Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Admins can see gallery, any other group cannot get past thumbnails  (Read 2115 times)

0 Members and 1 Guest are viewing this topic.

ewan0t

  • Coppermine newbie
  • Offline Offline
  • Posts: 1

Newbie at this so please be patient.  I have trolled this site looking for the answer to this question to no avail.

The issue is that only admins can see the gallery pics.  The other group members can see the thumbnails but when they select one, they get a DB error:

'There was an error while processing a database query' and the following code underneath.

Code: [Select]
While executing query "INSERT INTO cpg1410_hit_stats
                          SET
                            pid = 764,
                            search_phrase = '',
                            Ip   = '81.174.144.234',
                            sdate = '1209061419',
                            referer='http%3A%2F%2Fwww.tewan.co.uk%2Findex.php',
                            browser = 'Unknown',
                            os = 'Windows XP'" on 0

mySQL error: Duplicate entry '0' for key 1

Debug code:

Code: [Select]
USER:
------------------
Array
(
    [ID] => f5ef794b2eab70a4071f9f84bffbee34
    [am] => 1
    [lang] => english
    [theme] => mac_ox_x
    [liv] => Array
        (
        )

)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 4
    [user_name] => 41st
    [groups] => Array
        (
            [0] => 5
        )

    [disk_max] => 25000
    [disk_min] => 25000
    [can_rate_pictures] => 1
    [can_send_ecards] => 1
    [ufc_max] => 3
    [ufc_min] => 3
    [custom_user_upload] => 0
    [num_file_upload] => 5
    [num_URI_upload] => 3
    [can_post_comments] => 1
    [can_upload_pictures] => 1
    [can_create_albums] => 1
    [has_admin_access] => 0
    [pub_upl_need_approval] => 0
    [priv_upl_need_approval] => 0
    [group_name] => 41st
    [upload_form_config] => 3
    [group_quota] => 25000
    [can_see_all_albums] => 0
    [group_id] => 5
)

==========================
Queries:
------------------
Array
(
    [0] => SELECT extension, mime, content, player FROM cpg1410_filetypes; (0s)
    [1] => select * from cpg1410_plugins order by priority asc; (0s)
    [2] => delete from `tewan`.cpg1410_sessions where time<1209057819 and remember=0; (0.019s)
    [3] => delete from `tewan`.cpg1410_sessions where time<1207851819; (0s)
    [4] => select user_id from `tewan`.cpg1410_sessions where session_id=md5("3fba5aab71fb02c562df59a8e9baac09aaa96751425f72a7883ca714c097c7e9"); (0.001s)
    [5] => select user_id as id, user_password as password from `tewan`.cpg1410_users where user_id=4 (0s)
    [6] => SELECT u.user_id AS id, u.user_name AS username, u.user_password AS password, u.user_group+100 AS group_id FROM `tewan`.cpg1410_users AS u INNER JOIN `tewan`.cpg1410_usergroups AS g ON u.user_group=g.group_id WHERE u.user_id='4' (0s)
    [7] => SELECT user_group_list FROM `tewan`.cpg1410_users AS u WHERE user_id='4' and user_group_list <> ''; (0s)
    [8] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg1410_usergroups WHERE group_id in (5) (0s)
    [9] => SELECT group_name FROM  cpg1410_usergroups WHERE group_id= 5 (0s)
    [10] => update `tewan`.cpg1410_sessions set time='1209061419' where session_id=md5('3fba5aab71fb02c562df59a8e9baac09aaa96751425f72a7883ca714c097c7e9'); (0s)
    [11] => SELECT user_favpics FROM cpg1410_favpics WHERE user_id = 4 (0s)
    [12] => DELETE FROM cpg1410_banned WHERE expiry < '2008-04-24 18:23:39' (0s)
    [13] => SELECT * FROM cpg1410_banned WHERE (ip_addr='81.174.144.234' OR ip_addr='81.174.144.234' OR user_id=4) AND brute_force=0 (0s)
    [14] => SELECT aid FROM cpg1410_albums WHERE visibility != '0' AND visibility !='10004' AND visibility NOT IN (5) (0s)
    [15] => SELECT aid FROM cpg1410_albums (0s)
    [16] => SELECT aid from cpg1410_pictures WHERE pid='764' AND aid IN (19)  LIMIT 1 (0s)
    [17] => SELECT title,keyword from cpg1410_albums WHERE aid='19' (0s)
    [18] => SELECT COUNT(*) from cpg1410_pictures WHERE ((aid='19'  AND aid NOT IN (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17) ) ) AND approved='YES' AND aid IN (19)  (0s)
    [19] => SELECT pid, filepath, filename, url_prefix, filesize, pwidth, pheight, ctime, aid, keywords, title, caption,hits,owner_id,owner_name from cpg1410_pictures WHERE ((aid='19'  AND aid NOT IN (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17) ) ) AND approved='YES' AND aid IN (19)  ORDER BY filename ASC  (0.001s)
    [20] => SELECT title,keyword from cpg1410_albums WHERE aid='19' (0s)
    [21] => SELECT COUNT(*) from cpg1410_pictures WHERE ((aid='19'  AND aid NOT IN (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17) ) ) AND approved='YES' AND aid IN (19)  (0s)
    [22] => SELECT * from cpg1410_pictures WHERE ((aid='19'  AND aid NOT IN (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17) ) ) AND approved='YES' AND aid IN (19)  ORDER BY filename ASC  LIMIT 1 ,1 (0.001s)
    [23] => SELECT title, comments, votes, category, aid FROM cpg1410_albums WHERE aid='19' LIMIT 1 (0s)
    [24] => SELECT name, parent FROM cpg1410_categories WHERE cid = '5' (0s)
    [25] => UPDATE cpg1410_pictures SET hits=hits+1, lasthit_ip='81.174.144.234', mtime=CURRENT_TIMESTAMP WHERE pid='764' (0.001s)
    [26] => INSERT INTO cpg1410_hit_stats
                          SET
                            pid = 764,
                            search_phrase = '',
                            Ip   = '81.174.144.234',
                            sdate = '1209061419',
                            referer='http%3A%2F%2Fwww.tewan.co.uk%2Findex.php',
                            browser = 'Unknown',
                            os = 'Windows XP' (0s)
)

==========================
GET :
------------------
Array
(
    [album] => random
    [cat] => 0
    [pos] => -764
)

==========================
POST :
------------------
Array
(
)

==========================
Page generated in 0.092 seconds - 27 queries in 0.023 seconds - Album set : AND aid IN (19) ; Meta set: AND aid IN (19) ;

And the following in a seperate box underneath the debug info:

Code: [Select]
Notices
/include/themes.inc.php
Notice line 2196: Undefined index: uid
/include/functions.inc.php
Notice line 1499: Undefined variable: query_term

This user can see only one album, see's the thumbnails as mentioned but cannot see larger images.  The Registered users group members have the same issue and have about 12 albums to look at.  Again Admin (in user mode also) can see all.  If a user is promoted to admin, they can then get access. 

Seems to be a permissions issue but not sure where to start looking.

Thanks in advance.

Trevor

Logged

Nibbler

  • Guest
Re: Admins can see gallery, any other group cannot get past thumbnails
« Reply #1 on: April 24, 2008, 10:06:34 pm »

There's something wrong with your stats table. Make sure the sid field is set to auto increment using phpmyadmin. Also, update your gallery.
Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 20 queries.