| Author |
Message |
myrtletrees
Involved
Joined: Sep 13, 2005
Posts: 259
Location: Cornfields of Indiana
|
 Posted:
Tue Apr 05, 2011 9:58 am |
|
I'm running the latest RN and Sentinel. I recently installed the Coppermine Photo Gallery 1.3.2 integrated into RN.
Everything seems to work fine except for one small thing. I have the permissions set for users to have their own photo albums. Uploads work etc. The only thing that does not work is when you try to set the thumbnail for your personal album.
The link looks like this:
[ Only registered users can see links on this board! Get registered or login! ]
The error you receive says this:
You have attempted to use a False Admin cookie to access this site!
I've tried this as a regular user and NOT logged in as Admin. I've also tried clearing all cookies.
I found these lines in /includes/nukesentinel.php
Code:// Invalid admin check
if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
|
If I comment those two lines out then the error goes away.
Per another thread I found while searching, I tried this suggestion. I replaced the first line with this:
Code:if(isset($aid) AND (!isset($admin) OR empty($admin)) AND $op!='login' AND substr($nsnst_const['query_string'],0,strlen("name=coppermine")) != 'name=coppermine') { die(_AB_FALSEADMIN); }
|
That made no difference.
Any ideas on why I am getting that error? |
| |
|
|
|
Palbin
Site Admin
Joined: Mar 30, 2006
Posts: 2583
Location: Pittsburgh, Pennsylvania
|
| Posted:
Tue Apr 05, 2011 10:37 am |
|
Try the following: Replace both the lines in /includes/nukesentinel.php with this single line.
Code:if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !strpos($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }
|
|
_________________
"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." — Brian W. Kernighan. |
|
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 10:40 am |
|
Thanks Pablin, just tried your suggestion and still get same errror. |
| |
|
|
|
|
Palbin
|
| Posted:
Tue Apr 05, 2011 10:45 am |
|
Can you point me to a download of the coppermine that you are using? |
| |
|
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 10:56 am |
|
LINK REMOVED
Let me know once you download it so I can remove that link.  |
Last edited by myrtletrees on Tue Apr 05, 2011 3:52 pm; edited 1 time in total |
|
|
|
|
fkelly
Former Moderator in Good Standing
Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY
|
| Posted:
Tue Apr 05, 2011 12:25 pm |
|
umm ... how about go into NS configuration and turn off the admin blocker? |
| |
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 1:29 pm |
|
| fkelly wrote: | | umm ... how about go into NS configuration and turn off the admin blocker? |
The only thing I see related to Admins in NS is
Admin Auth: OFF
Admin Contacts: |
| |
|
|
|
|
fkelly
|
| Posted:
Tue Apr 05, 2011 2:32 pm |
|
NS administration. Blocker configuration. ADMIN Blocker settings. Turn it off. |
| |
|
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 3:25 pm |
|
| fkelly wrote: | | NS administration. Blocker configuration. ADMIN Blocker settings. Turn it off. |
Same error |
| |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2496
|
| Posted:
Tue Apr 05, 2011 3:31 pm |
|
For anyone following this post the mentioned module freely is available from ClanThemes. Its worth noting that in php5.3 at least the default ini setting is to leave:
register_long_arrays Off
To use this module it must be turned on. Note there haven't been any updates to this module since something like 2009.
myrtletrees Where/when is this happening I'm not seeing that error? |
_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 |
|
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 3:51 pm |
|
| sixonetonoffun wrote: | For anyone following this post the mentioned module freely is available from ClanThemes. Its worth noting that in php5.3 at least the default ini setting is to leave:
register_long_arrays Off
To use this module it must be turned on. Note there haven't been any updates to this module since something like 2009.
myrtletrees Where/when is this happening I'm not seeing that error? |
It's only happening as a Registered User.
If you add a few photos to your personal album and then try to Modify My Albums and make changes, once you submit, the error appears.
EDIT: I would have linked to Clan Themes but did not know if that was allowed. Some sites don't like you to hotlink like that or otherwise. |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Tue Apr 05, 2011 5:23 pm |
|
This is the code fkelly was tolking about it seems to ignore the admin setting off though. Maybe no one ever shuts it off? Anyway you can try commenting it out until someone comes up with a check that works with coppermine.
/includes/nukesentinel.php
Code:// Invalid admin check
if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
|
If I don't have Jury Duty tommorrow I'll try and find a better fix. |
| |
|
|
|
|
myrtletrees
|
| Posted:
Tue Apr 05, 2011 5:58 pm |
|
| sixonetonoffun wrote: | This is the code fkelly was tolking about it seems to ignore the admin setting off though. Maybe no one ever shuts it off? Anyway you can try commenting it out until someone comes up with a check that works with coppermine.
/includes/nukesentinel.php
Code:// Invalid admin check
if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
|
If I don't have Jury Duty tommorrow I'll try and find a better fix. |
Right. I had already done that while this is a work-in-progess. Thanks. |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Tue Apr 05, 2011 7:09 pm |
|
Ok so now I feel stupid sorry myrtletrees been a weird day!
So fkelly, Palbin, Raven would this be secure enough of a work around?
Code:
// Invalid admin check
if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { setcookie("admin", false); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { setcookie("admin", false); }
|
|
| |
|
|
|
|
Palbin
|
| Posted:
Tue Apr 05, 2011 9:08 pm |
|
I have not really thought about what sixonetonoffun posted, but I would worry about not stopping and passing a bad $aid.
myrtletrees, there was a small mistake in what I posted above. Replace those two lines with this:
Code:
if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !stristr($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }
|
|
| |
|
|
|
|
myrtletrees
|
| Posted:
Wed Apr 06, 2011 5:40 am |
|
| Palbin wrote: | I have not really thought about what sixonetonoffun posted, but I would worry about not stopping and passing a bad $aid.
myrtletrees, there was a small mistake in what I posted above. Replace those two lines with this:
Code:
if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !stristr($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }
|
|
No more error  |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
