone connecting with a remote_addr starting 192.168 will be stopped by that record.
Get it?
6
6
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Ahh, never have run into that before, that makes sense (and I should of figured it out 
). I did attempt to do a search on the subject but couldn't find anything. I've updated the function and set the $REMOTE_ADDR variable, etc.. to use the appropriate $_SERVER variable since they do not work with registered globals off.
I've uploaded Ban Plugin Ver. 1.0.3
One of the Geeklog Core Developers.
). I did attempt to do a search on the subject but couldn't find anything. I've updated the function and set the $REMOTE_ADDR variable, etc.. to use the appropriate $_SERVER variable since they do not work with registered globals off.I've uploaded Ban Plugin Ver. 1.0.3
One of the Geeklog Core Developers.
6
6
Quote
All times are EST. The time is now 08:42 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content