If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Login Error/Updating from v2.3.1 to v2.4.2/Anti-Spam  XML
Forum Index » Advanced Guestbook Forum
Author Message
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

Greetings,

I have successfully installed and able to admin login to Advanced Guestbook v2.3.1 way back in Nov 2002.

Recently, when I tried to admin login using the same username and password that were configured in config.inc.php, I was not able to login, and got this error "Invalid username or password. Please try again."

I did not make any changes to the php scripts since Nov 2002 and I'm not sure why the unable to login problem exists now. Any idea on where to troubleshoot other than the below lines in config.inc.php?

$GB_DB["user"] = "myusername";
$GB_DB["pass"] = "mypassword";

There is a new v2.4.2 of the Advanced Guestbook. What are the changes made since v2.3.1?

What are files I need to reconfigure and upload to the webserver to update from v2.3.1 to v2.4.2? And what are the additional new v2.4.2 files to upload? And any redundant v2.3.1 files to remove from the webserver?

Can spammers/spambot make entries to the guestbook by bypassing the sign guestbook page and appending entries to the Advanced Guestbook database in either v2.3.1 to v2.4.2? What are the spam safeguards in v2.3.1 and v2.4.2?

TIA
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

2.4.2 has image verification to help prevent spam posts. It also has a username/password reset script in the misc folder.

- This thread has been moved to the correct forum.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

I have successfully reset my username/password using your reset script located at http://carbonize.co.uk/Lazarus/Forum/index.php?topic=8.0 - Topic: I can't remember my username or password

I reckon your reset script only make changes to MySQL database without amending any of the php scripts. I'm wondering why my previous simple troubleshooting step by just amending the following lines in config.inc.php did not work:

$GB_DB["user"] = "myusername";
$GB_DB["pass"] = "mypassword";

Anyway with the password issue resolved, I see that there is the other alternative Lazarus is v1.6.1 (latest version) which can be downloaded at http://carbonize.co.uk/Lazarus/downloads.php

Judging from the dates of the readme.txt, Lazarus v1.6.1 was updated in 7 July 2006 while Advanced Guestbook v2.4.2 was updated in 8 Oct 2006. What are the differences between these 2 versions; strengths and weaknesses?

I saw your post for updating from Advanced Guestbook v2.3.1 to v2.4.2 at http://proxy2.de/forum/viewtopic.php?t=5930
Carbonize wrote:download 2.4.2. Copy database information from old config.inc.php to new one. Upload new files to replace old ones. Run update_db.php by visiting it in your web browser.


But I can't seem to find any post for updating from Advanced Guestbook v2.3.1 to Lazarus v1.6.1. Pls advise.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

the admin username and password is stored in the database and not in any file.

Lazarus is a fork of the Advanced Guestbook. This means I took the Advanced Guestbook code as my starting point and then started adding/changing things. Was it really July I released 1.6.1? Anyway I called it Lazarus because at the time Advanced Guestbook was a dead project that hadn't been updated in years.

Lazarus is always being worked on and at present 1.7 beta 5 is available to download.

You will find information on updating Advanced Guestbook to Lazarus in the FAQ section of http://lazarus.carbonize.co.uk

As to which is best. I cannot say as it's a matter of taste.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

I'm going to update my Advanced Guestbook v2.3.1 within these few days, when would the stable Lazarus v1.7 be released?

Would it be easy to update v1.7 betas to stable version?

http://carbonize.co.uk/Lazarus/index.php/

I forgot to add the template.class.php file to beta 5 so if you are missing lines from your chosen language they will not appear in English. That plus the other relevant cock ups in the release of beta 5 make me feel like a total idiot .....
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

I'm hoping to have Laz 1.7 out before to long. Just working on polishing off the search function.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

At http://proxy2.de/forum/viewtopic.php?t=4678&postdays=0&postorder=asc&start=240

Carbonize wrote:You could also stop search engines spidering your guestbook using a robots.txt file.


MarcoH wrote:
Carbonize wrote:Marcoh email me please.


done..

p.s. renaming the addentry.php works ok here.. (no spam since i changed him)

Also the robots.txt solution must work.

Example if you dont know:
Put a robots.txt in the root of your site.
Put in the the robots.txt file, at least:

User-agent: *
Disallow: /guestbook/


Carbonize wrote:The spammers find your site using Google or any other major search engine. This is why it's a good idea to block them from viewing the guestbook by using a robots.txt file.


I have the below issues regarding the above posts:

If I have 2 guestbooks at http://mysite.com/guestbook1/index.php and http://mysite.com/guestbook2/index.asp

I will put the robot.txt at the root of my site which is at http://mysite.com

The robot.txt simply contains the below 3 lines only?

User-agent: *
Disallow: /guestbook1/
Disallow: /guestbook2/

How do search engines know that there is a robot.txt located at the root of my website since there is no link to robot.txt from any of my webpages?

Do spambots read robot.txt?

Suppose http://mysite.com/index.htm have links to http://mysite.com/guestbook1/index.php and http://mysite.com/guestbook2/index.asp - it would defeat the purpose of the robot.txt since search engines / spambots are able to find these 2 guestbooks.

Are there any other effective ways to combat spams other than CAPTCHAs and robot.txt?

Advanced Guesbook and Lazarus use MySQL database, suppose I have another script that also use MySQL database, that means to say I have to purchase a second MySQL database from my website service provider. Using the same databese for 2 different scripts will corrupt the entries on the fields as 2 different scripts may use the same fields for it's intended purpose. Correct me if I'm wrong.

From the Advanced Guesbook admin page, I can amend the entries from guestbook users. Is there any way I can amend the date/time of these entries?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

1 - All search engine bots check your domain for a robots.tx file when every time they visit. Spambots only search sites looking for email addresses. Spammers use Google etc to generate a list of sites using a given script.

2 - CAPTCHA is an attempt at a Turing test which is where you test for an intelligent response. Another good option is randomised input names but some spammers are just using api to fill forms in via a web browser.

3 - Most decent scripts let you change the prefix used for the database tables. By default Lazarus uses book_ the same as AG but you can change this easily in the config.inc.php file. I personally have four scripts using a single database despite the fact my host offers me unlimited databases.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

I just updated to AG v2.4.2. I tested it with a guestbook entry, the host IP address shows my website service provider IP address which is located overseas. In my previous AG v2.3.1, guestbook entry showed my local ISP address which is correct. Is there a "host IP" bug in AG v2.4.2? Or is there any configuration setting I need to set to correct this wrong host IP problem?

Suppose I want a second AG v2.4.2 guestbook located in a different folder, each with its own guestbook entries, the below are the only configuration settings I need to amend in config.inc.php? For example:

Guesttbook 1:

/* tables */

$GB_TBL["data"] = "book_data";
$GB_TBL["auth"] = "book_auth";
$GB_TBL["cfg"] = "book_config";
$GB_TBL["com"] = "book_com";
$GB_TBL["ip"] = "book_ip";
$GB_TBL["words"] = "book_words";
$GB_TBL["ban"] = "book_ban";
$GB_TBL["priv"] = "book_private";
$GB_TBL["smile"] = "book_smilies";
$GB_TBL["pics"] = "book_pics";


Guesttbook 2:

/* tables */

$GB_TBL["data"] = "book2_data";
$GB_TBL["auth"] = "book2_auth";
$GB_TBL["cfg"] = "book2_config";
$GB_TBL["com"] = "book2_com";
$GB_TBL["ip"] = "book2_ip";
$GB_TBL["words"] = "book2_words";
$GB_TBL["ban"] = "book2_ban";
$GB_TBL["priv"] = "book2_private";
$GB_TBL["smile"] = "book2_smilies";
$GB_TBL["pics"] = "book2_pics";


All other AG v2.4.2 guestbook php, configuration and graphic files remain the same and copied to the other AG v2.4.2 guestbook2 folder on my website?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Yes the changes you specified will do the trick.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

image wrote:I just updated to AG v2.4.2. I tested it with a guestbook entry, the host IP address shows my website service provider IP address which is located overseas. In my previous AG v2.3.1, guestbook entry showed my local ISP address which is correct. Is there a "host IP" bug in AG v2.4.2? Or is there any configuration setting I need to set to correct this wrong host IP problem?


The above issue was resolved. I just received an email from my website service provider that "queeg.mywebsiteserviceprovider.com under went a full server move over the last few days, this migration has since completed....."

I tested with a guesbook entry and the AG v2.4.2 indeed showed my local ISP address and not my website host IP address.

After I downloaded AG v2.4.2.zip from http://proxy2.de, on extracting the zip file, I see that there is a .htaccess file in the admin folder. When I ftp this file to my website, I can't see the file on the admin folder on my website with my WS_FTP Pro 2006 client even though the ftp client indicated that it has finished uploading this file. Any idea why this is so?

When i open .htaccess file with notepad, it only contains this line:
deny from all

Does AG need this .htaccess file? What is the function of this file?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

.htaccess is a instruction file for the Apache server. In this case it is used to say that nobody can access the admin folder except the server. You can't see it in FTP as files like this are hidden. There will be an option in your FTP client to see hidden files.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

I can't find any option in WS_FTP Pro 2006 client to show hidden files, the client do show the .htaccess hidden file, that's how I am able to select the hidden file and transfer it over to my webserver. After the transfer, I can't see it on the webserver end with the client.

I did a search on the help file in the WS_FTP Pro 2006 client and the only thing I can find about hidden file is this:
Hidden files
You can transfer a hidden file if you know its name. To transfer a hidden file, make sure nothing is selected, and then click the Upload or Download arrow. You will be prompted for the file name.

I brought down an ASP guestbook due to spams. I intend to manually port some non-spammed guestbook entries to the AG v2.4.2 by manually entering them on the signed guestbook page. Caveat: the ported entries reflect the present date and time when these entries are entered. There is no facility in the AG v2.4.2 admin page to change the Guesbook entry date. Is there a workaround to solve this date issue?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

1 - Use a better FTP client such as FileZilla.

2 - You would need to manually edit the date in phpmyadmin and use www.unixtimestamp.com to get the correct stamp.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
image
Beginner

Joined: 26/10/2006 06:13:27
Messages: 13
Offline

image wrote:All other AG v2.4.2 guestbook php, configuration and graphic files remain the same and copied to the other AG v2.4.2 guestbook2 folder on my website?


Carbonize wrote:Yes the changes you specified will do the trick.


Following the earlier discussion on creating another guestbook using the same database, I created a second guestbook with the following amendments to the config.inc.php on the guestbook2 folder:

/* tables */

$GB_TBL["data"] = "book2_data";
$GB_TBL["auth"] = "book2_auth";
$GB_TBL["cfg"] = "book2_config";
$GB_TBL["com"] = "book2_com";
$GB_TBL["ip"] = "book2_ip";
$GB_TBL["words"] = "book2_words";
$GB_TBL["ban"] = "book2_ban";
$GB_TBL["priv"] = "book2_private";
$GB_TBL["smile"] = "book2_smilies";
$GB_TBL["pics"] = "book2_pics";
$GB_TBL["cap"] = "book2_captcha";


Upon accessing this second guestbook, I received the following error:

Query Error
--------------------------------------------------------------------------------

MySQL Error : Query Error
Error Number: 1146 Table 'myguestbookdatabase.book2_config' doesn't exist
....
....
....


Kindly advise on all the necessary steps.
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum