pdf阅读器

phpMyadmin是最为流行的基于web的MySQL管理软件

请根据自己网站的情况决定是安装该模块还是安装独立的phpmyadmin系统
几个建议：
1 如果你的网站管理员只有你自己或是全部都是值得信赖的人，可以直接安装该模块
2 如果你的网站有多个管理员而且不能保证每个管理员都是可充分信任的，建议你修改/phpmyadmin/admin/config.inc.php中
$cfg['Servers'][$i]['auth_type'] = 'cookie';

3 如果你的数据库较大，在数据库导入或导出时需要保存/上传到服务器然后通过ftp等操作数据库文件，请设置/phpmyadmin/admin/config.inc.php中
$cfg['UploadDir'] = XOOPS_UPLOAD_PATH.'/phpmyadmin/import';
$cfg['SaveDir'] = XOOPS_UPLOAD_PATH.'/phpmyadmin/export';
并一定注意随时清空保存的数据库文件以免泄漏

= SUMMARY =

Xoops Protector is a module to defend XOOPS2 from various and malicious attacks.

This module can protect a various kind of attacks like:

- DoS
- Bad Crawlers (like bots collecting e-mails...)
- SQL Injection
- XSS (not all though)
- System globals pollution
- Session hi-jacking
- Null-bytes
- Directory Traversal
- Some kind of CSRF (fatal in XOOPS <= 2.0.9.2)
- Brute Force
- Camouflaged Image File Uploading (== IE Content-Type XSS)
- Executable File Uploading Attack
- XMLRPC's eval() and SQL Injection Attacks
- SPAMs for comment, trackback etc.

Xoops Protector defends you XOOPS from these attacks, and it records into its log.

Of course, all vulnerablities can't be prevented.
Be not overconfident, please.

However, I strongly recommend installing this module to all XOOPS sites with any versions.



= 安装 =

首先, 在mainfile.php中定义 XOOPS_TRUST_PATH.

复制 html/modules/protector 到您的 XOOPS_ROOT_PATH/modules/
复制 xoops_trust_path/modules/protector 到您的XOOPS_TRUST_PATH/modules/

设置属性 XOOPS_TRUST_PATH/modules/protector/configs 777

安装后，编辑 mainfile.php 如下:


Just add two lines.

Both pre-check and post-check are needed.

An option "DENY by .htaccess" is added on version 2.34.
If you try this option, set writable XOOPS_ROOT_PATH/.htaccess
Before installing this, you should compare it to the security risks which .htaccess is writable.
=======================================
关于XOOPS_TRUST_PATH and Module Duplication

http://www.seed100.com/htdocs/modules ... c_id=12&forum=7&move=next
=======================================
= How to rescue =

如果您自己被误认为是入侵而被阻止，可以删除 XOOPS_TRUST_PATH/modules/protector/configs/
下的文件。

The setting and controller of "rescue password" has been eliminated.


= UPGRADE from Protector 2.x =

- remove two lines for Protector from your mainfile.php
- remove all files under XOOPS_ROOT_PATH/modules/protector/ via FTP etc.
- upload files in the archive (refer INSTALL)
- do "upgrade" Protector in modulesadmin
- add two lines for Protector into your mainfile.php

Note: "XOOPS_TRUST_PATH" for 3.0 instead of "XOOPS_ROOT_PATH" for 2.x


= Using filter-plugin =

You can put a filter-plugin in XOOPS_TRUST_PATH/modules/protector/filters_enabled/

There are two plugins in this archive.

- postcommon_post_deny_by_rbl.php
an anti-SPAM plugin.
All of Post from IP registered in RBL will be rejected.
This plugin can slow the performance of Post, especially chat modules.

-postcommon_post_need_multibyte.php
an anti-SPAM plugin.
Post without multi-byte characters will be rejected.
This plugin is only for sites of japanese, tchinese, schinese, and korean.

If you want to turn the plugin on, copy the file in filters_disabled into filters_enabled.


= CHANGES =

3.01 (2007/02/10)
- modified the rule for sorting IPs
- added language files
-- portuguesebr (thx beduino)
-- spanish (thx PepeMty)
-- polish (thx kurak_bu) 3.01a

3.00 (2007/02/06)
- marked as a stable version
- fixed typo in log level
- fixed multibyte plugin never denies registered users (thx mizukami)
- modified compatibility with 2.2.x from xoops.org 3.00a

3.00beta2 (2007/01/31)
- added plugin system (just postcommon_post_*)
- added filtering-plugins
-- postcommon_post_deny_by_rbl.php (deny SPAM by RBL)
-- postcommon_post_need_multibyte.php (deny SPAM by character type)

3.00beta (2007/01/30)
- moved almost files under XOOPS_TRUST_PATH
- modified denying IP from DB to a file under configs
- removed rescue feature (just remove a file via FTP)
- added allowed IPs for user of group=1
- modified table structures (compatible MySQL5)
- added BigUmbrella anti-XSS system
- added anti-SPAM feature

= THANKS =
- Kikuchi (Traditional Chinese language files)
- Marcelo Yuji Himoro (Brazilian Portuguese and Spanish language files)
- HMN (French language files)
- Defkon1 (Italian language files)
- Dirk Louwers (Dutch language files)
- Rene (German language files)
- kokko (Finnish language files)
- Tomasz (Polski language files)
- Sergey (Russian language files)
- Bezoops (Spanish language files)
These contributions was made for v2.x
I'm appreciated new language files for v3.0

Moreover, I thank to JM2 and minahito -zx team- about having taught me kindly.
You are very great programmers!


------------------------------------------------------------

GIJ=CHECKMATE <[email protected]>
2004-2007

PEAK XOOPS http://xoops.peak.ne.jp/

planet 是一个完善的XML feed抓取、显示、存档的管理模块

功能：
可以通过各Blog网站提供的RSS/ATOM定制显示自己喜欢的blog获新闻
1 将文章保存到本地数据库并可以编辑
2 blog可在本地多分类
3 用户可对文章/blog进行评论、投票、定级
4 如果某个blog或blog的某篇文章被评论或引用，可以通知blog原作者
5 用户可将blog加入到自己的收藏
6 利用pseudocron自动更新

该版本主要修正URL连接错误和模块复制问题

用户指南：
需要最新版"Frameworks"
下载Frameworks解压缩后把/Frameworks/上传到 XOOPS跟目录下
http://xoops.org.cn/modules/wfdownloa ... glefile.php?cid=8&lid=499

planet 是一个完善的XML feed抓取、显示、存档的管理模块

功能：
可以通过各Blog网站提供的RSS/ATOM定制显示自己喜欢的blog获新闻
1 将文章保存到本地数据库并可以编辑
2 blog可在本地多分类
3 用户可对文章/blog进行评论、投票、定级
4 如果某个blog或blog的某篇文章被评论或引用，可以通知blog原作者
5 用户可将blog加入到自己的收藏
6 利用pseudocron自动更新


"planet" is a comprehensive php version of XML feed planet that handles XML feed fetch, parse, display and achive for XOOPS, or:
"a flexible feed aggregator. It downloads news feeds published by web sites and aggregates their content together into a single combined feed, latest news first."

planet 是一个完善的XML feed抓取、显示、存档的管理模块

功能：
可以通过各Blog网站提供的RSS/ATOM定制显示自己喜欢的blog获新闻
1 将文章保存到本地数据库并可以编辑
2 blog可在本地多分类
3 用户可对文章/blog进行评论、投票、定级
4 如果某个blog或blog的某篇文章被评论或引用，可以通知blog原作者
5 用户可将blog加入到自己的收藏
6 利用pseudocron自动更新

此模組可以保護的攻擊類型如下：
- DoS
- Bad Crawlers (like bots collecting e-mails...)
- SQL Injection
- XSS (Just only a little kind of ...)
- System globals pollution
- Session hi-jacking
- Null-bytes
- Wrong file path specifications
- Some kind of CSRF (fatal in XOOPS <= 2.0.9.2)
- Brute Force Attack (暴力密碼破解防護)

= 使用方式 =
當新使用者請依照一般模組的安裝方式來安裝即可。(安裝完必須做下述mainfile.php編輯)
當您安裝完此模組後，編輯您的 mainfile.php 接近尾部的內容如下：

define('XOOPS_GROUP_ADMIN', '1');
define('XOOPS_GROUP_USERS', '2');
define('XOOPS_GROUP_ANONYMOUS', '3');

include( XOOPS_ROOT_PATH . '/modules/protector/include/precheck.inc.php' ) ;

if (!isset($xoopsOption['nocommon'])&& XOOPS_ROOT_PATH != ' ) {
include XOOPS_ROOT_PATH."/include/common.php";
}
include( XOOPS_ROOT_PATH . '/modules/protector/include/postcheck.inc.php' ) ;

也就是在『 if (!isset($xoopsOption['nocommon'])) {』 的前後各插入一段防護偵測，如此可做到雙重防護。
請特別注意，上下兩行加入的紅字是不同的，最近時常看見有網友發問自己為何總是安裝失敗，大多數原因皆是不仔細詳看這段內容導致！
至於『&& XOOPS_ROOT_PATH !=』部份，因版本之不同而異，若是和您的設定不同不用介意。
假如您需要『擋IP』（IP Ban） 的功能，開啟系統管理介面的『系統 -> 偏好設定 -> 一般設定 ->啟用擋 IP 功能』。
當您啟動『擋IP』的時候，您必須檢查是否您自己的 IP 有包含在『輸入要擋掉的 IP 網址』中。
請務必設置救援密碼，以免管理者IP被不知名原因記錄到禁止IP列而無法進入網站。

= 升級方式 =
由舊版本升級者，請將所有檔案覆蓋後到模組管理區內執行更新模組。
但因版本或是上傳軟體、方式之不同，有可能造成檔案上傳覆蓋後無法進入管理區的問題發生，如果發生這樣問題時請暫時先將上述的mainfile.php修改部份暫時還原或註解，進入管理區更新完模組之後記得恢復mainfile.php內的設定。

php中文手册

刚在总站下载的，我简单看了一下，语言包跟xoopspoll差不多。直接copy了一个语言包到poll里面打包，提供给大家下载了，没有测试过的。