Admin login problem

In this board you can talk about general questions about phpMyFAQ

Moderator: Thorsten

severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Admin login problem

Post by severud »

Using IIS6 & PHP5.04 ISAPI, when I log in to the admin section I see the Startpage but when I try to do anything on that page I'm taken back to the login page. Any ideas?
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

could you please enable the debug mode in admin/index.php and change the line

Code: Select all

define("DEBUG", FALSE);
to

Code: Select all

define("DEBUG", TRUE);
and post the results here. Which version do you use?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

Using version 1.5 RC5.

DELETE FROM phpmyfaqfaqadminsessions WHERE time < 1120585704
SELECT usr, pass FROM phpmyfaqfaqadminsessions WHERE uin = 'a882a3c03561446edcf9af8c67ad8483'
UPDATE phpmyfaqfaqadminsessions SET time = 1120587504 WHERE uin = 'a882a3c03561446edcf9af8c67ad8483'
SELECT id, name, realname, email, pass, rights FROM phpmyfaqfaquser WHERE name = '' AND pass = ''
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,
severud wrote:SELECT id, name, realname, email, pass, rights FROM phpmyfaqfaquser WHERE name = '' AND pass = ''
that's the problem. :-(

is it possible to add the following lines into admin/index.php after the <?php:

Code: Select all

echo '<pre>';
print_r($_REQUEST);
echo '</pre>';
Then try a new login. Thanks!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

I added the code to admin/index.php and now when I log in and click on User Administration I see at the top:
Array
(
[uin] => 861f3692cde1b037fb5ad4c475727c03
[aktion] => user
[D:\\applications\\phpmyfaq/lang] => en
[wja_pcache_id] => 15925
)
So it's still prompting me to log back in.

And the WHERE statement is still the same; blank entries for name and pass.
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

is the first login successful?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

Yes, the first login is successful and I can see the site stats. Here's what's happening:
When I first load the admin login page I see:
Array
(
[lang] => en
[sid] => 217
)

Then, I can log in successfully and I see:
Array
(
[faqusername] => admin
[faqpassword] => mypassword
[D:\\applications\\phpmyfaq/lang] => en
[lang] => en
[sid] => 217
)

Then, when I click on "User Administration" I see:
Array
(
[uin] => 86cabe8e227f19bb07d8ff7b4bf775e2
[aktion] => user
[D:\\applications\\phpmyfaq/lang] => en
[lang] => en
[sid] => 217
)
and instead of displaying the user admin screen I'm back at the login prompt.
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

thanks. I'll try to debug this and find a fix for you!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

please try this:

Open admin/index.php and look for these lines:

Code: Select all

/* authenticate the user */
if (isset($_REQUEST["faqusername"])) {
    $user = $_REQUEST["faqusername"];
}
if (isset($_REQUEST["faqpassword"])) {
    $pass = md5($_REQUEST["faqpassword"]);
}
and change it to

Code: Select all

/* authenticate the user */
if (isset($_POST["faqusername"])) {
    $user = $_POST["faqusername"];
}
if (isset($_POST["faqpassword"])) {
    $pass = md5($_POST["faqpassword"]);
}
thanks for your help!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

No luck. I'm still seeing:
WHERE name = '' AND pass = ''
Sorry to say that I haven't had time to do my own debugging on this but will try to find some time later this week.

I wonder if there is anyone who's using this successfully in the same config as I have...
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

next try. Change these lines in admin/index.php from

Code: Select all

list($user, $pass) = $db->fetch_row($db->query($query));
	$db->query ("UPDATE ".SQLPREFIX."faqadminsessions SET time = ".time()." WHERE uin = '".$uin."'");
to

Code: Select all

list($user, $pass) = $db->fetch_row($db->query($query));
        print 'User: '.$user.', Pass: '.$pass;
	$db->query ("UPDATE ".SQLPREFIX."faqadminsessions SET time = ".time()." WHERE uin = '".$uin."'");
thanks!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

I think I got the problem but I need a test. Please add in line 122 in admin/index.php the following piece of code:

Code: Select all

$error = $PMF_LANG["ad_auth_sess"].'<br>'.$db->error();
Thanks!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

Is this code for RC5 or 6? I'm now running 6.
BTW, the output of the previous code addition:
print 'User: '.$user.', Pass: '.$pass;
yielded "User: , Pass: "

Also, just to recap my config:
phpMyFAQ Version
phpMyFAQ 1.5.0 RC6
Server Software
Microsoft-IIS/6.0
PHP Version
PHP 5.0.4
PHP Memory Limit
Register Globals
off
Safe Mode
off
Database Client Version
4.1.7
Database Server Version
4.1.12a-nt
Webserver Interface
ISAPI
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Post by Thorsten »

Hi,

for my last post, its line 124 in RC6. Did you get any error message?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
severud
Posts: 10
Joined: Thu Jun 30, 2005 8:11 pm

Post by severud »

I replaced line 124 in admin/insdex.php with:

Code: Select all

$error = $PMF_LANG["ad_auth_sess"].'<br>'.$db->error();
and see no change in behaviour.
Post Reply