xmb bridge - no admin xmb bridge - no admin
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

xmb bridge - no admin

Started by Rhexis, January 25, 2006, 11:21:48 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Rhexis

I have the following issue when trying to bridge coppermine and XMB:
After reading that some bridging issues were fixed in 1.4.3 I upgraded. All work normally on standalone mode. Now, the problem appears to be that admin privs arent being carried over. Logging in, profiles redirecting to xmb and posting images in user galleries works. The only thing that doesnt is that admins cant access the cpg admin functions. And I think something may be up with my cookies. Registered a test account, and it keeps saying that Im still logged in as Rhexis at cpg.

Coppermine install: http://areteweyrs.eviath.com/coppermine/
Forum install: http://areteweyrs.eviath.com/forum/
Coppermine version: cpg 1.4.3
Forum version: XMB 1.9.1
Test user account: Test / testing

BridgeManager settings:
Forum URL:  http://areteweyrs.eviath.com/forum
Relative path to your BBS's config file:  ../forum/ 
Use post-based groups?:  1 (tried both yes and no)

Xmb has a few small tweaks, but they're cosmectic only. Nothing that should mess with coppermine. Any help is appriciated.

Nibbler

Does the original admin account of xmb that is setup during installation work ?

Rhexis

Just went and disabled the bridge, relogged in as the original admin account and reenabled the bridge. Same result. If I try to go to an admin page (ie admin.php) I get a 'You don't have permission to access this page.' message.

Well. This is better than 1.4.1 anywho..that wouldnt even let me login. x3

edit- Would upgrading xmb to 1.9.3 be recommended? I havent solely because 1.9.1 is fine for my small forum, but if it'd help with cpg Ill get going on it.

Nibbler

I have 1.9.3 installed locally for bridge testing and all is working fine. Anyone that is in the admin or super admin groups are being recognised as coppermine admin.

Rhexis

Right then. Ill get back to you on if that solves my problem or not. Thanks a bunch.

Rhexis

Upgrade of xmb went well. Lost my only actual hack (rss feed), but thats easily reinstalled.

Alas, doesnt seemed to have fixed the bridging issue. Should I turn debug mode on and post what I get when I go to some page like admin.php?

Nibbler

Please post the debug output while logged in as admin, the page is not important.

Rhexis

USER:
------------------
Array
(
    [ID] => 05702f84320562aafd088f5e4d3c8555
    [am] => 1
    [lang] => english
    [liv] => Array
        (
            [0] => 1
            [1] => 2
        )

)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 1
    [user_name] => Admin
    [groups] => Array
        (
            [0] => 2
        )

    [disk_max] => 1024
    [disk_min] => 1024
    [can_rate_pictures] => 1
    [can_send_ecards] => 1
    [ufc_max] => 3
    [ufc_min] => 3
    [custom_user_upload] => 0
    [num_file_upload] => 5
    [num_URI_upload] => 3
    [can_post_comments] => 1
    [can_upload_pictures] => 1
    [can_create_albums] => 1
    [has_admin_access] => 0
    [pub_upl_need_approval] => 1
    [priv_upl_need_approval] => 0
    [group_name] => Registered
    [upload_form_config] => 3
    [group_quota] => 1024
    [can_see_all_albums] => 0
    [group_id] => 2
)

==========================
Queries:
------------------
Array
(
    [0] => SELECT extension, mime, content, player FROM cpg143_filetypes; (0.001s)
    [1] => select * from cpg143_plugins order by priority asc; (0.002s)
    [2] => SELECT * FROM cpg143_bridge (0s)
    [3] => SELECT uid AS user_id FROM `eviathc_xmb2`.xmb_members WHERE username  = 'Admin' (0s)
    [4] => SELECT u.uid AS id, u.username AS username, u.password AS password, u.status+100 AS group_id FROM `eviathc_xmb2`.xmb_members AS u INNER JOIN `eviathc_xmb2`.xmb_ranks AS g ON u.status=g.title WHERE u.uid='1' (0s)
    [5] => SELECT id FROM `eviathc_xmb2`.xmb_ranks, `eviathc_xmb2`.xmb_members WHERE status = title AND uid='1' (0s)
    [6] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg143_usergroups WHERE group_id in (2) (0s)
    [7] => SELECT group_name FROM  cpg143_usergroups WHERE group_id= 2 (0s)
    [8] => SELECT user_favpics FROM cpg143_favpics WHERE user_id = 1 (0s)
    [9] => DELETE FROM cpg143_banned WHERE expiry < '2006-01-26 16:34:33' (0s)
    [10] => SELECT * FROM cpg143_banned WHERE (ip_addr='62.252.64.33' OR ip_addr='86.16.44.230' OR user_id=1) AND brute_force=0 (0s)
    [11] => SELECT aid FROM cpg143_albums WHERE visibility != '0' AND visibility !='10001' AND visibility NOT IN (2) (0s)
    [12] => SELECT aid FROM cpg143_albums (0s)
    [13] => SELECT cid, name, description, thumb FROM cpg143_categories WHERE parent = ''  ORDER BY pos (0s)
    [14] => SELECT aid FROM cpg143_albums as a WHERE category>=10000 (0s)
    [15] => SELECT count(*) FROM cpg143_pictures as p, cpg143_albums as a WHERE p.aid = a.aid AND category >= 10000 (0s)
    [16] => SELECT cid, name, description, thumb FROM cpg143_categories WHERE parent = '1'  ORDER BY pos (0s)
    [17] => SELECT aid FROM cpg143_albums as a WHERE category = '0' (0s)
    [18] => SELECT count(*) FROM cpg143_albums as a WHERE 1 (0s)
    [19] => SELECT count(*) FROM cpg143_pictures as p LEFT JOIN cpg143_albums as a ON a.aid=p.aid WHERE 1 (0s)
    [20] => SELECT count(*) FROM cpg143_comments as c LEFT JOIN cpg143_pictures as p ON c.pid=p.pid LEFT JOIN cpg143_albums as a ON a.aid=p.aid WHERE 1 (0s)
    [21] => SELECT count(*) FROM cpg143_categories WHERE 1 (0s)
    [22] => SELECT sum(hits) FROM cpg143_pictures as p LEFT JOIN cpg143_albums as a ON p.aid=a.aid WHERE 1 (0s)
    [23] => SELECT COUNT(*) FROM cpg143_pictures WHERE approved = 'NO' (0s)
    [24] => SELECT count(*) FROM cpg143_albums as a WHERE category = '0' (0s)
    [25] => SELECT a.aid, a.title, a.description, category, visibility, filepath, filename, url_prefix, pwidth, pheight FROM cpg143_albums as a LEFT JOIN cpg143_pictures as p ON a.thumb=p.pid WHERE category=0 ORDER BY a.pos LIMIT 0,1 (0s)
    [26] => SELECT a.aid, count( p.pid )  AS pic_count, max( p.pid )  AS last_pid, max( p.ctime )  AS last_upload, a.keyword FROM cpg143_albums AS a  LEFT JOIN cpg143_pictures AS p ON a.aid = p.aid AND p.approved =  'YES' WHERE a.aid IN (1)GROUP BY a.aid (0s)
    [27] => SELECT filepath, filename, url_prefix, pwidth, pheight FROM cpg143_pictures WHERE pid='1' (0s)
    [28] => SELECT COUNT(*) from cpg143_pictures WHERE approved = 'YES' AND aid IN (1,2)  (0s)
    [29] => SELECT * FROM cpg143_pictures WHERE approved = 'YES' AND aid IN (1,2)  ORDER BY RAND() LIMIT 8 (0.001s)
    [30] => SELECT COUNT(*) from cpg143_pictures WHERE approved = 'YES' AND aid IN (1,2)  (0.001s)
    [31] => SELECT * FROM cpg143_pictures WHERE approved = 'YES' AND aid IN (1,2)  ORDER BY pid DESC  LIMIT 0 ,8 (0s)
)

==========================
GET :
------------------
Array
(
)

==========================
POST :
------------------
Array
(
)

==========================
Page generated in 0.101 seconds - 32 queries in 0.005 seconds - Album set : ; Meta set: AND aid IN (1,2) ;

Nibbler

Please run this query in phpmyadmin or xmb's 'Insert Raw SQL' tool and tell me what it says

SELECT id FROM xmb_ranks, xmb_members WHERE status = title AND uid='1'

Rhexis

Inserted raw sql via xmb got this:

QuoteQuery Results: SELECT id FROM xmb_ranks, xmb_members WHERE status = title AND uid='1' 
id
17


Query successful!


Nibbler

Interesting, have you added groups/ranks into the forum?

You can adjust the groups that have admin rights in the bridge (bridge/xmb.inc.php) file here:

$this->admingroups = array(8,9);

For example to have only your group as admin, change it to

$this->admingroups = array(17);

Rhexis

That did the trick. How random, seeing as Ive never really messed with the ranks aside from renaming them. Then, Ive had this forum for a while now..so Im not surprised by any quirks. Id guess maybe something leftover from 1.6 (but then Im not that knowledgable on such things).

Thanks forall the help. :3

Rhexis

I hate to revive something so nicely stamped as solved...but now Im having login issues. Making a new topic seemed pointless, but if you'd prefer Ill do so.

I made the mistake of relogging in as Rhexis to be sure admin privs carried over (and was going to log into the test account to be sure they werent carried over to regular members). And now Im just a guest. Login redirects to xmb fine, but once logged in and going back to the gallery..its just a guest. Cookie problem maybe? There was a post on cpg/xmb on xmb forums with similar login issues, but the cookie fix there didnt do anything for me.

Nibbler

Your cookie path is set to /forum/ so the cookies cannot be read by coppermine. You need to apply a path fix


Cookie fix (if your board is not installed to site root):

functions.php,

find put_cookie function definition (c. line 1414) and add

$path = '/';

just inside the top of the function

Rhexis

Thank you (again)! If that would have come up in a search, sorry for not doing so beforehand. When I searched for xmb earlier very little came up.

x3