Posted on: 05/17/15 10:14pm
By: Anonymous (Gregory G.)
Hiya!
Here's a situation that's puzzling the heck outta me and I can't seem to find a solve.
One of my customers who uses geeklog is unable to log into their admin. The correct username/password is used and they keep getting redirected BACK to the login form. Same happens with my username in there (or any login for that matter).
I suspect an upgrade on my cpanel server caused this based on what I'm seeing on google.
Geeklog version: 1.3
PHP Version: 5.4.40
MySQL Version: 5.5.42
Apache Version: 2.2.29
I attempted to upgrade to the 2.1.0 version and that failed bigtime. Thankful for backups.
Any advice?
Thanks!
Gregory
Re: Login Form problem.
Posted on: 05/17/15 11:03pm
By: Laugh
The upgrade shouldn't fail unless you have some really old plugins installed as well (that are not part of the core install).
That is a really old version of Geeklog... I am not sure why the login failed. Can you create a new user and see if you can login with that (since you will receive a new password).
Re: Login Form problem.
Posted on: 05/18/15 09:45am
By: Gregory
When I try to create a user account (/blog/users.php?mode=new) I see the same login form but with a label that says "Try Logging in Again".
When I attempted to upgrade I got an error that said "No Database drivers found!" in RED during the upgrade process.
Thanks!
Gregory
Re: Login Form problem.
Posted on: 05/18/15 11:26am
By: Laugh
Is there anything in the Geeklog error.log file when you try to login?
Re: Login Form problem.
Posted on: 05/18/15 12:08pm
By: Gregory
Sadly there is no joy in the error log.
Re: Login Form problem.
Posted on: 05/19/15 06:33am
By: Laugh
Your server versions of PHP, MySQL, etc.. shouldn't cause a problem and from the sounds of it your site is connecting to the database since you haven't mentioned that the rest of the pages are affected (so the MySQL php extension is loaded).
Can you install the latest version of Geeklog to a new database? (instead of an upgrade?)
Re: Login Form problem.
Posted on: 05/28/15 11:07am
By: masodo
I am using 1.8.1 and I have had some various log-in issues that have been traced to the GUS database, where nogoodnicks attempt sql injection via either the request and/or referrer strings. Usually this has resulted in inability for only admin to log-in because it appears to be targeting an error reporting mechanism. I have seen it kick back to log-in as well.
I have been able to get back in by removing the offending data entries from within mysqladmin. The culprits are usually escaped apostrophes and the like. It does not happen very often and it does not happen with every injection attempt but there are a couple of combinations that can cause havock.
Perhaps disabling GUS in configs would also bypass the trouble but I have never tried that approach.
If you don't have GUS installed then I'd be at a loss to advise... (other than as Laugh.)
Re: Login Form problem.
Posted on: 05/28/15 11:09am
By: Gregory
Quote by: LaughYour server versions of PHP, MySQL, etc.. shouldn't cause a problem and from the sounds of it your site is connecting to the database since you haven't mentioned that the rest of the pages are affected (so the MySQL php extension is loaded).
Can you install the latest version of Geeklog to a new database? (instead of an upgrade?)
I'd certainly be willing to give that a try. Is there a way to migrate the old data once that's done?
Gregory
Re: Login Form problem.
Posted on: 05/28/15 04:18pm
By: Laugh
@masodo
I would be interested in hearing more about the Gus issue.
I haven't run across any sql injection issues. If there is one with the latest version I would like to get it fixed.
Would it be possible to send me the offending records by chance if you have them backed up?
Thanks
Tom
Re: Login Form problem.
Posted on: 06/10/15 04:02pm
By: masodo
Hi Laugh,
I do not have any firm examples at the moment but I will be sure to keep you in mind the next time I see this crop-up.
Very often I see where the listed referrer string will display something along the lines of:
Text Formatted Code
http%3A%2F%2Fblogdogit.com%2Farticle.php%3Fstory%3D20150425161631294%5C%27A%3D0
...with query strings like:
Text Formatted Code
story%3D20150425161631294%5C%27A%3D0
I have 7 of these sorts in my database now but have no trouble with them. Those that cause trouble are usually an extended version of this technique.
There are times that clicking on the GUS today list item will throw a server error so I will manually "ban" the offending IP and manually add to Ignore list and ultimately flush these entries. Sometimes they can be banned and ignored with the buttons in day.php only to crash the GUS app in the "Clean Up" phase. And as stated every once in a great while this ploy will block root access (seemingly due to reading the data back at the error reporting - is my best guess.)
I did find the following entry in a backed-up error.log that is typical of the sort of clue that sent me to GUS data to get back in (this was probably not a fatal error but may very well have been...):
Text Formatted Code
Mon 25 Aug 2014 12:45:23 EDT - 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''20110408112644399\'' at line 1. SQL in question: SELECT title FROM gl_stories WHERE sid = '20110408112644399\'
Like I said, I will let you know if it happens again and see if I can give you more exacting information then.
Thanks!
Re: Login Form problem.
Posted on: 06/10/15 06:11pm
By: Laugh
Okay I will look into what you have given me. I want to release a new version of Gus soon with the minor updates I have done over the last year or so. It also is better integrated into the ban plugin.