Selected user does not exist ! - Before login Selected user does not exist ! - Before login
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Selected user does not exist ! - Before login

Started by Zynx, March 19, 2010, 03:28:09 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Zynx

Hi guys,

I'm new to the forum but used coppermine for a couple of years.

So in about a month ago I just discoverd that all users and groups was gone in the gallery, except the administrators, I searched the forums and found a topic stated that an upgrade was necesar, even if I had not changed a thing in a 6months...

So after the upgrade I still not got any more users (they exist in the database but doesn't show up in coppermine).
The database for the groups is just administrators, registred, guests and banned.

But the intressting thing is that when accessing the gallery i got the "Selected user does not exist ! " even before I log in, and I've locked down the gallery to request a user to see the pictures.

You could find the gallery at: http://galleriet.amiga.tm/

Thanks alot for any answers that help me solve this.

I've searched but didn't find anything that realy point to help me I'm sorry if this is realy covered in another topic.

/Zynx

Joe Carver

Use phpMyAdmin to see if the Groups that the users belong to exist in the db.

See: cpg_users   and    cpg_usergroups. Look at the value of group number.

If the groups do not exist and the users do exist then you could carefully add/edit the Groups back into the db.

Zynx

Hi,

Thx for the fast answer, i just recreated that table from an ooold backup, I hope I have nty added anything more since then...:-)


So now the users and groups are back in the coppermine, but I still got the same error message: Selected user does not exist ! and it even appears after I log in, and I press "Home", "Album List" and so on... The only possible way to browse is select last uploads, last comments, most viewed.

Any ideas and suggestions?
/Tobias

Joe Carver

Look at other settings that might have changed - user + gallery permissions - cookies, etc. Also you should consider/investigate why your db was changed in the first place - was your site hacked?

You could just back up the db you have now and try all of your old db settings too.

Zynx

Alright, i just found the debug option  ;)

it says: Selected user does not exist !

File: /var/www/vhosts/amiga.tm/subdomains/galleriet/httpdocs/bridge/udb_base.inc.php - Line: 398


QuoteUSER:
------------------
Array
(
    [ID] => d254b908cf681c5bf2aeb80c9f8c2ea7
    [am] => 1
    [lang] => english_gb
    [liv] => Array
        (
        )

)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 0
    [user_name] => Guest
    [groups] => Array
        (
           
  • => 3
            )

        [group_quota] => 0
        [can_rate_pictures] => 1
        [can_send_ecards] => 0
        [can_post_comments] => 0
        [can_upload_pictures] => 0
        [can_create_albums] => 0
        [pub_upl_need_approval] => 1
        [priv_upl_need_approval] => 1
        [upload_form_config] => 0
        [num_file_upload] => 5
        [num_URI_upload] => 3
        [custom_user_upload] => 0
        [disk_max] => 0
        [disk_min] => 0
        [ufc_max] => 0
        [ufc_min] => 0
        [has_admin_access] => 0
        [group_name] => Guests
        [can_see_all_albums] => 0
        [group_id] => 3
    )

    ==========================
    Queries:
    ------------------
    Array
    (
       
  • => SELECT extension, mime, content, player FROM cpg14x_filetypes; (0s)
        [1] => select * from cpg14x_plugins order by priority asc; (0s)
        [2] => delete from `galleriet_coppermine`.cpg14x_sessions where time<1269025069 and remember=0; (0s)
        [3] => delete from `galleriet_coppermine`.cpg14x_sessions where time<1267819069; (0s)
        [4] => select user_id from `galleriet_coppermine`.cpg14x_sessions where session_id = '819bc87fef00c3581577868fbbb9aeb4' (0s)
        [5] => select user_id as id, user_password as password from `galleriet_coppermine`.cpg14x_users where user_id=0 (0s)
        [6] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg14x_usergroups WHERE group_id in (3) (0s)
        [7] => SELECT group_name FROM  cpg14x_usergroups WHERE group_id= 3 (0s)
        [8] => update `galleriet_coppermine`.cpg14x_sessions set time='1269028669' where session_id = '819bc87fef00c3581577868fbbb9aeb4' (0s)
        [9] => DELETE FROM cpg14x_banned WHERE expiry < '2010-03-19 20:57:49' (0s)
        [10] => SELECT * FROM cpg14x_banned WHERE (ip_addr='213.66.120.85' OR ip_addr='213.66.120.85' OR user_id=0) AND brute_force=0 (0s)
        [11] => SELECT aid FROM cpg14x_albums WHERE visibility != '0' AND visibility !='10000' AND visibility NOT IN (3) (0s)
        [12] => SELECT *, user_name AS user_name,
                                                                                    user_email AS user_email,
                                                                                    UNIX_TIMESTAMP(user_regdate) AS user_regdate,
                                                                                    '' AS user_location,
                                                                                    '' AS user_website

                                                                                    FROM  `galleriet_coppermine`.cpg14x_users WHERE user_id = '-1' (0s)
    )

    ==========================
    GET :
    ------------------
    Array
    (
    )

    ==========================
    POST :
    ------------------
    Array
    (
    )

    ==========================
    Page generated in 0.15 seconds - 13 queries in 0 seconds - Album set : AND aid NOT IN (1,2,3,4,5,6,7,8,9,10,11,12,13,15,17,18,19,20,21,22) ; Meta set: ;
But what that will mean, I'm not so sure....


(Yeah i look into why the table was emptied the first time, but the problem is I don't know the date :-P..)
So in the meantime I need to just get this working...

phill104

Were you bridged with another app? If yes disable your bridge.

If not then something is trying to call the bridge so again, try disabling the bridge as per the recover from a failed bridging section of the docs.
It is a mistake to think you can solve any major problems just with potatoes.

Zynx

Quote from: Phill Luckhurst on March 19, 2010, 09:26:31 PM
Were you bridged with another app? If yes disable your bridge.

If not then something is trying to call the bridge so again, try disabling the bridge as per the recover from a failed bridging section of the docs.

Hi, I've not been bridge at all, just a stand alone installation.

When running the wizard as you specified, it's not possible to disable all bridges just to specify them again...

So what does this procedure do that returns this error?

Quoteif (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__);

If it doesn't get the number of rows from something then it bails out... ok..

and the line before
Quote$result = cpg_db_query($sql, $this->link_id);

So which tables and rows is actually missing? looks to me that something is not right in the database?


Zynx

Ok, I've just switched to the backup before the upgrade to 1.4.26, and is now running on v1.4.19 but, the database is the same, the only switch is to the other directory.

Viola, it works like a charm... so Something in 1.4.26 is changed quite a bit... and the question is what, that let us get this error...

Zynx

Except that all the groups is gone again....

So either I got groups and nobody could wach a thing or I couldn't get any groups and just the administrators could watch.. ehmm...

Joe Carver

Quote from: Joe Carver on March 19, 2010, 08:44:42 PM
......investigate why your db was changed in the first place - was your site hacked?

If you had waited until recently to upgrade from  1.4.19 to 1.4.26 then your site could have been compromised. Exploits were being used/tried against the older cpg versions long ago.

Why don't you just open and compare the tables? See for yourself what has changed.

Additionally you should read and follow the procedure outlined here:       Yikes, I've been hacked

As far as I know 1.4.19 and later versions do not have any db differences that would not be handled by update.php. If you are now actually running 1.4.19 then your site is again at risk for being compromised.

onthepike

I'm curious: regarding the debug output, in Array 12, I do not have the following queries:

    [12] => SELECT *, user_name AS user_name,
                                                                                user_email AS user_email,
                                                                                UNIX_TIMESTAMP(user_regdate) AS user_regdate,
                                                                                '' AS user_location,
                                                                                '' AS user_website

                                                                                FROM  `galleriet_coppermine`.cpg14x_users WHERE user_id = '-1' (0s)


Especially, the request for "userid = -1". Would this be normal with respect to bridging, and/or some installed plugin? I am not familiar with the group "-1".

Zynx

Quote from: Joe Carver on March 19, 2010, 11:26:36 PM
If you had waited until recently to upgrade from  1.4.19 to 1.4.26 then your site could have been compromised. Exploits were being used/tried against the older cpg versions long ago.

Why don't you just open and compare the tables? See for yourself what has changed.

Additionally you should read and follow the procedure outlined here:       Yikes, I've been hacked

As far as I know 1.4.19 and later versions do not have any db differences that would not be handled by update.php. If you are now actually running 1.4.19 then your site is again at risk for being compromised.


Hi,

This is an update what actually is happening.

1) Running 1.4.19 in some way (hacked?) the usergroups dissapeard. (Gone in the database but users are there)
2) Reading a post about dissaperaing users and groups I upgraded to 1.4.26
3) Groups still gone and now I got the "Selected user does not exist !" Error in several places in the gallery.
4) Adding the groups from a backup into the database, the users and groups show up fine in the gallery, but still the same error message (And the debug output as mentioned above)
5) In just a test I switched back to the 1.4.19 catalog (still same database) and log in.
6) The log in works fine, no error message. But! The usergroups was wiped out from the database!
7) Repeated to add the groups back from a backup.  And viola it works fine in 1.4.19 mode...


So it seams that is two diffrent problems here.

A) Regarding 1.4.19 and it wipes out the usergroups database (What I actually thinks happened in the first place, since no evidence of hacking is found (yeah they could be nice and clear all logs, but no other bogus traffic or rootkit is installed either soo...)
B) Regarding 1.4.26 that gives me the error output, that something is changed in the code between this two versions, "cpg_db_query"?)