If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
AG 2.2 - trying to do admin functions logs out  XML
Forum Index » Advanced Guestbook Forum
Author Message
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

My hosting company evidently had a problem with the server I was on and moved me to a new server. Just for background info, the old server was PHP ver 4.4.9 and SQL 4.0.22 while the new server is PHP 5.3.5 and SQL 5.0.9.2 just in case this has any effect.

At first I couldn't even log back into the GB. I found Carbonize's website and was able to use his password reset (beta ver) successfully but now if I was try do anything as an administrator it returns me back to the log in screen and I get an error in PHP. Again searching Carbonize's site someone had a similar problem, but I never found a fix other than confirm that book_auth the field LAST_VISIT is set to type TIMESTAMP.

The PHP error I am getting is Warning: mktime() expects parameter 2 to be long, string given in /public_html/roster/lib/session.class.php on line 63 - this error appears directly above the administrator login.

edit: It seems to be in this section

function isValidSession($session,$user_id) {

$this->query("SELECT session, LAST_VISIT from ".$this->table['auth']." WHERE session='$session' and ID='$user_id'");

$row = $this->fetch_array($this->result);

if ($row) {

$year = substr($row["LAST_VISIT"],0,4);

$date = substr($row["LAST_VISIT"],4,10);

$date_strg = chunk_split($date,2,"-");

list($month,$day,$hour,$minute,$second) = explode("-",$date_strg);

$tstamp = mktime($hour,$minute,$second,$month,$day,$year);
return ($this->expire + $tstamp > time()) ? $row["session"] : false;

} else {

return false;

}

And the line #63) I am showing in red.



Any help would be appreciated.

(I need to upgrade as soon as its working again)

This message was edited 3 times. Last update was at 13/03/2011 17:12:27

Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

What version of the guestbook is it?

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

version 2.2
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Ah the version with the exploit. If you have phpMyAdmin and know how to use it can you check if last_visit in book_auth is in upper or lower case.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

last_vist is in uppercase
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Are you comfortable doing some minor editing to a PHP file?

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

Extremely limited on making changes by myself, I can however follow directions fairly well and if Im told what to look for and what to change I can do that.

I do need to upgrade the guestbook. Would doing an upgrade fix the issue as it appears that I have to upload all new files.

This message was edited 1 time. Last update was at 14/03/2011 10:58:24

Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Quite possibly but there was something that needed changing in the book_auth table manually to go from 2.2 to 2.4.

As to the editing I simply need you to change


to


It should then stop and display the contents of $date_strg

This message was edited 1 time. Last update was at 14/03/2011 11:11:06


Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

I added the string to the /lib/session.class.php so it now reads

$date_strg = chunk_split($date,2,"-");

die("Date String = $date_strg");

list($month,$day,$hour,$minute,$second) = explode("-",$date_strg);

$tstamp = mktime($hour,$minute,$second,$month,$day,$year);



and now instead of being kicked back to the log in I get a blank screen with on this displaying":

Date String = -0-3--14- 0-6:-
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Do it again but change it to

die("Date = $date");

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

I had to run off to my real job this morning to help pay for the web hosting that has this problem

I changed out to your request.


$date_strg = chunk_split($date,2,"-");

die("Date = $date");

list($month,$day,$hour,$minute,$second) = explode("-",$date_strg);

and now when I log in and go to any admin function I get:

Date = -03-14 17:
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Log in to phpMyAdmin and tell me the contents of last_visit.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

Pix of last_visit
[Thumb - mysql copy.jpg]
 Filename mysql copy.jpg [Disk] Download
 Description h
 Filesize 32 Kbytes
 Downloaded:  0 time(s)

This message was edited 1 time. Last update was at 15/03/2011 02:13:28

Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Just to explain. How the last_visit is used changed as of AG 2.3 so I am not sure how 2.2 worked in this respect. I am going to use the information you have provided to work it out and to try and fix the problem.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
cville22903
Beginner

Joined: 11/12/2002 17:41:34
Messages: 18
Offline

Would it be better and easier to upgrade since I'm going to have to do it at the end anyway?

Also, I can't shake the feeling that it's something dealing with the move to a server running PHP 5.3.5. I have another small site on a different server (same hosting company) that is also running version 2.2 but that server has PHP 4.4.9 which is what I was on prior to the move and having no problems. The move was necessitated by a requirement for a higher version of SQL so I could upgrade a forum board (went from SQL 4.0.22 to 5.0.9.2)

This message was edited 2 times. Last update was at 15/03/2011 11:25:57

 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum