Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: AJAX Captcha ver 2.0 and critical database error  (Read 6263 times)

0 Members and 1 Guest are viewing this topic.

kaval

  • Coppermine newbie
  • Offline Offline
  • Posts: 8
AJAX Captcha ver 2.0 and critical database error
« on: June 30, 2011, 06:02:19 am »

I tried installing on coppermine 1.5 the AJAX ver 2.0 of captcha.  Things looked good and the intall proceeded well until I tried a test registration.  I have it set for user requries to confirm registration by email and admin needs to approve user under config.  When I respond to the email I get a critical database error.  See attached.

If I try to uninstall, and then try to install a standard captcha 0.9 or 3.0 I am unable to install these with a different error:
Fatal error: require() [function.require]: Failed opening required 'plugins/captcha/include/init.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/emrguru/public_html/album/plugins/recaptcha_v3/codebase.php on line 32

I can however reinstall the Ajax captcha plug-in with the same error.

Any suggestions would be appreciated.
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1504
  • aka 'i-imagine'
    • Home Page
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #1 on: June 30, 2011, 01:01:00 pm »

I have just tried without success to reproduce your error on my test gallery.

Please post a link to your Coppermine.

Quote
....install a standard captcha 0.9 or 3.0 I....

CPG 1.5.x has Captcha as part of the standard package - nothing needs to be installed for it to function.

kaval

  • Coppermine newbie
  • Offline Offline
  • Posts: 8
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #2 on: June 30, 2011, 05:12:38 pm »

www.outdoorcardinals.org is the link to the gallery.

You are correct about Captcha 1.5x, but I still seem to be getting a lot of spam.
So I tried the plugin AJAX recaptcha ver 2 that is available on the forums.  It may be that you folks do not maintain this version.

It seems to be ok as far as entry of the captcha, but then fails when I try to confirm registration with an email confirmation at which time a critical database error occurs.  It occurs at a line that has code:  require ('plugins/captcha/include/init.inc.php');

This file exists but refers to the standard version plugin.

If I uninstall the AJAX captcha I revert back to the base version, and things are working again.
If this is the easier solution for now, that is fine.

Thanks!
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1504
  • aka 'i-imagine'
    • Home Page
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #3 on: June 30, 2011, 09:39:49 pm »

I have had look at your site and nothing appeared to be obviously out of place.

It occurs at a line that has code:  require ('plugins/captcha/include/init.inc.php');

If you can post the complete error message please do so.

Does it interfere with the email notifications from the Contact form and Comments too?

kaval

  • Coppermine newbie
  • Offline Offline
  • Posts: 8
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #4 on: June 30, 2011, 10:31:27 pm »

Did you try actually registering and then replying to the email?
As an admin, I get that user has registered in gallery, but I do not get the rest of the text that says please click to validate user.

I have left debug mode on for now. Below are some error messages:

While executing query 'SELECT user_active, user_email, user_email_valid, user_name FROM cpg15x_users WHERE user_actkey = '582b45be5bba144f28d7880796d54e77' LIMIT 1' in register.php on line 708

mySQL error: Unknown column 'user_email_valid' in 'field list'
THIS IS THE CRITICAL DATABASE ERROR

Code: [Select]
Additional debug verbose info below:
USER:
------------------
Array
(
    [ID] => b32becc430189535c0102e016d028ed0
    [am] => 1
    [lang] => english
)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 0
    [user_name] => Guest
    [groups] => Array
        (
            [0] => 3
        )

    [group_quota] => 0
    [can_rate_pictures] => 1
    [can_send_ecards] => 0
    [can_post_comments] => 0
    [can_upload_pictures] => 0
    [can_create_albums] => 0
    [pub_upl_need_approval] => 1
    [priv_upl_need_approval] => 1
    [access_level] => 2
    [disk_max] => 0
    [disk_min] => 0
    [has_admin_access] => 0
    [group_name] => Guests
    [can_create_public_albums] => 0
    [can_see_all_albums] => 0
    [group_id] => 3
    [allowed_albums] => Array
        (
        )

)

==========================
Queries:
------------------
Array
(
    [0] => SELECT name, value FROM cpg15x_config [include/init.inc.php:181] (0 ms)
    [1] => SELECT * FROM cpg15x_plugins ORDER BY priority [include/plugin_api.inc.php:54] (0 ms)
    [2] => SELECT user_id, time FROM `emrguru_album`.cpg15x_sessions WHERE session_id = 'bb09bdc583bef336f9c5bb92482ce03e' [bridge/coppermine.inc.php:264] (1 ms)
    [3] => SELECT user_id, user_password FROM `emrguru_album`.cpg15x_users WHERE user_id = 0 [bridge/coppermine.inc.php:276] (0 ms)
    [4] => SELECT MAX(group_quota) AS disk_max, MIN(group_quota) AS disk_min, MAX(can_rate_pictures) AS can_rate_pictures, MAX(can_send_ecards) AS can_send_ecards, MAX(can_post_comments) AS can_post_comments, MAX(can_upload_pictures) AS can_upload_pictures, MAX(can_create_albums) AS can_create_albums, MAX(has_admin_access) AS has_admin_access, MAX(access_level) AS access_level, MIN(pub_upl_need_approval) AS pub_upl_need_approval, MIN( priv_upl_need_approval) AS  priv_upl_need_approval FROM cpg15x_usergroups WHERE group_id in (3) [bridge/udb_base.inc.php:323] (0 ms)
    [5] => SELECT group_name FROM cpg15x_usergroups WHERE group_id= 3 [bridge/udb_base.inc.php:327] (1 ms)
    [6] => SELECT COUNT(*) FROM cpg15x_categorymap WHERE group_id in (3) [bridge/udb_base.inc.php:340] (0 ms)
    [7] => UPDATE `emrguru_album`.cpg15x_sessions SET time = 1309465440 WHERE session_id = 'bb09bdc583bef336f9c5bb92482ce03e' [bridge/coppermine.inc.php:321] (0 ms)
    [8] => SELECT aid FROM cpg15x_albums WHERE moderator_group IN (3) [include/init.inc.php:271] (0 ms)
    [9] => SELECT lang_id FROM cpg15x_languages WHERE enabled='YES' [include/init.inc.php:329] (0 ms)
    [10] => DELETE FROM cpg15x_banned WHERE expiry < '2011-06-30 15:24:00' [include/init.inc.php:443] (0 ms)
    [11] => SELECT null FROM cpg15x_banned WHERE ('68.239.48.130' LIKE ip_addr ) AND brute_force=0 LIMIT 1 [include/init.inc.php:459] (0 ms)
    [12] => SELECT aid FROM cpg15x_albums WHERE (1  AND visibility != 0 AND visibility != 10000 AND visibility NOT IN (3)) [include/functions.inc.php:976] (0 ms)
    [13] => SELECT user_active, user_email, user_email_valid, user_name FROM cpg15x_users WHERE user_actkey = '582b45be5bba144f28d7880796d54e77' LIMIT 1 [register.php:708] (0 ms)
)

==========================
GET :
------------------
Array
(
    [activate] => 582b45be5bba144f28d7880796d54e77
)

==========================
POST :
------------------
Array
(
)

==========================
COOKIE :
------------------
Array
(
    [c7d1c5341a4ac90a63fa73ff9c53dcdb] => 30df64b1547a6c29bd52cef2be4ba28c
    [cpg15x_data] => YTozOntzOjI6IklEIjtzOjMyOiJiMzJiZWNjNDMwMTg5NTM1YzAxMDJlMDE2ZDAyOGVkMCI7czoyOiJhbSI7aToxO3M6NDoibGFuZyI7czo3OiJlbmdsaXNoIjt9
    [PHPSESSID] => c083760a0d7317910c737639a27048b4
)

==========================
SESSION :
------------------
Array
(
)

==========================
               
UPON REGISTRATION:
USER:
------------------
Array
(
    [ID] => b32becc430189535c0102e016d028ed0
    [am] => 1
    [lang] => english
)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 0
    [user_name] => Guest
    [groups] => Array
        (
            [0] => 3
        )

    [group_quota] => 0
    [can_rate_pictures] => 1
    [can_send_ecards] => 0
    [can_post_comments] => 0
    [can_upload_pictures] => 0
    [can_create_albums] => 0
    [pub_upl_need_approval] => 1
    [priv_upl_need_approval] => 1
    [access_level] => 2
    [disk_max] => 0
    [disk_min] => 0
    [has_admin_access] => 0
    [group_name] => Guests
    [can_create_public_albums] => 0
    [can_see_all_albums] => 0
    [group_id] => 3
    [allowed_albums] => Array
        (
        )

)

==========================
Queries:
------------------
Array
(
    [0] => SELECT name, value FROM cpg15x_config [include/init.inc.php:181] (0 ms)
    [1] => SELECT * FROM cpg15x_plugins ORDER BY priority [include/plugin_api.inc.php:54] (0 ms)
    [2] => SELECT user_id, time FROM `emrguru_album`.cpg15x_sessions WHERE session_id = 'bb09bdc583bef336f9c5bb92482ce03e' [bridge/coppermine.inc.php:264] (0 ms)
    [3] => SELECT user_id, user_password FROM `emrguru_album`.cpg15x_users WHERE user_id = 0 [bridge/coppermine.inc.php:276] (0 ms)
    [4] => SELECT MAX(group_quota) AS disk_max, MIN(group_quota) AS disk_min, MAX(can_rate_pictures) AS can_rate_pictures, MAX(can_send_ecards) AS can_send_ecards, MAX(can_post_comments) AS can_post_comments, MAX(can_upload_pictures) AS can_upload_pictures, MAX(can_create_albums) AS can_create_albums, MAX(has_admin_access) AS has_admin_access, MAX(access_level) AS access_level, MIN(pub_upl_need_approval) AS pub_upl_need_approval, MIN( priv_upl_need_approval) AS  priv_upl_need_approval FROM cpg15x_usergroups WHERE group_id in (3) [bridge/udb_base.inc.php:323] (0 ms)
    [5] => SELECT group_name FROM cpg15x_usergroups WHERE group_id= 3 [bridge/udb_base.inc.php:327] (0 ms)
    [6] => SELECT COUNT(*) FROM cpg15x_categorymap WHERE group_id in (3) [bridge/udb_base.inc.php:340] (0 ms)
    [7] => UPDATE `emrguru_album`.cpg15x_sessions SET time = 1309465350 WHERE session_id = 'bb09bdc583bef336f9c5bb92482ce03e' [bridge/coppermine.inc.php:321] (0 ms)
    [8] => SELECT aid FROM cpg15x_albums WHERE moderator_group IN (3) [include/init.inc.php:271] (0 ms)
    [9] => SELECT lang_id FROM cpg15x_languages WHERE enabled='YES' [include/init.inc.php:329] (0 ms)
    [10] => DELETE FROM cpg15x_banned WHERE expiry < '2011-06-30 15:22:30' [include/init.inc.php:443] (0 ms)
    [11] => SELECT null FROM cpg15x_banned WHERE ('68.239.48.130' LIKE ip_addr ) AND brute_force=0 LIMIT 1 [include/init.inc.php:459] (0 ms)
    [12] => SELECT aid FROM cpg15x_albums WHERE (1  AND visibility != 0 AND visibility != 10000 AND visibility NOT IN (3)) [include/functions.inc.php:976] (0 ms)
    [13] => SELECT null FROM cpg15x_users WHERE user_name = 'bananas' [register.php:488] (4 ms)
    [14] => SELECT null FROM cpg15x_banned WHERE user_name = 'bananas' AND brute_force = 0 LIMIT 1 [register.php:533] (2 ms)
    [15] => SELECT null FROM cpg15x_banned WHERE email = 'mpatelkaval@yahoo.com' AND brute_force = 0 LIMIT 1 [register.php:541] (0 ms)
    [16] => SELECT null FROM cpg15x_users WHERE user_email = 'mpatelkaval@yahoo.com' [register.php:565] (3 ms)
    [17] => INSERT INTO cpg15x_users (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_language) VALUES (NOW(), 'NO', '582b45be5bba144f28d7880796d54e77', 'bananas', '098f6bcd4621d373cade4e832627b4f6', 'mpatelkaval@yahoo.com', 'test', '', '', 'test', '', '', 'english') [register.php:594] (1 ms)
    [18] => SELECT user_id, user_email, user_language FROM cpg15x_users WHERE user_group = 1 [register.php:642] (0 ms)
)

==========================
GET :
------------------
Array
(
)

==========================
POST :
------------------
Array
(
    [username] => bananas
    [password] => test
    [password_verification] => test
    [email] => mpatelkaval@yahoo.com
    [user_profile1] => test
    [user_profile2] =>
    [user_profile3] =>
    [user_profile4] => test
    [user_profile5] =>
    [user_profile6] =>
    [agree] => 1
    [recaptcha_challenge_field] => 03AHJ_Vus1yftBn5M_MCrffdqVgHNVBovqvQ-GTZT5y87BaT-i0aoQFvwjvlOk4gnnOnII-QEuOuIOrKS7h1L5ULHOAluVDvyvlZQsyY6FwIaKmxsdJAU8Q29T1DrASgN23hLEQZpJz3GwRbJxVX872vk-k4GlokKZDg
    [recaptcha_response_field] => major bumenta
    [submit] => Submit registration
)

==========================
COOKIE :
------------------
Array
(
    [c7d1c5341a4ac90a63fa73ff9c53dcdb] => 30df64b1547a6c29bd52cef2be4ba28c
    [cpg15x_data] => YTozOntzOjI6IklEIjtzOjMyOiJiMzJiZWNjNDMwMTg5NTM1YzAxMDJlMDE2ZDAyOGVkMCI7czoyOiJhbSI7aToxO3M6NDoibGFuZyI7czo3OiJlbmdsaXNoIjt9
    [PHPSESSID] => c083760a0d7317910c737639a27048b4
)

==========================
SESSION :
------------------
Array
(
)
==========================
               

Thanks,
  -Mahesh

« Last Edit: June 30, 2011, 11:14:24 pm by Joe Carver »
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1504
  • aka 'i-imagine'
    • Home Page
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #5 on: June 30, 2011, 11:21:40 pm »

I edited your post to make it more readable.

The message that I get in the notification email is like this:

Quote
A new user with the username "" has registered in your gallery.
In order to activate the account, you need to click on the link below or copy and paste it in your web browser.

my_test_cpg.com/register.php?activate=9bbc56156972a410942a8e04aac748d2

Have you tried Contact and Comment? A clean set of plugin files? Are there any version 1.4.x plugin leftovers on your server? Do you have any modifications / customizing on your site?

kaval

  • Coppermine newbie
  • Offline Offline
  • Posts: 8
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #6 on: July 01, 2011, 12:06:05 am »

I have noticed that the mySQL database cpg15x_users fails to have a column called user_email_valid which is where register.php executes the query from.  Is this something that failed to occur in the upgrade process and is a new mySQL table entry?  Can I just manually add the column?  The plug-ins should all be new, and were untarred and ftp'd to the plug-in folder.
Logged

kaval

  • Coppermine newbie
  • Offline Offline
  • Posts: 8
Re: AJAX Captcha ver 2.0 and critical database error
« Reply #7 on: July 01, 2011, 04:47:12 am »

Joe,
  We may be able to consider the problem solved, and thanks for your nice plugin!

  It turns out in the update process from Coppermine 14 to 15 I had failed to run the update script that modifies the mySQL database.  Once I did this, it createde the missing user_email_valid table entry and the error no longer occurs.

  Thanks once again.  It is nice to be using your plug in, and I hope to incorporate the simple forum plugin as well now that I should be able to significantly banish the bots.

  -kaval
Logged
Pages: [1]   Go Up
 

Page created in 0.025 seconds with 21 queries.