Welcome to Geeklog Saturday, November 18 2017 @ 08:56 am EST


Gregory G.

Anonymous
Hiya!

Here's a situation that's puzzling the heck outta me and I can't seem to find a solve.

One of my customers who uses geeklog is unable to log into their admin. The correct username/password is used and they keep getting redirected BACK to the login form. Same happens with my username in there (or any login for that matter).

I suspect an upgrade on my cpanel server caused this based on what I'm seeing on google.

Geeklog version: 1.3
PHP Version: 5.4.40
MySQL Version: 5.5.42
Apache Version: 2.2.29

I attempted to upgrade to the 2.1.0 version and that failed bigtime. Thankful for backups. Smile

Any advice?
Thanks!
Gregory

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1239
The upgrade shouldn't fail unless you have some really old plugins installed as well (that are not part of the core install).

That is a really old version of Geeklog... I am not sure why the login failed. Can you create a new user and see if you can login with that (since you will receive a new password).
One of the Geeklog Core Developers.

Status: offline

Gregory

Forum User
Newbie
Registered: 17/05/2015
Posts: 3

When I try to create a user account (/blog/users.php?mode=new) I see the same login form but with a label that says "Try Logging in Again".

When I attempted to upgrade I got an error that said "No Database drivers found!" in RED during the upgrade process.

Thanks!

Gregory

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1239
Is there anything in the Geeklog error.log file when you try to login?


One of the Geeklog Core Developers.

Status: offline

Gregory

Forum User
Newbie
Registered: 17/05/2015
Posts: 3
Sadly there is no joy in the error log. Frown

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1239
Your server versions of PHP, MySQL, etc.. shouldn't cause a problem and from the sounds of it your site is connecting to the database since you haven't mentioned that the rest of the pages are affected (so the MySQL php extension is loaded).

Can you install the latest version of Geeklog to a new database? (instead of an upgrade?)
One of the Geeklog Core Developers.

Status: offline

masodo

Forum User
Junior
Registered: 13/11/2012
Posts: 34
Location:Indiana US
I am using 1.8.1 and I have had some various log-in issues that have been traced to the GUS database, where nogoodnicks attempt sql injection via either the request and/or referrer strings. Usually this has resulted in inability for only admin to log-in because it appears to be targeting an error reporting mechanism. I have seen it kick back to log-in as well.

I have been able to get back in by removing the offending data entries from within mysqladmin. The culprits are usually escaped apostrophes and the like. It does not happen very often and it does not happen with every injection attempt but there are a couple of combinations that can cause havock.

Perhaps disabling GUS in configs would also bypass the trouble but I have never tried that approach.

If you don't have GUS installed then I'd be at a loss to advise... (other than as Laugh.)

Status: offline

Gregory

Forum User
Newbie
Registered: 17/05/2015
Posts: 3
Quote by: Laugh

Your server versions of PHP, MySQL, etc.. shouldn't cause a problem and from the sounds of it your site is connecting to the database since you haven't mentioned that the rest of the pages are affected (so the MySQL php extension is loaded).

Can you install the latest version of Geeklog to a new database? (instead of an upgrade?)



I'd certainly be willing to give that a try. Is there a way to migrate the old data once that's done? Smile

Gregory

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1239
@masodo

I would be interested in hearing more about the Gus issue.

I haven't run across any sql injection issues. If there is one with the latest version I would like to get it fixed.

Would it be possible to send me the offending records by chance if you have them backed up?

Thanks

Tom
One of the Geeklog Core Developers.

Status: offline

masodo

Forum User
Junior
Registered: 13/11/2012
Posts: 34
Location:Indiana US
Hi Laugh,

I do not have any firm examples at the moment but I will be sure to keep you in mind the next time I see this crop-up.

Very often I see where the listed referrer string will display something along the lines of:

PHP Formatted Code
http%3A%2F%2Fblogdogit.com%2Farticle.php%3Fstory%3D20150425161631294%5C%27A%3D0


...with query strings like:

PHP Formatted Code
story%3D20150425161631294%5C%27A%3D0


I have 7 of these sorts in my database now but have no trouble with them. Those that cause trouble are usually an extended version of this technique.

There are times that clicking on the GUS today list item will throw a server error so I will manually "ban" the offending IP and manually add to Ignore list and ultimately flush these entries. Sometimes they can be banned and ignored with the buttons in day.php only to crash the GUS app in the "Clean Up" phase. And as stated every once in a great while this ploy will block root access (seemingly due to reading the data back at the error reporting - is my best guess.)

I did find the following entry in a backed-up error.log that is typical of the sort of clue that sent me to GUS data to get back in (this was probably not a fatal error but may very well have been...):

PHP Formatted Code
Mon 25 Aug 2014 12:45:23 EDT - 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''20110408112644399\'' at line 1. SQL in question: SELECT title FROM gl_stories WHERE sid = '20110408112644399\'


Like I said, I will let you know if it happens again and see if I can give you more exacting information then.

Thanks!

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1239
Okay I will look into what you have given me. I want to release a new version of Gus soon with the minor updates I have done over the last year or so. It also is better integrated into the ban plugin.


One of the Geeklog Core Developers.

All times are EST. The time is now 08:56 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content