When I try this check:
http://www.mywebsite.com/index.php?xoopsConfig%5Bnocommon%5D=1I get thrown to the home page, but there is no log of the contamination in the protection centre.
I have the contamination action set to blank screen, and the same happens if I set it to None(only logging). (I don't want to try ban the IP as it is my IP!). This happens when I try from not logged in, logged in as a registered user or logged in as webmaster.
The other check works fine and logs the insertion.
I am on xoops 2.0.16 and protector 3.04
So I think the protection is working, but I would rather like it to be logged. Is there something I have set incorrectly or do I have a problem?
Best wishes
Adrian
No.
It's just a fragment of trash in mainfile.php
(Use code block)
I mean this.
You can find the code in mainfile.php of XOOPS 2.0.16
foreach ( array('GLOBALS', '_SESSION', 'HTTP_SESSION_VARS', '_GET', 'HTTP_GET_VARS', '_POST', 'HTTP_POST_VARS', '_COOKIE', 'HTTP_COOKIE_VARS', '_REQUEST', '_SERVER', 'HTTP_SERVER_VARS', '_ENV', 'HTTP_ENV_VARS', '_FILES', 'HTTP_POST_FILES', 'xoopsDB', 'xoopsUser', 'xoopsUserId', 'xoopsUserGroups', 'xoopsUserIsAdmin', 'xoopsConfig', 'xoopsOption', 'xoopsModule', 'xoopsModuleConfig', 'xoopsRequestUri') as $bad_global ) {
if ( isset( $_REQUEST[$bad_global] ) ) {
header( 'Location: '.XOOPS_URL.'/' );
exit();
}
}