Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: "Invalid action" in admin.php  (Read 4855 times)

0 Members and 1 Guest are viewing this topic.

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
"Invalid action" in admin.php
« on: February 19, 2005, 08:42:32 am »

The latest version of admin.php results in:
Quote
Invalid action
instead of the configuration table. Ran cvs update and the update script. When I rolled back admin.php to the previous version, the error went away.
« Last Edit: February 24, 2005, 02:40:10 am by TranzNDance »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: "Invalid action" in admin.php
« Reply #1 on: February 19, 2005, 10:24:37 am »

make sure you have v1.260 or better of english.php and you should be fine. The reason for the error: Omni has introduced another form creation option for the password encryption option to make it only show up when you're not using bridging, which I removed, as there already is a way to disable options from the config that don't apply for bridged installs. I just have forgotten to commit english.php as well that reflected the change - sorry for that.

Joachim
Logged

omniscientdeveloper

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 901
Re: "Invalid action" in admin.php
« Reply #2 on: February 19, 2005, 02:20:19 pm »

The changes you made actually broke the md5 login. The extra statement didn't necessarily pertain to bridging but to whether or not the value was true. If so, it disabled the block. Right now, with your changes, you can actually set the config setting to NO/FALSE which breaks the login, since the value in the database is md5'ed.

Line 708 should also be:

Code: [Select]
if (UDB_INTEGRATION != 'coppermine' AND in_array($element[1],$options_to_disable) AND $CONFIG['bridge_enable']) $element[2] = 15;

I missed that in the previous version.

[edit]
....You could redo it so it works with the one case statement though, you'll just have to add a check for the config value being parsed, so it doesn't accidentally disable something else.
[/edit]
« Last Edit: February 19, 2005, 02:32:28 pm by omniscientdeveloper »
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: "Invalid action" in admin.php
« Reply #3 on: February 19, 2005, 06:22:44 pm »

The new english.php file fixed it. However, as omni pointed out, the options for MD5 are there for the user to change after already setting MD5.
Logged

omniscientdeveloper

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 901
Re: "Invalid action" in admin.php
« Reply #4 on: February 20, 2005, 11:34:59 am »

I added the changes that I stated above, without adding the new case statement.
Logged
Pages: [1]   Go Up
 

Page created in 0.021 seconds with 18 queries.