Comment admin panel errors.

Topics: ASP.NET 2.0
Feb 6, 2010 at 12:49 PM

Hi guys,

I think there are some problems with the new Comment Admin panel. I tried to approve an old comment marked as spam comment, after I had change something, but pressing Allow on the top doesn't move it into the inbox (so I presume it's still marked as spam). For another old comment, I just removed URL that is spammy and pressed to approve, and in this case I got the error.aspx page loaded into the small pop-up windows with the following details.

Can you please have a look into it?

Ooops! An unexpected error has occurred.

This one's down to me! Please accept my apologies for this - I'll see to it that the developer responsible for this happening is given 20 lashes (but only after he or she has fixed this problem).

Error Details:

Url : http://blog.teammatelabs.com/admin/Comments/Editor.aspx?id=bbe80ec3-ec86-4818-a383-e4c56fb02931

Raw Url : /admin/Comments/Editor.aspx?id=bbe80ec3-ec86-4818-a383-e4c56fb02931

Message : A potentially dangerous Request.Form value was detected from the client (txtArea="...hotmail giá creato per ri...").

Source : System.Web

StackTrace : at System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName)

at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName)

at System.Web.HttpRequest.get_Form()

at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)

at System.Web.UI.Page.DeterminePostBackMode()

at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

at System.Web.UI.Page.ProcessRequest()

at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)

at System.Web.UI.Page.ProcessRequest(HttpContext context)

at ASP.admin_comments_editor_aspx.ProcessRequest(HttpContext context)

at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

TargetSite : Void ValidateString(System.String, System.String, System.String)

Coordinator
Feb 6, 2010 at 5:28 PM

In the folder Admin\Comments is a file named Editor.aspx.  The top line looks like this:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Editor.aspx.cs" Inherits="admin_Comments_Editor" %>

Try adding ValidateRequest="false", so it looks like:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Editor.aspx.cs" Inherits="admin_Comments_Editor" ValidateRequest="false" %>

Feb 15, 2010 at 6:05 PM

Hi Ben, 

the problem continue to persist even if I add the suggested parameter. Any other idea?

Today I got 37 spam comment approved as a white rule? Any idea also for that?

Thanks

 

Coordinator
Feb 16, 2010 at 12:20 AM

Are you using .NET 4.0 by chance?  Someone else was using that and ValidateRequest didn't work for them.

I'm on IIS7.5 with .NET 3.5.  I was able to get the same error you did when editing a comment ... if there was HTML markup in the 'edit comment' window.  But when I added the ValidateRequest="false" part, that eliminated the error.  So the only thing I can think of now is that you're making on .NET 4.0 (long shot, but you never know).

Do you have automated spam moderation turned on?  Are you using Akismet and/or StopForumSpam?  If so, what types of stats are you seeing in the Custom Filters area at the bottom of the Configuration page?  Stats meaning the Checked, Approved, Spam, Mistakes, Accuracy columns.

Feb 16, 2010 at 6:52 AM
No Ben

I'm on an iis 6 with 3.5. I will have a deep look on the next "undesidered" comment.

Saluti
Andrea Moro

On 16/feb/2010, at 01.20, "BenAmada" <notifications@codeplex.com> wrote:

From: BenAmada

Are you using .NET 4.0 by chance? Someone else was using that and ValidateRequest didn't work for them.

I'm on IIS7.5 with .NET 3.5. I was able to get the same error you did when editing a comment ... if there was HTML markup in the 'edit comment' window. But when I added the ValidateRequest="false" part, that eliminated the error. So the only thing I can think of now is that you're making on .NET 4.0 (long shot, but you never know).

Do you have automated spam moderation turned on? Are you using Akismet and/or StopForumSpam? If so, what types of stats are you seeing in the Custom Filters area at the bottom of the Configuration page? Stats meaning the Checked, Approved, Spam, Mistakes, Accuracy columns.

Feb 16, 2010 at 6:55 AM
Sorry, about the spam settings. Yes auto approve is on and stat show only one comment revealed as spam.
Akismet filter has priority 1 and internal filter as 2.
I swapped them to see if more spam will be recognized.

Saluti
Andrea Moro

On 16/feb/2010, at 01.20, "BenAmada" <notifications@codeplex.com> wrote:

From: BenAmada

Are you using .NET 4.0 by chance? Someone else was using that and ValidateRequest didn't work for them.

I'm on IIS7.5 with .NET 3.5. I was able to get the same error you did when editing a comment ... if there was HTML markup in the 'edit comment' window. But when I added the ValidateRequest="false" part, that eliminated the error. So the only thing I can think of now is that you're making on .NET 4.0 (long shot, but you never know).

Do you have automated spam moderation turned on? Are you using Akismet and/or StopForumSpam? If so, what types of stats are you seeing in the Custom Filters area at the bottom of the Configuration page? Stats meaning the Checked, Approved, Spam, Mistakes, Accuracy columns.