1 graziano Apr 29, 2006 09:32
3 graziano Apr 29, 2006 11:50
I installed latest version here
http://jomaldo.com/blog/admin/
but I have still the same problem ..
sorry what browser did you use to receive "wrong username/password" message ?
I tried with IE italian and Mozilla Firefox english , nothing to do !
4 graziano Apr 29, 2006 11:59
I tried also to login using lynx from unix machine , it doesn't work ...
nothing to do .. any idea please ?
I installed another copy of b2 on another account on the same same server and it works (!?!?) .
Only different thing is ip address ...
Why cookies doesn't work on my jomaldo account ?
I am going mad , it's really strange !
5 graziano Apr 29, 2006 12:23
I verified that when that after I press the login button , $log and $pwd variables contains nothing . I think that it's happens becuase cookies are not stored in the right way .
Is it a bug ? I have seen it discussed in other forum post , but without resolution. Anyone can solve this bug please ?
Thank you
6 yabba Apr 29, 2006 12:30
lol, tad hard to check when you delete the install :p
I tried using FF 1.5 (or summat).
Have you tried setting your cookie "path" to empty? ( $cookie_path = ''; )
¥
7 graziano Apr 29, 2006 18:06
I tried
$cookie_path = '';
nothing to do ...
I installed another version which includes /install
http://jomaldo.com/blog2/admin/
any help from developers please ?
8 yabba Apr 29, 2006 18:20
I don't know if this helps but....
1/ if I change skin, I get a cookie off your site (and it sticks)
2/ if I try to goto /admin/ , when I get asked to login (using fred / 123456789 ) I just get "you need to login" (no error)
3/ if I click "login" on the skin (ie/ not to go to admin) I get and "error: invalid user pass thing" (using fred / 123456789 ).
Try clicking the login link on a skin, loggining in and then going to admin.
¥
9 graziano Apr 29, 2006 18:46
Thank you
Well, if I login from
http://jomaldo.com/jomaldoblog/htsrv/login.php
I CAN login
if I login from
http://jomaldo.com/jomaldoblog/admin
I CANNOT login (in the way explained above)
Ok good , but it's definitely a bug.
10 graziano Apr 29, 2006 18:57
on my log error file I have a lot of these
File does not exist: /home/ajom/public_html/jomaldoblog/htsrv/styleswitcher.js
11 graziano Apr 29, 2006 19:04
there is no file called styleswitcher.js on latest stable version !
why do I receive this error ?
12 blueyed Apr 29, 2006 19:57
The problem seems related to your webserver:
If you go directly to http://jomaldo.com/jomaldoblog/admin/ somehow $_POST gets not through.
You'll get an login error (and can login probably) when you go to
http://jomaldo.com/jomaldoblog/admin/b2edit.php
The styleswitcher.js problem may be related. It is in /blogs/admin/styleswitcher.js - but your webserver looks for it in /htsrv/, or the browser asks for it there. I'd rather say the first, given the issue above.
13 graziano Apr 29, 2006 21:22
sorry , why the problem above should be related to my webserver ?
14 blueyed Apr 29, 2006 22:18
Because the POST that gets sent to http://.../admin/ does not make it into the index.php.
What webserver are you using?
*edit* maybe it's also "just" a PHP problem. What version are you using? CGI?
15 graziano Apr 30, 2006 08:00
blueyed wrote:
Because the POST that gets sent to http://.../admin/ does not make it into the index.php.
What webserver are you using?
*edit* maybe it's also "just" a PHP problem. What version are you using? CGI?
I am using this
http://www.jomaldo.com/info.php
16 graziano Apr 30, 2006 21:14
and it's not cgi. So if the problem is not php , where is the problem ?
17 blueyed Apr 30, 2006 21:22
I'd guess, it's mod_security or another apache module.
You've said that it's not happening to another, quite similar, setup.. please find out what difference between the two is causing it.
I've described/debugged the problem, but what's causing it is about my knowledge.
18 graziano May 01, 2006 10:05
It's not mod_security . I analyzed mod security log and there is no error.
And mode_security should also generate an internal server error.
Only difference is that the account is using a dedicated ip address while other accounts have a shared ip.
However I am not alone , also other people had this problem on the forum in the past , in fact the problem was not solved.
I definitely think that it's a cookie/session problem with the login script.
19 graziano May 01, 2006 10:14
and sorry why my webserver should accept logins
from
http://domain.com/blog/htsrv/login.php
while it should deny logins from
http://domain.com/blog/admin/index.php
My simple answer is , something wrong on http://domain.com/blog/admin/index.php code and something good
on http://domain.com/blog/htsrv/login.php code .
Am I wrong ?
20 blueyed May 01, 2006 19:49
As far as I know, your server has accepted logins from /htsrv/login.php and /admin/index.php (I've only tested /admin/b2edit.php, but that should be the same).
It just does not accept logins through /admin/.
My guess that because of some internal redirect the POST data gets lost: b2evolution does not get notified that there's someone POSTing form data and therefor does not know that anybody is trying to login.
Because it works fine on the demo-Site (http://demo.b2evolution.net/stable/blogs/admin/) and nearly all other installs, it has to do something with the server's setup.
If you don't want to try disabling some modules, or look into the server configuration in general (which includes any .htaccess files in the path), I cannot help.
21 graziano May 02, 2006 07:54
thank you for reply .
The problem is on /admin AND on /admin/index.php
Here is another example
http://internise.com/blog/admin/index.php
By the way there is nothing on .htacess , in each folder.
Sorry but I have to confirm , there is a problem code on
/admin/index.php that generates only is some case (cookie problem)
No problem using /blog/htsrv/login.php
Graziano
22 yabba May 02, 2006 11:30
I only get the problem with /admin/ (not /admin/index.php).
For a laugh, rename your admin folder (call it "fred" or sumat), and change $admin_subdir in conf/_advanced.php :-
$admin_subdir = 'fred'; // Subdirectory relative to base
and then try going to /fred/ and seeing if you can login.
¥
23 blueyed May 02, 2006 16:57
graziano, I also cannot confirm it with /admin/index.php: it says "ERROR: wrong login/password." as it should.
The problem only appears, if the webserver internally calls "index.php" because there was no full path given (only /admin/").
24 obtuse Jul 31, 2008 04:11
Was this ever resolved?
I am experiencing this with a couple of sites I have with 'sparkle' installed.
(yes, I know I should upgrade but this is for older people who find sparkle very easy to use - we have comments turned off)
Back in May, one domain suddenly stopped allowing login and giving the cpanel error log message:
File does not exist: /home/domain/public_html/htsrv/styleswitcher.js
After searching I found a few threads about this (none with fixes) but asked the host to supply a RAW APACHE LOG. This showed a mod_security error and they did a fix and all was well.
Now I have the same problem with another domain and the host is telling me there is no mod_security issue and there is nothing they can do.
On request, they told me there was
This:
There was a recent PHP upgrade:
PHP 5.2.6 (cgi) (built: Jun 16 2008 19:49:57)
However, PHP4 runs by default.
Any ideas anyone?
25 edb Jul 31, 2008 04:42
I doubt you'll find any support for 0.9.* releases anymore because that generation has been obsolete for a long LONG time.
Sorry, but "upgrade" is the only real option.
26 obtuse Jul 31, 2008 05:18
Less than two years Ed.
You've been around since 2004 and you're not obsolete.
I notice there was another guy on recently who uses sparkle and also didn't want to upgrade. Surely there are a few of still around.
Is it possible that the PHP 5.2.6 (cgi) upgrade could affect the login?
27 edb Jul 31, 2008 06:12
I'd say not only is it possible but in this case it is extremely likely given that your blog worked then your host upgraded something then your blog didn't work.
Yeah I been here a while, but, uh ... people aren't open source software packages ;)
0.9.2 was pretty good, but http://b2evolution.net/downloads/index.php pretty much shows that this product has moved on quite a bit since then. So support simply doesn't happen is the thing.
I just tried to login to your blog and I got the "ERROR: wrong login/password." message. You might try turning debug mode on (conf/_advanced.php) and seeing what's in the log.
Also, you'd be better off starting with the [url=http://b2evolution.net/downloads/index.html]latest version[/url] of the software (Dawn 0.9.1).
¥