no more admin acces no more admin acces
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

no more admin acces

Started by polkipa, October 16, 2005, 06:05:33 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

polkipa

Hi,

Suddenly I don't have admin access anymore
everybody gets this warning: "Warning your browser does not accept script's cookies" and nobody can see the pictures anymore.
I read the forums and changed the aray function in the php.ini and restarted apache as instructed
it didn't help

please advice
Thanks
Paul

kegobeer

Link to your Coppermine gallery, with test user and password.  Provide server details (server OS and version, PHP version, MySQL version) and explain any and all recent upgrades.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

polkipa

#2
Thanks kegobeer

here's the link: http://www.time-smart.org/coppermine/index.php
admin login: ****
pass: ****

All add-on software & php is, to my knowledge, upgraded to latest stable version

Thanks for you help
Paul

Tranz

Lucky for you, logging in doesn't work. Otherwise, someone could mess with your gallery. Don't ever post admin login information in a public board. Please change the password ASAP.

Since you cannot access the config page you will need to view your database using something like phpmyadmin, locate the <prefix>_config table and change debug_mode from 0 to 1.

Then post the error message displayed in the gallery when you go to the login page.

Nibbler

You've set your cookie name to 'Aexis Management Pictures'. You will need to go into your database manually, find the cpg_config table, and change it back to something sensible.

kegobeer

I didn't request a private message.  Don't send one unless requested.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

polkipa

Sorry about the PM, no offense, just wanted to be helpfull and pass delicate infoI have put the system in debug mode and this is waht I get at login:

USER:
------------------
Array
(
    [ID] => 71ba5813a6b3dfba3c4700cfe4615a1a
    [am] => 1
)

==========================
USER DATA:
------------------
Array
(
    [disk_max] => 0
    [disk_min] => 0
    [can_rate_pictures] => 1
    [can_send_ecards] => 0
    [ufc_max] => 0
    [ufc_min] => 0
    [custom_user_upload] => 0
    [num_file_upload] => 5
    [num_URI_upload] => 3
    [can_post_comments] => 0
    [can_upload_pictures] => 0
    [can_create_albums] => 0
    [has_admin_access] => 0
    [pub_upl_need_approval] => 1
    [priv_upl_need_approval] => 1
    [group_name] => Anonymous
    [upload_form_config] => 0
    [group_quota] => 0
    [can_see_all_albums] => 0
    [group_id] => 3
    [groups] => Array
        (
           
  • => 3
            )

    )

    ==========================
    Queries:
    ------------------
    Array
    (
       
  • => SELECT extension, mime, content FROM cpg132_filetypes;
        [1] => SELECT * FROM cpg132_users WHERE user_id='0'AND user_active = 'YES' AND user_password != '' AND BINARY MD5(user_password) = '*'
        [2] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg132_usergroups WHERE group_id in (3)
        [3] => SELECT group_name FROM  cpg132_usergroups WHERE group_id= 3
        [4] => DELETE FROM cpg132_banned WHERE expiry < 1129527617
        [5] => SELECT * FROM cpg132_banned WHERE ip_addr='213.246.210.4' OR ip_addr='213.246.210.4' OR user_id=0
        [6] => SELECT aid FROM cpg132_albums WHERE visibility != '0' AND visibility !='10000' AND visibility NOT IN (3)
    )

    ==========================
    GET :
    ------------------
    Array
    (
        [referer] => /coppermine/index.php?cat=5
    )

    ==========================
    POST :
    ------------------
    Array
    (
    )

    ==========================
    Page generated in 0.076 seconds - 7 queries in 0.003 seconds - Album set : AND aid NOT IN (11,12,13,14)

    after login I get this

    USER:
    ------------------
    Array
    (
        [ID] => c950521c454b09472b26b900a9534d77
        [am] => 1
    )

    ==========================
    USER DATA:
    ------------------
    Array
    (
        [disk_max] => 0
        [disk_min] => 0
        [can_rate_pictures] => 1
        [can_send_ecards] => 0
        [ufc_max] => 0
        [ufc_min] => 0
        [custom_user_upload] => 0
        [num_file_upload] => 5
        [num_URI_upload] => 3
        [can_post_comments] => 0
        [can_upload_pictures] => 0
        [can_create_albums] => 0
        [has_admin_access] => 0
        [pub_upl_need_approval] => 1
        [priv_upl_need_approval] => 1
        [group_name] => Anonymous
        [upload_form_config] => 0
        [group_quota] => 0
        [can_see_all_albums] => 0
        [group_id] => 3
        [groups] => Array
            (
               
  • => 3
            )

    )

    ==========================
    Queries:
    ------------------
    Array
    (
       
  • => SELECT extension, mime, content FROM cpg132_filetypes;
        [1] => SELECT * FROM cpg132_users WHERE user_id='0'AND user_active = 'YES' AND user_password != '' AND BINARY MD5(user_password) = '*'
        [2] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg132_usergroups WHERE group_id in (3)
        [3] => SELECT group_name FROM  cpg132_usergroups WHERE group_id= 3
        [4] => DELETE FROM cpg132_banned WHERE expiry < 1129527813
        [5] => SELECT * FROM cpg132_banned WHERE ip_addr='213.246.210.4' OR ip_addr='213.246.210.4' OR user_id=0
        [6] => SELECT aid FROM cpg132_albums WHERE visibility != '0' AND visibility !='10000' AND visibility NOT IN (3)
        [7] => SELECT name, parent FROM cpg132_categories WHERE cid = '5'
        [8] => SELECT cid, name, description, thumb FROM cpg132_categories WHERE parent = '5'  ORDER BY pos
        [9] => SELECT aid FROM cpg132_albums as a WHERE category = '5'
        [10] => SELECT count(*) FROM cpg132_albums as a WHERE category = '5'
        [11] => SELECT a.aid, a.title, a.description, visibility, filepath, filename, url_prefix, pwidth, pheight FROM cpg132_albums as a LEFT JOIN cpg132_pictures as p ON a.thumb=p.pid WHERE category=5 ORDER BY a.pos LIMIT 0,4
        [12] => SELECT aid, count(pid) as pic_count, max(pid) as last_pid, max(ctime) as last_upload FROM cpg132_pictures WHERE aid IN (11, 12, 13, 14) AND approved = 'YES' GROUP BY aid
        [13] => SELECT COUNT(*) from cpg132_pictures WHERE approved = 'YES' AND aid NOT IN (11,12,13,14) AND aid IN (11,12,13,14)
        [14] => SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, aid FROM cpg132_pictures WHERE approved = 'YES' AND aid NOT IN (11,12,13,14) AND aid IN (11,12,13,14)  ORDER BY RAND() LIMIT 8
        [15] => SELECT COUNT(*) from cpg132_pictures WHERE approved = 'YES' AND aid NOT IN (11,12,13,14) AND aid IN (11,12,13,14)
        [16] => SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid,title, caption, owner_id, owner_name, aid FROM cpg132_pictures WHERE approved = 'YES' AND aid NOT IN (11,12,13,14) AND aid IN (11,12,13,14)  ORDER BY pid DESC  LIMIT 0 ,8
    )

    ==========================
    GET :
    ------------------
    Array
    (
        [cat] => 5
    )

    ==========================
    POST :
    ------------------
    Array
    (
    )

    ==========================
    Page generated in 0.106 seconds - 17 queries in 0.017 seconds - Album set : AND aid NOT IN (11,12,13,14) AND aid IN (11,12,13,14)

    What strikes me is that "has admin access" is zero and checking the user data with phpadmin it's clearly 1


Joachim Müller


polkipa

Problem solved

The cookiename cannot contain spaces!

Thanks all for your help
cya
Paul

Joachim Müller