21
ghia
Re: Permission Problem in XOOPS 2.3.2b
  • 2009/3/21 11:09

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


In phpMyAdmin, you have now only 1 record in table xoops_groups_users_link for uid 1 (user admin) with groupid 1 (webmasters)?

22
GreenFlatDog
Re: Permission Problem in XOOPS 2.3.2b

Correct. Only one record has uid=1 and groupid=1.

No other record has uid=1 or groupid=1
GFD

23
GreenFlatDog
Re: Permission Problem in XOOPS 2.3.2b

This issue seems to be caused by some, but only some, variables not turning up in the '$_POST' array on a live site, whereas they do on a local setup.

As far as I can see the two setups are almost the same (details in earlier post).

If this is a server setup issue I would value any advice I could pass on to my provider.


Here's some more input to this issue.

Extended Profile module
***********************
Module Admin > permissions (url is now xx../modules/profile/admin/permissions.php)
This gives a big table of check boxes with a submit button. Hit the button and it takes you to:

xx../modules/system/admin/groupperm.php

This takes the posted variables and:
- checks which module you're updating
- checks the user has admin rights

If it likes the module and user it proceeds with the update, shows what it's updating and then returns to the page with the big table.

If it doesn't like the module or user it re-directs to a 'Sorry you don't have permission to access ..' page, which in turn re-directs to the front page.

In my case the local machine (details in earlier post) updates as expected, but on the hosted site it fails because some variables aren't posted.

I trapped the posted variables by adding into xx/modules/system/admin/groupperm.php these two lines at the top of the file:

print_r ($_POST); // shows what variables are posted
exit(); // stops further processing

Then hit submit on the Profile permissions page to see what got posted.

Local machine:
-------------
Array ( [perms] => Array ( [profile_edit] => Array ( [groups] => Array ( [1] => Array ( [1] => 1 [8] => 1 [12] => 1 [20] => 1 [2] => 1 [9] => 1 [13] => 1 [3] => 1 [10] => 1 [14] => 1 [22] => 1 [4] => 1 [11] => 1 [15] => 1 [5] => 1 [16] => 1 [24] => 1 [6] => 1 [17] => 1 [18] => 1 [19] => 1 ) [2] => Array ( [1] => 1 [8] => 1 [12] => 1 [20] => 1 [2] => 1 [9] => 1 [13] => 1 [3] => 1 [10] => 1 [14] => 1 [4] => 1 [11] => 1 [15] => 1 [5] => 1 [16] => 1 [24] => 1 [6] => 1 [17] => 1 [18] => 1 [19] => 1 ) ) [parents] => Array ( [1] => [8] => [12] => [20] => [2] => [9] => [13] => [3] => [10] => [14] => [22] => [4] => [11] => [15] => [5] => [16] => [24] => [6] => [17] => [18] => [19] => )
[itemname] => Array ( [1] => Real Name [8] => ICQ [12] => Allow other users to v... [20] => Website [2] => Location [9] => AIM [13] => Always attach my signa... [3] => Time Zone [10] => YIM [14] => Receive occasional ema... [22] => Rank [4] => Occupation [11] => MSNM [15] => Theme [5] => Interest [16] => Comments Display Mode [24] => Signature [6] => Extra Info [17] => Comments Sort Order [18] => Default Notification Mode [19] => Notification Method Wh... ) ) ) [submit] => Submit [modid] => 20 [redirect_url] => admin/permissions.php )

Hosted site:
------------
Array ( [perms] => Array ( [profile_edit] => Array ( [groups] => Array ( [1] => Array ( [1] => 1 [8] => 1 [12] => 1 [20] => 1 [2] => 1 [9] => 1 [13] => 1 [3] => 1 [10] => 1 [14] => 1 [22] => 1 [4] => 1 [11] => 1 [15] => 1 [5] => 1 [16] => 1 [24] => 1 [6] => 1 [17] => 1 [18] => 1 [19] => 1 ) [2] => Array ( [1] => 1 [8] => 1 [12] => 1 [20] => 1 [2] => 1 [9] => 1 [13] => 1 [3] => 1 [10] => 1 [14] => 1 [4] => 1 [11] => 1 [15] => 1 [5] => 1 [16] => 1 [24] => 1 [6] => 1 [17] => 1 [18] => 1 [19] => 1 ) ) [parents] => Array ( [1] => [8] => [12] => [20] => [2] => [9] => [13] => [3] => [10] => [14] => [22] => [4] => [11] => [15] => [5] => [16] => [24] => [6] => [17] => [18] => [19] => )
[itemname] => Array ( [1] => Real Name [8] => ICQ [12] => Allow other users to v... [20] => Website [2] => Location [9] => AIM [13] => Always attach my signa... [3] => Time Zone [10] => YIM [14] => Receive occasional ema... [22] => Rank [4] => Occupation [11] => MSNM [15] => Theme [5] => Interest [16] => Comments Display Mode [24] => Signature [6] => Extra Info [17] => Comments Sort Order [18] => Default Notification Mode [19] => Notification Method Wh... ) ) ) )

The important bit is at the end:
[submit] => Submit [modid] => 20 [redirect_url] => admin/permissions.php

These come from some hidden text boxes and show up on the local machine and but not at the hosted site. This causes the failure as '../groupperm.php' isn't given a module to update ([modid] => 20).

Any ideas what can cause this on one server and not another?
GFD

24
ghia
Re: Permission Problem in XOOPS 2.3.2b
  • 2009/4/10 15:23

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Congratulations for your analysis so far!

I assume you were doing the selections for 'Field editable from profile' (in fact /modules/profile/admin/permissions.php?op=edit) and that
print_r ($_POST); // shows what variables are posted
exit(); // stops further processing
was inserted after <php and before include?

Did you tried the operation with different browsers (eg FF and IE)?

When the form shows (/modules/profile/admin/permissions.php?op=edit), could you do a view html source in your browser and cut out the part starting with
<form name="groupperm_form" id="groupperm_form" action="http://yourhost/modules/system/admin/groupperm.php" method="post">
(search for groupperm_form) up to the next
</form>

If you save this selection in a file for the local and one for the hosted system and you do a file difference on these two results, are there any differences?
(List only the differences if any other than the hostname in the action parameter at the begin of the form.

Quote:
Any ideas what can cause this on one server and not another?
In principle there should be no problem with length etc for POST variables. Maybe check once carefuly the result of phpinfo(), there might some limitations that differ for POST (look also in the Apache Suhosin section (if present)).

25
GreenFlatDog
Re: Permission Problem in XOOPS 2.3.2b

Thanks Ghia for staying with me on this.

Quote:
I assume you were doing the selections ... in ... /modules/profile/admin/permissions.php?op=edit
.. and the extra bit for testing ...
Quote:
... was inserted after <php and before include?
both correct

Quote:
.. different browsers (eg FF and IE)?
same in both

Did a file difference of source when displaying /modules/profile/admin/permissions.php?op=edit at host and at local. Apart from hostname in the action parameter there were no differences.

I'll re-check the phpinfo() stuff, and look into the Apache Sushin section (something I'm not familiar with). I will be so glad if we can resolve this!
GFD

26
GreenFlatDog
Re: Permission Problem in XOOPS 2.3.2b

Ghia - you pointed me in the right direction!

All this time it was the Suhosin PHP extension causing the trouble quietly working away on my hosted site restricting the number of POSTed variables to 400 and without logging anything anywhere when it caught a script exceeding it.

Getting a windows dll version of Suhosin took some time (already forgot where I found it - not very helpful, sorry) but now at least know what to do.

By the way Suhosin default setting for max POSTed variables is 200. This will prevent sites with only 5 groups setting permissions in the User Profile module as that has 21 fields that it grants permissions on, and POSTs it as an array where each 'variable' seems to be counted twice by Suhosin (5 x 21 x 2 = 210).

My hosting people have reluctantly increased their setting to 1024 and I have reduced my groups count down from 46 to 26 needing a setting of 1092 so I have still some work, or negotiation, to do.

But to get this far, after so long, is a great feeling and I do appreciate Ghia's help in sticking with me.
Thanks a lot!
GFD

27
sailjapan
Re: Permission Problem in XOOPS 2.3.2b

Round of applause for GreenFlatDog and Ghia's detective work. Resized Image
Never let a man who does not believe something can be done, talk to a man that is doing it.

28
ghia
Re: Permission Problem in XOOPS 2.3.2b
  • 2009/5/26 15:25

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Thanks.
I'm somewhat overwhelmed by the shear number of POST vars in this form. I think it's time to think this over and try to divise in someway the form (splitting per group or per permission). On the other hand, so many user groups is also quite uncommon.

29
arlenens
Re: Permission Problem in XOOPS 2.3.2b
  • 2009/6/23 10:39

  • arlenens

  • Just popping in

  • Posts: 18

  • Since: 2008/12/25


I have also a problem with the Permissions Setting module. The settings have been changed and most of the ticked boxes are now unticked. And when I re-ticked them and click submit button, it will save some but not all. And then when I go to see the page again, the changes were not saved. We transferred our site to a new host a month or so ago. Our host said it is not their server problem and I should contact Xoops. Any advice will be appreciated. The Permissions in the Group settings are ok. This is just in the Module for Permission Settings for files to be accessed by different groups.

30
ghia
Re: Permission Problem in XOOPS 2.3.2b
  • 2009/6/23 10:44

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Contact your hoster about extending the Suhosin settings of the site.

Login

Who's Online

233 user(s) are online (139 user(s) are browsing Support Forums)


Members: 0


Guests: 233


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits