21
ghia
Re: Can't access admin ?
  • 2010/2/16 10:36

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Looks much better.
It is not a question of accessing the site with an URL with or without www?
If the PHP version was changed, could you reinstate/select PHP 4?
Do you have Protector? Try once to disable it in its preferences.

For the modified php.ini, most servers want this in every script directory. It is in general not inherited to the subdirectories, as access allow/deny does. You can use a .htaccess file to simulate a copy in all directories.

22
peterr
Re: Can't access admin ?
  • 2010/2/16 10:50

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Quote:

ghia wrote:

It is not a question of accessing the site with an URL with or without www?


Even if I login with the 'www', XOOPS logs me in, and the url changes to domain name without the 'www'. I have the dns records setup to accept both.

Quote:

ghia wrote:
If the PHP version was changed, could you reinstate/select PHP 4?


No, I don't have that sort of control over the website. It is a shared server.

Quote:

ghia wrote:
Do you have Protector? Try once to disable it in its preferences.


Yes, I have Protector, but I can't access it, as it appears under admin. I have it installed outside the web root of course.

This may be the database, I don't know ? I thought there was an easy way to check (just compare the sql export data to a previous one), but the format of the sql is quite different, from version to this one.

I have chaecked a few things in the db, like make sure that 'admin/webmaster' has the correct perms here and there. All are set to value of '1'.

Thanks for your help,

Pete

PS It may be 'easier' for me to upgrade to the latest XOOPS, although there are various modules that may have moved on, or changed somewhat.

23
peterr
Re: Can't access admin ?
  • 2010/2/16 10:54

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Quote:

ghia wrote:
For the modified php.ini, most servers want this in every script directory. It is in general not inherited to the subdirectories, as access allow/deny does. You can use a .htaccess file to simulate a copy in all directories.


Yes, if I used php.ini, I would have to have it in every path where a script is executed. I did try modifying it, but the value I changed did not make any difference. That said, I would have to make sure that all the /include paths , etc had the same (modified) php.ini file.

I can't use the 'php flag' in .htaccess. If I could that would be great. From memory, it can't be used for php flags if phpSuexec or something like that is used.

Pete

24
peterr
Re: Can't access admin ?
  • 2010/2/17 10:14

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


It seems session.use_only_cookies makes no difference at all. I have it included in mainfile.php, yet somehow XOOPS doesn't think that I'm logged in, or it does think I'm logged in and won't let me access admin, or set the XOOPS defined cookie name.

I even ran another script, to include mainfile.php, and display phpinfo() , and session.use_only_cookies is definitely getting set on.

Pretty frustrating. If it was a php error, there would be errors in the logs file, but there are none. Very difficult to pinpoint the cause of the problem, with no apparent reasons. :(

Pete

25
ghia
Re: Can't access admin ?
  • 2010/2/17 10:46

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Did you test your test script also from another directory(eg /modules/news/)?
Try also to set
php_value session.use_trans_sid 0

26
peterr
Re: Can't access admin ?
  • 2010/2/17 10:57

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Quote:

ghia wrote:
Did you test your test script also from another directory(eg /modules/news/)?


I will try that, and let you know.

Quote:

ghia wrote:
Try also to set
php_value session.use_trans_sid 0


That value is off as a system wide thing, and phpinfo() says the value is off/zero

If I do this - http://example.com/modules/protector/admin/index.php

I get a msg "only admin can access this area" . That comes from /modules/protector/admin.php (in the 'trust' path), code as follows

// check permission of 'module_admin' of this module
$moduleperm_handler =& xoops_gethandler'groupperm' ) ;
if( ! 
is_object( @$xoopsUser ) || ! $moduleperm_handler->checkRight'module_admin' $xoopsModule->getVar'mid' ) , $xoopsUser->getGroups() ) ) die( 'only admin can access this area' ) ;


which could even just mean that XOOPS, despite the fact that I get a msg saying I'm logged in, may not even think that I'm a 'user' ?

If there was some way to re-install protector, just in case it is protector that is stopping all this.

With a considerable number of attempts on the website, I'm hesitant to remove protector of course, even if just for a brief moment.

Pete

27
peterr
Re: Can't access admin ?
  • 2010/2/17 12:15

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Probably a dumb question, but does XOOPS 2.0.18.1 run on php5.x ?

Another dumb question - How do I set XOOPS to run in debug mode, with no admin ? That is, what field/s in the db need to be tweaked ?

I can deny all IP's, except mine, whilst it is in debug mode.


28
Mamba
Re: Can't access admin ?
  • 2010/2/17 12:43

  • Mamba

  • Moderator

  • Posts: 11394

  • Since: 2004/4/23


Quote:
How do I set XOOPS to run in debug mode, with no admin

See point 4 in this answer

29
peterr
Re: Can't access admin ?
  • 2010/2/18 2:20

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Okay, thanks, I'll give that a try.

30
peterr
Re: Can't access admin ?
  • 2010/2/18 10:32

  • peterr

  • Just can't stay away

  • Posts: 518

  • Since: 2004/8/5 9


Turned on debug mode through the db, and no output ?? Well, I assume this debug is a php debug, and errors always get logged to a file. However, no file, so I assume no php errors.

The setting was definitely 'on' (value of 1) for the config table, for debug.

I notice in the protector table, it always thinks that I'm doing a "brute force" (malicious_actions column says 'BRUTE FORCE: myadminusername'). This is despite the fact that it is a valid username and pwd, and XOOPS does say 'logged in'. Is the password MD5 ?

I even updated to the latest stable protector, ... nope, same problem.

Can I just copy the /install path to the website (for 2.0.18.1), and use the files there to 'update' ?

Pete

Login

Who's Online

229 user(s) are online (22 user(s) are browsing Support Forums)


Members: 0


Guests: 229


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits