Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x
Author Message
myrtletrees
Involved
Involved


Joined: Sep 13, 2005
Posts: 259
Location: Cornfields of Indiana

PostPosted: Tue Apr 05, 2011 9:58 am Reply with quote

I'm running the latest RN and Sentinel. I recently installed the Coppermine Photo Gallery 1.3.2 integrated into RN.

Everything seems to work fine except for one small thing. I have the permissions set for users to have their own photo albums. Uploads work etc. The only thing that does not work is when you try to set the thumbnail for your personal album.

The link looks like this: Only registered users can see links on this board! Get registered or login!

The error you receive says this:
You have attempted to use a False Admin cookie to access this site!

I've tried this as a regular user and NOT logged in as Admin. I've also tried clearing all cookies.

I found these lines in /includes/nukesentinel.php

Code:
// Invalid admin check

if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }


If I comment those two lines out then the error goes away.

Per another thread I found while searching, I tried this suggestion. I replaced the first line with this:
Code:
if(isset($aid) AND (!isset($admin) OR empty($admin)) AND $op!='login' AND substr($nsnst_const['query_string'],0,strlen("name=coppermine")) != 'name=coppermine') { die(_AB_FALSEADMIN); } 



That made no difference.

Any ideas on why I am getting that error?
 
View user's profile Send private message
Palbin
Site Admin


Joined: Mar 30, 2006
Posts: 2583
Location: Pittsburgh, Pennsylvania

PostPosted: Tue Apr 05, 2011 10:37 am Reply with quote

Try the following: Replace both the lines in /includes/nukesentinel.php with this single line.
Code:
if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !strpos($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }

_________________
"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." — Brian W. Kernighan. 
View user's profile Send private message
myrtletrees
PostPosted: Tue Apr 05, 2011 10:40 am Reply with quote

Thanks Pablin, just tried your suggestion and still get same errror.
 
Palbin
PostPosted: Tue Apr 05, 2011 10:45 am Reply with quote

Can you point me to a download of the coppermine that you are using?
 
myrtletrees
PostPosted: Tue Apr 05, 2011 10:56 am Reply with quote

LINK REMOVED

Let me know once you download it so I can remove that link. Wink


Last edited by myrtletrees on Tue Apr 05, 2011 3:52 pm; edited 1 time in total 
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Tue Apr 05, 2011 12:25 pm Reply with quote

umm ... how about go into NS configuration and turn off the admin blocker?
 
View user's profile Send private message Visit poster's website
myrtletrees
PostPosted: Tue Apr 05, 2011 1:29 pm Reply with quote

fkelly wrote:
umm ... how about go into NS configuration and turn off the admin blocker?

Question

The only thing I see related to Admins in NS is
Admin Auth: OFF
Admin Contacts:
 
fkelly
PostPosted: Tue Apr 05, 2011 2:32 pm Reply with quote

NS administration. Blocker configuration. ADMIN Blocker settings. Turn it off.
 
myrtletrees
PostPosted: Tue Apr 05, 2011 3:25 pm Reply with quote

fkelly wrote:
NS administration. Blocker configuration. ADMIN Blocker settings. Turn it off.


Same error
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Tue Apr 05, 2011 3:31 pm Reply with quote

For anyone following this post the mentioned module freely is available from Only registered users can see links on this board! Get registered or login!. Its worth noting that in php5.3 at least the default ini setting is to leave:
register_long_arrays Off
To use this module it must be turned on. Note there haven't been any updates to this module since something like 2009.

myrtletrees Where/when is this happening I'm not seeing that error?

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
myrtletrees
PostPosted: Tue Apr 05, 2011 3:51 pm Reply with quote

sixonetonoffun wrote:
For anyone following this post the mentioned module freely is available from Only registered users can see links on this board! Get registered or login!. Its worth noting that in php5.3 at least the default ini setting is to leave:
register_long_arrays Off
To use this module it must be turned on. Note there haven't been any updates to this module since something like 2009.

myrtletrees Where/when is this happening I'm not seeing that error?


It's only happening as a Registered User.

If you add a few photos to your personal album and then try to Modify My Albums and make changes, once you submit, the error appears.

EDIT: I would have linked to Clan Themes but did not know if that was allowed. Some sites don't like you to hotlink like that or otherwise.
 
sixonetonoffun
PostPosted: Tue Apr 05, 2011 5:23 pm Reply with quote

This is the code fkelly was tolking about it seems to ignore the admin setting off though. Maybe no one ever shuts it off? Anyway you can try commenting it out until someone comes up with a check that works with coppermine.

/includes/nukesentinel.php
Code:
// Invalid admin check

if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }


If I don't have Jury Duty tommorrow I'll try and find a better fix.
 
myrtletrees
PostPosted: Tue Apr 05, 2011 5:58 pm Reply with quote

sixonetonoffun wrote:
This is the code fkelly was tolking about it seems to ignore the admin setting off though. Maybe no one ever shuts it off? Anyway you can try commenting it out until someone comes up with a check that works with coppermine.

/includes/nukesentinel.php
Code:
// Invalid admin check

if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { die(_AB_FALSEADMIN); }


If I don't have Jury Duty tommorrow I'll try and find a better fix.


Right. I had already done that while this is a work-in-progess. Thanks.
 
sixonetonoffun
PostPosted: Tue Apr 05, 2011 7:09 pm Reply with quote

Ok so now I feel stupid sorry myrtletrees been a weird day!

So fkelly, Palbin, Raven would this be secure enough of a work around?

Code:


// Invalid admin check
if(isset($aid) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { setcookie("admin", false); }
if((isset($aid) AND !empty($aid)) AND (!isset($_COOKIE['admin']) OR empty($_COOKIE['admin'])) AND $op!='login') { setcookie("admin", false); }
 
Palbin
PostPosted: Tue Apr 05, 2011 9:08 pm Reply with quote

I have not really thought about what sixonetonoffun posted, but I would worry about not stopping and passing a bad $aid.

myrtletrees, there was a small mistake in what I posted above. Replace those two lines with this:
Code:


if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !stristr($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }
 
myrtletrees
PostPosted: Wed Apr 06, 2011 5:40 am Reply with quote

Palbin wrote:
I have not really thought about what sixonetonoffun posted, but I would worry about not stopping and passing a bad $aid.

myrtletrees, there was a small mistake in what I posted above. Replace those two lines with this:
Code:


if(!empty($aid) AND empty($_COOKIE['admin']) AND $op != 'login' AND !stristr($nsnst_const['query_string'], 'name=coppermine')) { die(_AB_FALSEADMIN); }


No more error Dance-Y
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.6.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©