Fresh install - Dang [Yahoo Archive]

23 views
Skip to first unread message

Lord Beowulf

unread,
Oct 31, 2019, 1:18:39 PM10/31/19
to Gallery 3 Users

Fresh install - Dang

Expand Messages

·         miktrain

Message 1 of 9 , Dec 30, 2018 

View Source

Just started with a fresh install on a new server of the php 7 version and everything went fine, it gave me the temp admin password etc, Click on "start using" and it won't log me in, just a "Dang we tried really hard"

 

Log shows

2018-12-30 18:14:41 -05:00 --- error: Kohana_Exception [ 403 ]: @todo FORBIDDEN

/home/ozfreemo/public_html/members/modules/gallery/helpers/access.php [ 202 ]

#0 /home/ozfreemo/public_html/members/modules/gallery/helpers/access.php(425): access_Core::forbidden()

#1 /home/ozfreemo/public_html/members/modules/gallery/controllers/login.php(31): access_Core::verify_csrf()

#2 [internal function]: Login_Controller->auth_ajax()

#3 /home/ozfreemo/public_html/members/system/core/Kohana.php(331): ReflectionMethod->invokeArgs(Object(Login_Controller), Array)

#4 /home/ozfreemo/public_html/members/system/core/Event.php(208): Kohana_Core::instance(NULL)

#5 /home/ozfreemo/public_html/members/application/Bootstrap.php(67): Event_Core::run('system.execute')

#6 /home/ozfreemo/public_html/members/index.php(116): require('/home/ozfreemo/...')

#7 {main}

2018-12-30 18:14:41 -05:00 --- error: Missing messages entry kohana/core.errors.403 for message kohana/core

 

So what do I have to change to allow access?

 

Tony

Reply

Delete

·         bwdutton

Dec 30, 2018 

View Source

This seems like a PHP session issue of some sort in that your same session/csrf token isn't remaining the same. If you use another browser does the issue go away? e.g.:

https://stackoverflow.com/questions/49193111/cant-login-to-gallery3-due-to-csrf-fail-with-firefox

 

Here is another similar post although they are using PHP 5.4 instead of 7 so it's not all applicable:

http://galleryproject.org/node/112626

 

Is it possible your new install is setup for both SSL and non SSL? I'm wondering if somehow your browser is bouncing between versions and dropping the session/token/cookie.

 

Now that I look at the .htaccess file that comes bundled with the software it only has checks for mod_php5:

<IfModule mod_php5.c>
  php_flag short_open_tag            On
  php_flag magic_quotes_gpc          Off
  php_flag magic_quotes_sybase       Off
  php_flag magic_quotes_runtime      Off
  php_flag register_globals          Off
  php_flag session.auto_start        Off
  php_flag suhosin.session.encrypt   Off
  php_value upload_max_filesize      70M
  php_value post_max_size            100M
</IfModule>

 

So the above are probably not being set. Is session.auto_start set to On in your install? If it is that could be the issue, PHP is starting a session using the default session settings (probably storing session info in files), then when the gallery software loads it's using the DB and creating another set of data. If this is the issue we can duplicate these settings in .htaccess for php7.

 

Thanks,

Brad

 

 

Reply

Delete

·         miktrain

Dec 31, 2018 

View Source

I was using Chrome so checked with IE and Firefox, both of those let me login and upload but that was still a very flaky and ended with a 500 server error

 

.htaccess has

 

<IfModule mod_php5.c>

  php_flag short_open_tag            On

  php_flag magic_quotes_gpc          Off

  php_flag magic_quotes_sybase       Off

  php_flag magic_quotes_runtime      Off

  php_flag register_globals          Off

  php_flag session.auto_start        Off

  php_flag suhosin.session.encrypt   Off

  php_value upload_max_filesize      20M

  php_value post_max_size             100M

</IfModule>

 

I tried duplicating that bit but with php7 in it but it made no difference

 

Tony

Reply

Delete

·         J.R.

Dec 31, 2018 

View Source

Tony,

You don't mention where you got the version of G3 that you used to do a "fresh install" with. In my experience there is only one which seems to work well on PHP 7 and up. Officially it is still version 3.0.9, but it is Brad's tweaked version and makes all the difference -- plus Brad tries to keep it updated as much as possible. If this is not the release you just installed, you should go to this link to get it and start over:

https://github.com/bwdutton/gallery3/archive/master.zip

... and do use Firefox for the installation... Chrome has some weird "security" features that can cause problems when accessing system-level stuff, which the G3 installer does and IE... well, IE should never be used for anything IMHO.

-- J.R.


mikt...@hotmail.com [gallery3] wrote:

Show message history

Reply

Delete

·         bwdutton

Dec 31, 2018 

View Source

Try changing <IfModule mod_php5.c> to <IfModule mod_php7.c>

 

What OS are you using? I can attempt to replicate the issue.

 

Thanks,

Brad

Reply

Delete

·         miktrain

Jan 1 

View Source

It is Brad's, although I did get it a while ago (just downloaded a fresh copy) I installed via ftp using Cute only renaming the main folder to reflect my previous site.

 

This is on A2 hosting, I just had a look through their setup with Cpanel and they have a inbuilt loader for Gallery and tried the demo with Firefox but that did not work either but it probably needs php 5.6 to run.

 

Looking at the server settings with Cpanel and my options are set to php 7.0 but the server is reporting 5.6.38 so I am thinking that I will ask them to wipe the server and start again. I will try the freshly downloaded files first just in case.

 

Just tried to login with Firefox, I did get in but where I was typing it said the the page is not secure.

 

Tony

Reply

Delete

·         miktrain

Jan 1 

View Source

Changed to 7 and no difference.

 

Win7 Pro

 

Thanks for chiming in Brad, I feel that the problem is with the server rather than your version, let's hope that whatever the problem is it can be fixed quickly.

 

Tony

Reply

Delete

·         miktrain

Jan 2 

View Source

Panic over. all sorted, I contacted A2 with the problem and we were on the right track, it was that the site was sometimes http and other times https 

 

There is now a .htaccess file at the public_html level that has the following in it

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule (.*) https://ozfreemo.com/$1 [R=301,L]

This forces https. For anyone following this fix just remember to put your own site in the last line.

Brad, maybe this could be added to your setup as a .htaccess file or a note to add to the public_html of any https site.

Tony

ozfreemo.com

Reply

Delete

·         J.R.

Message 9 of 9 , Jan 3 

View Source

Tony,

Glad to hear it. All those tiny little things that continue to trip up DIYers like ourselves. I have always found A2 Hosting's real-person telephone support to be excellent... and usually willing to go the extra mile to help their clients out in this techno-maze we find ourselves in. It a real testament to the original G3 programmers and people like Brad that G3 still continues to work as well as it does in this ever-changing environment.

--J.R.

 

Reply all
Reply to author
Forward
0 new messages