Simple Machines Community Forum

SMF Support => SMF 1.1.x Support => Topic started by: Rattler on July 21, 2009, 05:27:56 PM

Title: SNAFU: Complex & transforming problem that has me out of my depth
Post by: Rattler on July 21, 2009, 05:27:56 PM
Gentlemen,

Since Sunday, JUL 19, I have run into a strange and complex problem with the forum software that I not only do not understand but that also keeps transforming/transmutating and presenting itself differently every day, has me completely out of my depth, and help from this forums distinguished members would be much appreciated.

Let me start by stating that I only have basic knowledge of Javascript and PHP (I can read and understand the concept of a code, but I would not see a syntax error even if I had my cursor right on it) and only conceptual knowledge of SQL and MySql.

The Basics:

- http://www.warandtactics.com/smf/
- SMF 1.1.10, heavily modded
- PHP 5
- forum was subject to the KB attack in May (w/o db intrusion AFAIK)
- Before onset of the problem the forum worked smoothly and w/o noticable glitches (though we have an ever present recurrent error since January that I cannot fix but chose to ignore as it obviously has no functional consequences)
- all modifications to the code of the forum software since existance are documented in our tech room change log
- I have a db (+structure) backup from the day before problem onset, JUL 18, and also one (from cPanel) from today JUL 21
- newest two error log entries from today are attached
- I have a test account installed with staff privileges (so the tech room can be viewed) and will gladly give access data by PM
- I won´t give access to ftp and cPanel, but gladly provide copies of any files necessary

As I already said, the problem seems to change every day, so let me split this up into three parts:

1. Sunday JUL 19

After a long admin session of various hours I found I could not log out, and nobody else could log in. An extensive and detailed description of the exact chain of events and the way this problem presented itself (and kind of miraculously solved itself to some extent) you can find here: http://www.warandtactics.com/smf/index.php?&topic=1393.msg5310#msg5310


2. Monday, JUL 20

I could log on w/o probs in the morning (ok, had to hit reload as after login was presented with a white page), clean URLs and correct page titles, everything seemed to work allright until I tried starting my daily routines:

- when trying to backup db I was presented with a page simply filled with all characters of the ASCII code, black on white, repeatedly

- when I tried to create the daily sitemap this worked, but hitting the XML link did not produce the usual XML file but rather a simple text list output (though the source code of the page contained perfect XML)

- of the users, nobody reported any problems, but in my own user (not admin) identity my avatar had gone, and trying to reassign it simply restored my profile to w/o avatar again when saving (I do not know whether this is related, had my avatar deleted before repeatedly over the month - but could always reassign it again - just thought I`d mention it).

- as I had no time all monday, no error logs or db backup exist


3. Today Tuesday, JUL 21


Had no time in the morning and only logged in at noon time, to find the problem was partially back (but the members had already found some ways around):

- log on directly is not possible. After logging on, you get presented with sessionId in the URL again, also page titles include either a script excerpt (example screenshot attached) or the sessionID URL, example: http://www.warandtactics.com/smf/index.php?PHPSESSID=b580e9ae831cbbccf975ed86d8ae7d4f&action=login2

- page reloading did not help, only after deleting the "&action=login2" bit of the URL and hitting return I found myself logged in correctly and with access to the admin panel (and this time, finally activated error logging: 679 pages of entries in 3 hours with only 2 guests and 3 users having logged in)

- all pages now present the "unclean" URL, e.g.: http://www.warandtactics.com/smf/index.php?PHPSESSID=b580e9ae831cbbccf975ed86d8ae7d4f&action=forum

- posting works, but you end up on a white page, you need ro apply browser´s back button and navigate to the topic in question to see your post (the URL after posting would look like this: http://www.warandtactics.com/smf/index.php?PHPSESSID=b580e9ae831cbbccf975ed86d8ae7d4f&action=post2, and deleting the "action=post2" bit and hitting return would bring you to the home page of the forum)

- trying to backup the db today did not present me with ASCII gibberish, but instead with an error page: "Only Administrators may back up the database" and without me showing logged (but hitting the back button of the browser showed that I in fact still was logged on and could continue with other admin stuff). O made a backup, just in case, from cPanel, though.

- creating a sitemap in XML does not work (user sitemap works), same like yesterday: Source Code has XML, but is not parsed correctly into the html page

- Error log showed a lot of different errors, all related to headers, but from different files and lines (see attached pages)

Well, gentlemen, thats about how things stand at the moment, the forum is accessible and limping along, but I have no clue what to do to fix the stuff.

Thanks for your patience,

Rattler
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: MrPhil on July 21, 2009, 08:04:05 PM
You're getting a lot of messages that "headers already sent". That means that some text was sent "too early" to the browser, which caused the default HTTP headers to be sent first. Then when SMF tried to send its own custom headers, it couldn't.

Check for
1) error messages displayed on the screen before anything else (they may be replicated in various error_log files in your directories, the SMF admin error log, or the site account control panel)
2) extra characters sent to the screen, due to problems editing or a bad mod install (usually some editor commands or blanks outside of <?php ... ?>)
3) used a Microsoft text editor, which inserts the UTF-8 Byte Order Mark at the beginning of a file (text outside of <?php ... ?>)
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: Rattler on July 21, 2009, 08:24:27 PM
Thx a lot mate!

It was #3 probably, an invisible character in front of the "<?php", a leftover from the (manually deleted) KB virus code, and as I am speaking the forum is back to normal...

Reworked all files manually, substituting the visible "<?php" with a manually written "<?php" right behind and deleted *everything* in front of it. file_check.php directed me to suspect an invisible "character" when it reported the files where I had deleted the KB virus code Sunday as still not beginning with "<?php"...

Problem solved.

Rattler
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: MrPhil on July 21, 2009, 10:29:13 PM
Sounds good. Damned invisible characters are so hard to see!

BTW that's an amazing pic of a Tiger tank. What was the calibre of that freakin' cannon? I presume the other guy is a British tank destroyer of some sort? Hooray for the German obsession with gigantism!

Add: Looking at the other pix, I'm guessing that most of the gun barrel was knocked off this guy, and that's just some outer shell or shroud, and not the actual barrel. Still, those were big suckers...
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: Rattler on July 22, 2009, 01:03:23 AM
Actually, what you see is the 38cm Mortar it was equipped with:

http://en.wikipedia.org/wiki/Sturmtiger

Quote...and was therefore replaced by a 380 mm rocket launcher, which was adapted from a Kriegsmarine depth charge launcher. -snip-

The main armament was the 380 mm Raketen-Werfer 61 L/5.4, a breech-loading rocket launcher, which fired short-range, rocket-propelled projectiles. These projectiles were roughly 1.5 metres (59 in) in length and could either contain a high explosive charge of 125 kilograms (280 lb) or a shaped charge for use against fortifications, which could penetrate up to 2.5 metres (98 in) of reinforced concrete. The stated range of the former was 5,650 metres (6,180 yd). The weight of the complete rounds was 345 to 351 kilograms (760–770 lb). A normal charge first accelerated the projectile to 45 metres per second (150 ft/s), the 40 kilograms (88 lb) rocket charge then boosted this to about 250 metres per second (820 ft/s). -snipoo-

...Therefore a ring of ventilation shafts were put around the barrel which channeled the exhaust and gave the weapon somewhat of a pepperbox appearance.

more stuff: http://www.warandtactics.com/smf/index.php?board=211.0

Rattler
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: Rattler on July 22, 2009, 06:28:12 AM
Back to topic (though solved), one thing I still not understand is the way the problem presented itself differently every day (did not post it here, but after midnight local last night, while still working on the files, the URL´s came back to normal, but logIn was denied again to everybody...) and why it only afffected some but not all members, anyone can explain that to me (I live off the assumption that the same code (and if flawed) should produce the same result every time):

- I (in my usser identity) was the only one who could not update his profile and who´s Avatar was not shown (came back instantly after the fix)

- one day everybody gets denied login (but this changes 12 hours later as by miracle), 2nd day (w/o any code changes) everybody can log in with clean URL´s, third day URLs are with sessID and we need a workaround t logIn, eetc.

How can the same invisible char in the same files produce such divergent and distinct results?

Just curious,

Rattler
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: MrPhil on July 22, 2009, 12:31:21 PM
I have no idea how the same code flaw could produce such different results, unless each time you took a different path to get there (sometimes a session has already been established, sometimes not). Maybe someone more experienced could chime in...
Title: Re: SNAFU: Complex & transforming problem that has me out of my depth
Post by: Rattler on July 23, 2009, 01:19:54 PM
... off topic and as reply to your above tank pic request:

Found this one (after 0:40)

http://www.youtube.com/watch?v=Yb-oXaaWqXk

Rattler