Security code problem / ShortLinks

Hangin' Around Joined: Jul 06, 2007 Posts: 25

Hi,

I was logged in as a user and admin at the time I changed GFXchk to 7, I logged out as admin and logged back in no problems. I kept logging in and out several times as admin to view what site looked to users only. I had no problem logging in at any time.

However, when i logged out as user to see which block for logging/registering i'd have active I realized I couldn't log back in as a user. First the GFXchk with colourful letters, I get incorrect login or password, then i get redirected to another page to try again, this time security code is simple letters and numbers on checkered background, however, only 4 ever appear, even tho it says it should be 5. This time it says, incorrect code, type it exactly as it is. I do that and still same. So i changed the number of digits in the code to 4, 4 appear but still says can't log.

Only way I can log in as a user is to switch GFXchk off, then i don't get user or password incorrect at login.

Anyone knows what might be the problem, running RN 2.10.01?

Also, my ShortLinks don't work. I have RN that came preinstalled so from what i understand all i had to do was to copy shortlinks.htaccess code to my root .htaccess. Did that right at the top. switched it on in nsconfig file but all my links can't be found unless they are admin links, as stated those do not get shortened. am i missing something?

Posted: Sun Jul 08, 2007 6:40 am

It sounds to me like your hosting sevice and here's why I think that;

The security graphic by default displays the new CAPTCHA image which is clearly working as you said you used it for admin log-in.
The code first looks to see if the support files are present for ne CAPTCHA and if they are, it uses them as you have seen.
If it cannot find the support files, it will use the old security image (the one with the checkered background) as a fall-back option.
The code also tests to see if the server has the GD image libraries installed as it is this that is actually used (server side) to create the random image. If the GD library test fails, you will see security image at all.

As RavenNuke uses the exact same piece of code for the security image, regardless of whether you are an admin or user you should not get the spurious results you have mentioned unless either some of the core files were corrupted during upload, in which case I would expect to see more problems than you have mentioned or;
the server load was such that the script couldnt complete its job.

It would be worth checking your server error logs.

Shortlinks will only work if your host has allowed you to use mod_rewrite. In most default server configurations this in usually on by default but some hosts turn it off because it does consume server resource.
Make sure mod_rewrite is turned on in yout htaccess file by checking the following line exists;

Code:

RewriteEngine on

Posted: Sun Jul 08, 2007 6:56 am

Thank you, I have resorted to reinstalling RN afresh, as when i uploaded just includes folder again, problem seemed to vanish but then tho everyone could log in with GFXchk enabled, suddenly everyone was unable to register, page always returned Registration Error! I'm thinking some files must have gotten corrupted, so have decided to chop it into smaller pieces and ftp it that way. Hopefully that will solve my problems.

As for ShortLinks, well, the code I was supposed to copy did include RewriteEngine On as you stated as the first line.. I will see if it is the host first before bugging people here again.

thank you again

By the way, is there a way to set the actual e-mail used for sending registration e-mails? My host filters all emails that do not include "1st or the 5th function with an e-mail domain registered on their servers (they did not explain what 1st or 5th function were, but whatever that translates to PHP requirements to fill fields such as From, To.. etc etc)" to prevent others using the script e-mails to spam. However, I don't know where to include the e-mail that is part of my hosting to make it work as nowhere i have added it, did it make emails pass through the filter as none have been received.

I also have AuthSMTP details if i can use that to verify that those e-mails are legit. But again, have no clue where to put those to make it work. Not to sound silly but reason i went with RN was due to it being fully integrated and i wouldn't have to do much to install it and make it all work, but i'm getting lost now with little problems i've been getting.

Posted: Sun Jul 08, 2007 7:15 am

At the moment RavenNuke as well as the standard phpNuke uses the PHP mail() function for user registration emails so if your hosting is restricting that, you are going to have problems.
The Raven Nuke Development Team have been discussing recently a change to utilise SMPT mail instead but it will be a while before progress on that is made.
You can of course turn off the registration confirmation email requirement.

Posted: Sun Jul 08, 2007 7:16 am

Would you mind telling me where I can turn it off? I looked but I didn't see option for it anywhere, short of installing a hack for it.