HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

"Sorry, permission denied." when signing in.

2

Comments

  • R_JR_J Ex-Fanboy Munich Admin

    Could you post the config values of the config names I've posted above?

  • On config.php only found this one

    $Configuration['Garden']['Cookie']['Domain'] = '';
    

    On config-defaults.php

    $Configuration['Garden']['Domain'] = '';
    $Configuration['Garden']['Cookie']['Domain'] = '';
    $Configuration['Garden']['WebRoot'] = FALSE;
    $Configuration['Garden']['StripWebRoot'] = FALSE;
    
  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    is there a cookie salt like this ?

    $Configuration['Garden']['Cookie']['Salt'] = 'XYZ1Z5CC81';

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited May 2016

    @R_J said:
    This is a configuration error, not a software error. Just because you cannot solve a >problem doesn't mean that no one should use Vanilla and it certainly doesn't mean >Vanilla is not usable at all.

    I never said that, I said I am sorry no one better qualified than me has come to help. Because I wish I could help. I am apologizing for those who have know how but are not helping or have no time to do so.

    He has been dealing with this issue for weeks now. And is frustrated enough to have said:

    At this point Im about to say fuck it and unninstall vanilla forever and move onto another platform but I really dont want because vanilla is all I want and need to integrate with my wordpress site, but its been really frustrating to work with.

    When someone threatens to drop vanilla because it is not working for them and they can't get help to resolve it, all one can say is sorry. And advice to use something else. Preferably the paid version of vanilla.

    This issue may be that the cookie is not being saved.

  • @vrijvlinder said:
    is there a cookie salt like this ?

    $Configuration['Garden']['Cookie']['Salt'] = 'XYZ1Z5CC81';

    Yes, there is a cookie salt, a bit longer than that one.

  • R_JR_J Ex-Fanboy Munich Admin

    Try adding $Configuration['Garden']['WebRoot'] = "http://comp.tf/site/forum/"; to your config.php
    It's just a test, I don't really know what to do. Delete the *.ini files in /cache afterwards

  • RiverRiver MVP
    edited May 2016

    @Spacing said:

    • Vanilla is installed on the root /forums/ directory but is embedded on the /site/forum page of wordpress.
    • Vanilla is set up to be redirected/only reachable through /site/forum/, only the dashboard isn't redirected.
    • On launch Im also planning to have a htaccess rewriterule to rewrite all urls from comp.tf/site/ to comp.tf (the main domain). So the final forum URL would be http://comp.tf/forum/ (the wordpress page, not /forums/ the vanilla installation location)

    Not sure any of this has any relevance or might be the cause for this issue.

    Nonetheless, I would be ok setting up basic registration even without e-mail confirmation, the problem is, if the Require users to confirm their email addresses (recommended) box is unchecked I get the permission denied error on all users (be it veriefied or not) which is quite strange.

    I will toy around with those configurations variables and get back to the thread with more info.

    I think you need to test your forum without embedding first and without any plugins enabled, to determine if it is a table, cache, or database or source code glitch, or config problem.

    Do you have the problem if the forum is not embedded? test first and try to resolve first.

    Also check the permission in the user table for the test user that doesn't work. Blank out the field.

    Ideally - what do you want?

    do you want email confirmation or not?

    Try giving the test user that has a problem - Only one role - member and ensure member role has signin privs after you make the above changes.

    Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

    vrijvlinderSpacing
  • RiverRiver MVP
    edited May 2016

    since you are testing things out.

    You might try a test install of vanilla 2.3b1 unembedded and see if the problems still occur.

    Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

    vrijvlinder
  • SpacingSpacing New
    edited May 2016

    @R_J said:
    Try adding $Configuration['Garden']['WebRoot'] = "http://comp.tf/site/forum/"; to your config.php
    It's just a test, I don't really know what to do. Delete the *.ini files in /cache afterwards

    Tried this. Didn't work.

    @River said:

    I think you need to test your forum without embedding first and without any plugins enabled, to determine if it is a table, cache, or database or source code glitch, or config problem.

    Do you have the problem if the forum is not embedded? test first and try to resolve first.

    Also check the permission in the user table for the test user that doesn't work. Blank out the field.

    Ideally - what do you want?

    do you want email confirmation or not?

    Try giving the test user that has a problem - Only one role - member and ensure member role has signin privs after you make the above changes.

    This is definitely weird as hell, kinda driving me crazy hahaha.

    Tried with the forum not embedded, all plugins and applications disabled. Still the same issue.

    After registering the user it remains logged in, but when I click the link to confirm the email it says the email has been confirmed (while still logged in) and then immediately refreshes and logs out and then I can never log back in and get "Permission denied" over and over again. And yes I triple or quadruple checked, the users only have the member role and it has sign in privilege.

    With Require users to confirm their email addresses (recommended) unchecked doesn't work at all either. Just logs off immediately after registering. And there comes "Permission denied" all over again.

    Also I just remembered, is it possible this has anything to do with nginx which I think comes out of the box with VestaCP (which my VPS is running)?

  • R_JR_J Ex-Fanboy Munich Admin

    I really cannot imagine what this is. If you give me ftp credentials (with write permissions) I will try to debug it

    When you edit the user and check / uncheck the "mail adress confirmed" checkbox, you can literally toggle that permission denied error.

  • @R_J said:
    I really cannot imagine what this is. If you give me ftp credentials (with write permissions) I will try to debug it

    When you edit the user and check / uncheck the "mail adress confirmed" checkbox, you can literally toggle that permission denied error.

    Yes, but then you can't post because you dont have a confirmed email. And as soon as you confirm it, it logs you off.
    Also that doesn't work at all if you don't use email confirmation.

    I'll pm you ftp details in a bit. Thanks again for your time and willingness to help, it's really strange all this that's happening.

  • R_JR_J Ex-Fanboy Munich Admin

    I've found not much until now, only that permissions seems to be borked:

    unconfirmed perms: Array
    (
        [0] => Garden.Email.View
        [1] => Array
            (
                [0] => -1
            )
    
        [2] => Garden.Activity.View
        [3] => Garden.Profiles.View
        [4] => Yaga.Reactions.View
        [5] => Yaga.Badges.View
        [6] => Yaga.Ranks.View
        [7] => 1
        [Vanilla.Discussions.View] => Array
            (
                [0] => -1
            )
    
    )
    
    user  perms: Array
    (
        [0] => Garden.Email.View
        [1] => Garden.SignIn.Allow
        [2] => Garden.Activity.View
        [3] => Garden.Profiles.View
        [4] => Vanilla.Discussions.View
        [5] => Yaga.Reactions.View
        [6] => Yaga.Badges.View
        [7] => Yaga.Ranks.View
        [Vanilla.Discussions.View] => Array
            (
                [0] => -1
            )
    
    )
    

    Later on I'll take a look on your permission table, but the way this looks, I'd say there is a problem in a model

    SpacingRiver
  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    Since he mentioned nginx , maybe the "permissions denied" are in the file system. According to this , you should have an error log further expressing what the error was really about.

    https://www.scalescale.com/tips/nginx/13-permission-denied-while-reading-upstream-using-nginx/#stq=&stp=0

    Maybe it is your server configuration after all. I hope some of this can help. At least you can see how to generate an error log.

  • R_JR_J Ex-Fanboy Munich Admin

    This is a dump of your Permission table.

    CREATE TABLE `GDN_Permission` (
      `PermissionID` int(11) NOT NULL AUTO_INCREMENT,
      `RoleID` int(11) NOT NULL DEFAULT '0',
      `JunctionTable` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
      `JunctionColumn` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
      `JunctionID` int(11) DEFAULT NULL,
      `Garden.Email.View` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Settings.Manage` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Settings.View` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.SignIn.Allow` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Users.Add` tinyint(4) NOT NULL DEFAULT '0',
    (...)
      `Yaga.Ranks.View` tinyint(4) NOT NULL DEFAULT '0',
      `1` tinyint(4) NOT NULL DEFAULT '0',
    

    There is a strange column called "1" which messed up your permissions.
    I've dropped the complete table, run utility/structure and permissionModel()->resetAllRoles(). Now it is working. Have fun with Vanilla!

    whu606Spacinghgtonight
  • @R_J said:
    This is a dump of your Permission table.

    CREATE TABLE `GDN_Permission` (
      `PermissionID` int(11) NOT NULL AUTO_INCREMENT,
      `RoleID` int(11) NOT NULL DEFAULT '0',
      `JunctionTable` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
      `JunctionColumn` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
      `JunctionID` int(11) DEFAULT NULL,
      `Garden.Email.View` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Settings.Manage` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Settings.View` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.SignIn.Allow` tinyint(4) NOT NULL DEFAULT '0',
      `Garden.Users.Add` tinyint(4) NOT NULL DEFAULT '0',
    (...)
      `Yaga.Ranks.View` tinyint(4) NOT NULL DEFAULT '0',
      `1` tinyint(4) NOT NULL DEFAULT '0',
    

    There is a strange column called "1" which messed up your permissions.
    I've dropped the complete table, run utility/structure and permissionModel()->resetAllRoles(). Now it is working. Have fun with Vanilla!

    Wow this is really amazing. I can't thank you enough!

    What would be the cause of this strange issue tho since I've reinstalled vanilla from scratch 2 separate times, following all the official instructions and that included reuploading all the core files and deleting the old db and creating a new one from scratch as well, all 3 times I did that and the problem seemed to persist. I couldn't wrap my head around this at all. Is there anything I might be doing wrong in the installation? Or is it any issue with my particular server (I created the dbs through VestaCP but I remember checking them on phpmyadmin and they seemed a clean slate.

  • R_JR_J Ex-Fanboy Munich Admin

    I have no idea. You had some more plugins and applications installed on your forum when I've inspected it. If you really like to know who is causing that behavior, you have to do a clean reinstall and than always activate one plugin after the other and all the time create a user and confirm the test users mail address. If this is working without problems, you can activate the next plugin and create a user again.

    But you are not using any rarely used plugins, so I'm not sure that this will happen again. After you've made bigger changes, you might want to check the table GDN_Permission and see if there is a column called "1" in there (which should not, but it has been in your db)

    River
  • @R_J said:
    I have no idea. You had some more plugins and applications installed on your forum when I've inspected it. If you really like to know who is causing that behavior, you have to do a clean reinstall and than always activate one plugin after the other and all the time create a user and confirm the test users mail address. If this is working without problems, you can activate the next plugin and create a user again.

    But you are not using any rarely used plugins, so I'm not sure that this will happen again. After you've made bigger changes, you might want to check the table GDN_Permission and see if there is a column called "1" in there (which should not, but it has been in your db)

    beautiful debugging, very nice R_J

    I wonder if the 1 column occurred in the permissions table occurred because of a RegisterPermisions set to TRUE or "FALSE" instead of FALSE without quotes. Either of which potentially might create a 1 column, or if not, there should be a tighter check on column names in the Permissions table to prevent this kind of mishap, which proved to be very time consuming to track down, if the 1 column was the problem.

    What I don't understand is if Spacing said they installed from scratch, new database, new source code, without embedding or plugins how they could possibly have Yaga in the permissions table. since Yaga is not part of Vanilla core. That is even more baffling. Or perhaps by scratch they didn't really mean from scratch (new code, no addons, and new database.

    Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

  • SpacingSpacing New
    edited May 2016

    @River said:

    beautiful debugging, very nice R_J

    I wonder if the 1 column occurred in the permissions table occurred because of a RegisterPermisions set to TRUE or "FALSE" instead of FALSE without quotes. Either of which potentially might create a 1 column, or if not, there should be a tighter check on column names in the Permissions table to prevent this kind of mishap, which proved to be very time consuming to track down, if the 1 column was the problem.

    What I don't understand is if Spacing said they installed from scratch, new database, new source code, without embedding or plugins how they could possibly have Yaga in the permissions table. since Yaga is not part of Vanilla core. That is even more baffling. Or perhaps by scratch they didn't really mean from scratch (new code, no addons, and new database.

    I reinstalled everything from scratch at least twice.

    The last time I tested without plugins enabled I did indeed reinstall from scratch, everything, including core files and db, but installed plugins as well, and only then disabled them all, so some of them might have created db entries and it is possible one of these plugins was indeed causing this strange issue.

    As a note for future reference. Apart from the plugins provided with core here are the ones extra I was using:

    Auto Bury - Version 0.1
    Bump - Version 1.0
    Ignore - Version 1.2.1
    Last Edited - Version 1.1.1
    Role Titles - Version 1.0
    Spoilers - Version 1.3
    Yaga - Version 1.1

    Afaik all of those were updated to their latest version.

  • R_JR_J Ex-Fanboy Munich Admin

    @River: really great that you've inspected all the possible reasons for that! I think you should file an issue on GitHub concerning that danger. I agree that there should be some kind of check so that things like that wouldn't happen.

    @hgtonight will be interested in this, too, so that he can correct his plugin.

Sign In or Register to comment.