Hi,

I am using FCKeditor module for editing the node body on my drupal website. The problem is that whenever someone edits existing node or add a new node, PHPIDS generates a warning something like:

* Rule: (?:"[^"]*[^-]?>)|(?:[^\w\s]\s*\/>)|(?:>")
      Description: finds html breaking injections including whitespace attacks
      Tags: xss, csrf
    * Rule: (?:"\s*or\s*\d)|(?:\\x(?:23|27|3d))|(?:^.?"$)|(?:^.*\\".+(?Description: Detects classic SQL injection probings 1/2
      Tags: sqli, id, lfi
    * Rule: (?:"\s*\*.+(?:or|id)\W*"\d)|(?:\^")|(?:^[\w\s"-]+(?<=and\s)(?<=or\s)(?<=xor\s)(?<=nand\s)(?<=not\s)( ?<=\|\|)(?<=\&\&)\w+\()|(?:"[\s\d]*[^\w\s]+\W*\d\W*.*["\d])|(?:"\s*[^\w\s?]+\s*[^\w\s]+\s*")|(?:"\s* [^\w\s]+\s*[\W\d].*(?:#|--))|(?:".*\*\s*\d)|(?:"\s*or\s[\w-]+.*\d)|(?:[()*<>%+-][\w-]+[^\w\s]+"[^,])
      Description: Detects classic SQL injection probings 2/2
      Tags: sqli, id, lfi

Can anyone tell me how to solve this problem. I am unable to allow guests to submit nodes while log and action is enabled for phpids.

Thanks
DIMSKK

Comments

it-cru’s picture

it-cru
Primary language English
Location Munich
commented
Assigned: Unassigned » it-cru
Category: bug » support
Status: Active » Postponed

Add the html fieldname (e.g. body) in phpids settings in the html included field. This tells phpids to allow html tags in this submitted html field. If you have more then one html included field comma seperate them.

patrickd’s picture

patrickd commented
Status: Postponed » Closed (fixed)