Drupal 4.7.x

Hello everybody,

I have a strange problem here:
Last December I've set up a page with Drupal 4.7.3 which worked pretty well.
There's still not much content in it, tho. Never had the time.

Now I finally found the time to put some content in there and logged in with the user "admin".
So far everything worked. But when I want to add content or go to the management section, I get the errors that I do not have permission to add content or that I'm not allowed to access the section.

hi,
Is there a standard css for drupal, I mean drupan specific classes and ids?

This may sound like quite an extra ordinary question however if i suspect that a previous drupal who is incidentally a core developer is altering and getting into my site when ever they want is there anything I can do about it?

This brings me to the question of how secure the site is from people who know the Drupal system inside out.

Can they pretty well treat every site as their playgroup.

I know there are questions of web site security, i mean i know that it is possible that people can be reading what i am typing now as i type it.

I have Drupal 4.7.6 installed and I want to create a role that has less permissions than authenticated users, but more than anonymous. I want all authenticated users to have the ability to comment, but I don't want certain authenticated users to not have the comment ability. Any suggestions?

My company is attempting to use Fileshare to host files for clients. However, whenever we create a .zip file and upload it into one of the private folders, if anyone tries to download it it comes up as empty and 0kb, even if Drupal shows it is **MB and it seemed like the correct size while uploading.

If I change the Download Method to Public, everything works perfectly. However, this obviously isn't ideal for clients. I was wondering, though, if there are really security issues with Public files if no one besides the client and us have the specific URL to download it.

I'm using BB2 ( badbehavior2 ). Today I had the following in the log files:

403 Request contained a malicious JavaScript or SQL injection attack 2007-11-14 18:09:40 72.14.193.1 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; IEMB3; IEMB3)

The code used:
/node/4124#comment-477

Headers:
GET /node/4124#comment-477 HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Encoding: gzip Accept-Language: en-us Cookie: PHPSESSID=554c98325f86ae95927204be27b834bc; bb2_screener_=1195063773+72.14.193.1+86.106.50.55 Host: www.mysite.com Referer: http://www.mysite.com/node/4124 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; IEMB3; IEMB3) X-Forwarded-For: 86.106.50.55 X-moz: prefetch

IP Whois = 72.14.193.1 - - [20/May/2007:12:38:06 +0200] "GET /images/cs.gif HTTP/1.1" 200 546 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Google Wireless Transcoder;)"

IP Whois = 86.106.32.0/19 inetnum: 86.106.32.0 - 86.106.63.255
netname: SC-UPC-ROMANIA-SA
descr: SC UPC Romania SA
descr: str. Herastrau 17
descr: Bucuresti 1
country: ro
admin-c: AH1598-RIPE
tech-c: MA190-RIPE
status: ASSIGNED PA
remarks: Registered trough http://www.jump.ro/ip.html