Advanced Guestbook - Logged in as admin, but not quite.....

As abovementioned,

Pls advise.

Thank you very much.

Overwrite the v2.3.1 session.class.php file with the 2.2 version. Worked fine for me!

Wow, that worked for me too! Thanks for the easy solution to the password loop glitch.

Ignatius

can i make a suggestion to anyone who has problems remembering login names or passwords. www.roboform.com
Saves me alot of grief. And is spyware free also.

I like Roboform and use it all the time. Good recommendation!

The password problem I was having wasn't because I forgot it, but because I upgraded Advanced Guestbook on a new server. There's a bug that causes you to return to the log-in screen every time you try to do something on the admin screen. You log in, see the blue admin screen, click on one of the functions, and you're taken back to the log-in again.

Just FYI.

The "lost password" and "password loop" discussions seem to be getting lumped together in some of these threads.

Ignatius

Very true lol

Thank god I do a database backup everynight. So i can restore to a good point anytime i want. If needed.

anyone know where I can get a copy of Advanced Guestbook 2.2? Thanx for your time.

Why would you want to downgrade when 2.3.1 is out now.

Awesome! Thanks so much Jam'n. :o It worked w0000t!

THIS SOLUTION: Overwrite the v2.3.1 session.class.php file with the 2.2 version. Worked fine for me!

Worked for me with one of my domains guestbooks, but NOT with another one at one of my other domains. There I did a fresh install, then replaced the session.class file and I'm still stuck in the loop any type I click any admin function. I'm at a loss why it worked once but not the second time.

-Jack

quite obivously, overwriting any new file with an older version and downgrading it because you can't figure it out is not the real soulution. The real solution is importing the old password string of test and 123, and then waiting for the php session to time out on the server. (if you have already tried to log in with no success.) Also Dump all browser cache, and then login with test and 123.

Once I figured out the sessions, it work right away.

Anonymous wrote:quite obivously, overwriting any new file with an older version and downgrading it because you can't figure it out is not the real soulution. The real solution is importing the old password string of test and 123, and then waiting for the php session to time out on the server. (if you have already tried to log in with no success.) Also Dump all browser cache, and then login with test and 123.

Once I figured out the sessions, it work right away.

This works for me for reseting the password and username, but didn't help with the loop. Overwriting new file with older version is so far only thing that has worked here...

The problem is with the database. If you upgrade from 2.2, the table information is different. If you have always used 2.3.1, the tables are probably corrupt. Either way, you should fix the database tables instead of reverting back to an older file.

If you have this problem or wish to upgrade from 2.2. to 2.3.1 please try www.carbonize.co.uk/install.php I think I managed to fix one persons problem with it.

Whoops meant www.carbonize.co.uk/install.zip

BTW to all those that have replaced the 2.3.1 session.class.php with the 2.2 version your guestbook is now susceptible to the login exploit.

Same problem here , looks like the 'session' variable is reserved by apache2.

My nasty work around was to change all :

amp;session=
with
amp;sessionid=

as well as all :

name="session"
with
name="sessionid"

In all files in admin/

and

add a couple of lines in admin.php

...

if (!isset($PHP_SELF)) {
$PHP_SELF = $HTTP_SERVER_VARS["PHP_SELF"];
if (isset($HTTP_GET_VARS)) {
while (list($name, $value)=each($HTTP_GET_VARS)) {
$$name="$value";
}
}
if (isset($HTTP_POST_VARS)) {
while (list($name, $value)=each($HTTP_POST_VARS)) {
$$name="$value";
}
}
if (isset($HTTP_COOKIE_VARS)) {
while (list($name, $value)=each($HTTP_COOKIE_VARS)){
$$name="$value";
}
}
}

// Insert those 3 lines here
if (isset($sessionid)) {
$session = $sessionid;
}

$gb_auth = new gb_session($include_path);
$AUTH = $gb_auth->checkSessionID();
$VARS = $gb_auth->fetch_array($gb_auth->qu
...