"Access Denied" - clean install SuSE 8.1, MySQL up

Guest

Joined: Jan 31, 2004 Posts: -88

if you have access to your php.ini then activate register_globals (you'll need to restart apache for this to take affect)

if not, then let us know

Guest

I made the change, restarted the server (and init 6'd the machine for good measure), to no effect. Sad

Odd thing, I went through and tried all the Admin links, they all give my the Access Denied page except Backup DB (which tries to send me the backup file of the sql db), and the Forums which sends me over to the Forums admin menu.

Guest

After digging around all the forums here and back at PHP-Nuke, I finally tried something that shouldn't have worked, and it did.

Since I'm using MySQL 4.0.12 I figured I need to set $dbtype = "mysql4" in config.php, this would make sense no? However, once I set it back to "MySQL" it began working perfectly.

Seems like this might be a bug that may need correcting somewhere, but this appears to be the quick fix.

Worked both for my W2K/MySQL4.0.12/PHP4.3.1/Apache2.0.45 setup, and my SuSE8.1 setup...

Guest

Thanks, had the same problem, access denied for admin on all except Forum. (never tried backupDB)

The solution worked for me as well.

However as a note, I had to set config.php to mysql4 to get it to launch admin.php. Initially nothing worked with MySQL setting. (Lots and Lots of errors) I figured my mistake was the MySQL setting, after changing everything worked except as mentioned. So never bothered to change until I saw this post.

Works now like a charm.

Windows 2000, Mysql 4.0.12, Apache 2.0.45, PHP4.3.1

Guest

Sorted it for me too, thanks.
So much for following instructions Wink

General Joined: Mar 22, 2003 Posts: 5233 Location: USA

Yep. I have posted on several occasions that you should not use mysql4. It flat out doesn't work and I haven't had time to dig into the code to figure out why. MySQL works for ALL MySQL releases.

Guest

I still get the access denied messages. I had to remove the security code feature just to log in, and now that I am logged in, I can't access anything. In case it matters, I moved this site from windows xp platform to a unix platform. I also get 'this module not working' messages.

Guest

After takeing a close look at my analyse.php... I notice my provider is useing MySql v3.23
If this is not the obvious answer.. I qould apreciate any other suggestions as well.

Guest

Ok, checking one of my other sites, I notice that has the same MySQL server my site. I can not even use te backup DB or forum admin options.
I'm trying to figure out what is going on, I know the line that fails is

if (!eregi("admin.php", $_SERVER['PHP_SELF'])) { die ("Access Denied"); }

I'm not sure what this line is doing, but it occurs in just about every file in the admin section. If I could figure out what is suppose to make the eregi() call return true, I could try to fgure out what the problem is. Again, I am looking for any information somebody can give me.

General Joined: Mar 22, 2003 Posts: 5233 Location: USA

Load this script and post back the link/results. Are you on a Zeus host perchance?

Code:

<?
echo 'Server PHP_SELF = '.$_SERVER["PHP_SELF"];
echo '<br /><br />';
echo 'Server_Vars PHP_SELF = '.$_HTTP_SERVER_VARS["PHP_SELF"];
?>

Guest

Server PHP_SELF =

Server_Vars PHP_SELF =

Thats what the script produces. Not very much Razz

. It is a CIHost shared unix server.

General Joined: Mar 22, 2003 Posts: 5233 Location: USA

They are not populating the PHP_SELF variable and nuke requires it. Nuke will not work. Contact them and ask them to populate it. They will, no doubt tell you that it is the application's responsibilty blah-blah-blah and that it's a security risk. They are wrong but I think other users have been down this path and lost. You will need to manually change all instances of $_SERVER[ to $HTTP_SERVER_VARS[ for nuke to work in your environment. Better yet, change hosts.

Guest

Well, the host is really out of my control. But changeing every instance of that would not be a huge problem.. (looks up man page for SED). But I did notice that neither echo returned any data. So I am wondering, replacing one empty pointer with another doesn't seem like it would do a whole lot. I will try it, but I would appreciate some education on why/how this works. I am not new programing, but have yet to master the little details of PHP Razz

General Joined: Mar 22, 2003 Posts: 5233 Location: USA

Then they have blocked it altogether. That is a host issue unless something else is happening that I am not aware of. They need to turn register_globals On. You can try adding this line to .htaccess file
PHP_FLAG register_globals On