Security Eror (Error #2049) Security Eror (Error #2049)
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Security Eror (Error #2049)

Started by kfeger, September 30, 2010, 04:17:28 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

kfeger

Greetings from Germany!
I have a problem with Flash-Uploads. My gallery works otherwise just fine and (at least I believe) I have read the documentation.
When I try any number of uploads, I get a security error, which translates to Error #2049 in the debug output. I have know idea how to proceed.

Here's the data:
http://otto-dialin.dyndns.org
user: tester
password: tester

Following the debung output:
***********************************************
USER:
------------------
Array
(
   [ID] => 4b882f193dd16d0035e8a20a9b61f472
   [lang] => german
   [liv_a] => Array
       (
           [0] => 1
           [1] => 3
           [2] => 2
       )

   [upload_method] => swfupload
   [liv] => Array
       (
           [0] => 7
       )

   [am] => 1
)

==========================
USER DATA:
------------------
Array
(
   [user_id] => 2
   [user_name] => tester
   [groups] => Array
       (
           [0] => 2
       )

   [disk_max] => 1024
   [disk_min] => 1024
   [can_rate_pictures] => 1
   [can_send_ecards] => 1
   [can_post_comments] => 1
   [can_upload_pictures] => 1
   [can_create_albums] => 1
   [has_admin_access] => 0
   [access_level] => 3
   [pub_upl_need_approval] => 1
   [priv_upl_need_approval] => 0
   [group_name] => Registered
   [group_quota] => 1024
   [can_see_all_albums] => 0
   [group_id] => 2
   [allowed_albums] => Array
       (
       )

)

==========================
Queries:
------------------
Array
(
   [0] => SELECT name, value FROM cpgconfig [include/init.inc.php:181] (7 ms)
   [1] => SELECT * FROM cpgplugins ORDER BY priority [include/plugin_api.inc.php:54] (1 ms)
   [2] => SELECT user_id, time FROM `cpg`.cpgsessions WHERE session_id = '35006bf93af0fcf694f0d52eeba948ec' [bridge/coppermine.inc.php:264] (2 ms)
   [3] => SELECT user_id, user_password FROM `cpg`.cpgusers WHERE user_id = 2 [bridge/coppermine.inc.php:276] (2 ms)
   [4] => SELECT u.user_id AS id, u.user_name AS username, user_password AS password, u.user_group AS group_id FROM `cpg`.cpgusers AS u LEFT JOIN `cpg`.cpgusergroups AS g ON u.user_group=g.group_id WHERE u.user_id='2' [bridge/udb_base.inc.php:70] (2 ms)
   [5] => SELECT user_group_list FROM `cpg`.cpgusers AS u WHERE user_id='2' AND user_group_list <> '' [bridge/coppermine.inc.php:202] (2 ms)
   [6] => SELECT MAX(group_quota) AS disk_max, MIN(group_quota) AS disk_min, MAX(can_rate_pictures) AS can_rate_pictures, MAX(can_send_ecards) AS can_send_ecards, MAX(can_post_comments) AS can_post_comments, MAX(can_upload_pictures) AS can_upload_pictures, MAX(can_create_albums) AS can_create_albums, MAX(has_admin_access) AS has_admin_access, MAX(access_level) AS access_level, MIN(pub_upl_need_approval) AS pub_upl_need_approval, MIN( priv_upl_need_approval) AS  priv_upl_need_approval FROM cpgusergroups WHERE group_id in (2) [bridge/udb_base.inc.php:321] (3 ms)
   [7] => SELECT group_name FROM  cpgusergroups WHERE group_id= 2 [bridge/udb_base.inc.php:325] (2 ms)
   [8] => SELECT aid FROM cpgalbums WHERE moderator_group IN (2) [include/init.inc.php:271] (2 ms)
   [9] => SELECT lang_id FROM cpglanguages WHERE enabled='YES' [include/init.inc.php:329] (3 ms)
   [10] => SELECT user_favpics FROM cpgfavpics WHERE user_id = 2 [include/init.inc.php:387] (1 ms)
   [11] => DELETE FROM cpgbanned WHERE expiry < '2010-09-30 16:04:27' [include/init.inc.php:443] (2 ms)
   [12] => SELECT null FROM cpgbanned WHERE (user_id=2 OR '79.241.219.94' LIKE ip_addr ) AND brute_force=0 LIMIT 1 [include/init.inc.php:459] (2 ms)
   [13] => SELECT aid FROM cpgalbums WHERE (1  AND visibility != 0 AND visibility != 10002 AND visibility NOT IN (2)) [include/functions.inc.php:967] (2 ms)
   [14] => SELECT aid, title, cid, name FROM cpgalbums INNER JOIN cpgcategories ON cid = category WHERE category < 10000 AND ((uploads='YES' AND (visibility = '0' OR visibility IN (2) OR alb_password != '')) OR (owner=2)) [upload.php:575] (3 ms)
   [15] => SELECT aid, title FROM cpgalbums WHERE category = 0 AND ((uploads='YES' AND (visibility = '0' OR visibility IN (2) OR alb_password != '')) OR (owner=2)) [upload.php:577] (3 ms)
   [16] => SELECT aid, title FROM cpgalbums WHERE category='10002' ORDER BY title [upload.php:599] (2 ms)
   [17] => SELECT user_id AS user_id, user_password AS pass_hash FROM `cpg`.cpgusers WHERE user_id = '2' [bridge/udb_base.inc.php:730] (2 ms)
   [18] => SELECT cid, parent, name FROM cpgcategories WHERE 1 [upload.php:247] (2 ms)
)

==========================
GET :
------------------
Array
(
)

==========================
POST :
------------------
Array
(
)

==========================
COOKIE :
------------------
Array
(
   [b1c71d983f5a46013ac2aa29d72c2610] => 0b77e801d239d922e686a9f8e534e93c
   [PHPSESSID] => likqvquboq6ccsad6eltrobo03
   [cpg15x_data] => YTo2OntzOjI6IklEIjtzOjMyOiI0Yjg4MmYxOTNkZDE2ZDAwMzVlOGEyMGE5YjYxZjQ3MiI7czo0OiJsYW5nIjtzOjY6Imdlcm1hbiI7czo1OiJsaXZfYSI7YTozOntpOjA7aToxO2k6MTtpOjM7aToyO2k6Mjt9czoxMzoidXBsb2FkX21ldGhvZCI7czo5OiJzd2Z1cGxvYWQiO3M6MzoibGl2IjthOjE6e2k6MDtzOjE6IjciO31zOjI6ImFtIjtpOjE7fQ==
   [7ac4eaaf1c320cf45461be7b16dea2b7] => ebe33566d135581361978896476bb780
)

==========================
SESSION :
------------------
Array
(
   [php_captcha] => 4422ee706c56c3cec25f0b3a2e73d46e
)

==========================
               ---SWFUpload Instance Info--- Version: 2.2.0 2009-03-25 Movie Name: SWFUpload_0 Settings: upload_url: //cpg/upload.php flash_url: js/swfupload/swfupload.swf?preventswfcaching=1285855474921 use_query_string: false requeue_on_error: false http_success: assume_success_timeout: 0 file_post_name: Filedata post_params: [object Object] file_types: *.* file_types_description: Alle Dateien file_size_limit: 8000 KB file_upload_limit: 0 file_queue_limit: 0 debug: true prevent_swf_caching: true button_placeholder_id: browse_button_place_holder button_placeholder: Not Set button_image_url: //cpg/images/browse_swf.png button_width: 130 button_height: 20 button_text: Durchsuchen... button_text_style: color: #000000; font-size: 16pt; button_text_top_padding: 0 button_text_left_padding: 30 button_action: -110 button_disabled: true custom_settings: [object Object] Event Handlers: swfupload_loaded_handler assigned: true file_dialog_start_handler assigned: false file_queued_handler assigned: true file_queue_error_handler assigned: true upload_start_handler assigned: true upload_progress_handler assigned: true upload_error_handler assigned: true upload_success_handler assigned: true upload_complete_handler assigned: true debug_handler assigned: true SWFUpload.SWFObject Plugin settings: minimum_flash_version: 9.0.28 swfupload_load_failed_handler assigned: true SWF DEBUG: SWFUpload Init Complete SWF DEBUG: SWF DEBUG: ----- SWF DEBUG OUTPUT ---- SWF DEBUG: Build Number: SWFUPLOAD 2.2.0 SWF DEBUG: movieName: SWFUpload_0 SWF DEBUG: Upload URL: //cpg/upload.php SWF DEBUG: File Types String: *.* SWF DEBUG: Parsed File Types: SWF DEBUG: HTTP Success: 0 SWF DEBUG: File Types Description: Alle Dateien (*.*) SWF DEBUG: File Size Limit: 8192000 bytes SWF DEBUG: File Upload Limit: 0 SWF DEBUG: File Queue Limit: 0 SWF DEBUG: Post Params: SWF DEBUG: process=1 SWF DEBUG: user=YToyOntzOjc6InVzZXJfaWQiO3M6MToiMiI7czo5OiJwYXNzX2hhc2giO3M6MzI6ImY1ZDEyNzhlODEwOWVkZDk0ZTFlNDE5N2UwNDg3M2I5Ijt9 SWF DEBUG: ----- END SWF DEBUG OUTPUT ---- SWF DEBUG: Removing Flash functions hooks (this should only run in IE and should prevent memory leaks) SWF DEBUG: Event: fileDialogStart : Browsing files. Multi Select. Allowed file types: *.* SWF DEBUG: Select Handler: Received the files selected from the dialog. Processing the file list... SWF DEBUG: Event: fileQueued : File ID: SWFUpload_0_0 SWF DEBUG: Event: fileDialogComplete : Finished processing selected files. Files selected: 1. Files Queued: 1 SWF DEBUG: StartUpload: First file in queue SWF DEBUG: Event: uploadStart : File ID: SWFUpload_0_0 SWF DEBUG: Global Post Item: album=1 SWF DEBUG: Global Post Item: process=1 SWF DEBUG: Global Post Item: user=YToyOntzOjc6InVzZXJfaWQiO3M6MToiMiI7czo5OiJwYXNzX2hhc2giO3M6MzI6ImY1ZDEyNzhlODEwOWVkZDk0ZTFlNDE5N2UwNDg3M2I5Ijt9 SWF DEBUG: ReturnUploadStart(): File accepted by startUpload event and readied for upload. Starting upload to //cpg/upload.php for File ID: SWFUpload_0_0 SWF DEBUG: Event: uploadError : Security Error : File Number: SWFUpload_0_0. Error text: Error #2049 SWF DEBUG: Event: uploadComplete : Upload cycle complete. Error Code: Security Error, File name: IMG_0044.JPG, Message: Error #2049

Jeff Bailey

Thinking is the hardest work there is, which is probably the reason why so few engage in it. - Henry Ford

Αndré

Works for me, too: http://otto-dialin.dyndns.org/cpg/displayimage.php?pid=48

OT: every time I see Hatschepsut's temple I have to think of Serious Sam - The First Encounter :)

kfeger

Could it be, that there is a problem when I'm in the same network as the gallery?
otto-dialin.dyndns.org is a dyndns-domain with a changing IP-adress and the server runs in my local network.
BTW: When I put the files on the server into my /albums/uploads dir, there is no problem.

Αndré

Quote from: kfeger on September 30, 2010, 07:56:04 PM
Could it be, that there is a problem when I'm in the same network as the gallery?
I don't think so. It works on my testbed, where server & client is the same machine. I assume your browser or/and your flash player causes the issue. Please try to use another browser and/or update your flash player.