Doesn't fit elsewhere: Error Log Oddity

[Clara Listensprechen]

Will do, K@! Thanks!

[kat]

Fingers crossed.

[Clara Listensprechen]

Well, the request was for index.php, but the error was generated by Security.php and the following is the context code for permissions, and apparently what happens is a database search, probably based on logged IP, and then if the person's signed in, not banned, or otherwise restricted from looking at index.php. If there's no logged IP to put into that search, one would get the error, perhaps? Because there's no associated table of permissions with a nonexistant IP, no?  Just wondering...

Code Select Expand


// Check the user's permissions.
function allowedTo($permission, $boards = null)
{
global $user_info, $modSettings, $smcFunc;

// You're always allowed to do nothing. (unless you're a working man, MR. LAZY :P!)
if (empty($permission))
return true;

// You're never allowed to do something if your data hasn't been loaded yet!
if (empty($user_info))
return false;

// Administrators are supermen :P.
if ($user_info['is_admin'])
return true;

// Are we checking the _current_ board, or some other boards?
if ($boards === null)
{
// Check if they can do it.
if (!is_array($permission) && in_array($permission, $user_info['permissions']))
return true;
// Search for any of a list of permissions.
elseif (is_array($permission) && count(array_intersect($permission, $user_info['permissions'])) != 0)
return true;
// You aren't allowed, by default.
else
return false;
}
elseif (!is_array($boards))
$boards = array($boards);

$request = $smcFunc['db_query']('', '
SELECT MIN(bp.add_deny) AS add_deny
FROM {db_prefix}boards AS b
INNER JOIN {db_prefix}board_permissions AS bp ON (bp.id_profile = b.id_profile)
LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
WHERE b.id_board IN ({array_int:board_list})
AND bp.id_group IN ({array_int:group_list}, {int:moderator_group})
AND bp.permission {raw:permission_list}
AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})
GROUP BY b.id_board',
array(
'current_member' => $user_info['id'],
'board_list' => $boards,
'group_list' => $user_info['groups'],
'moderator_group' => 3,
'permission_list' => (is_array($permission) ? 'IN (\'' . implode('\', \'', $permission) . '\')' : ' = \'' . $permission . '\''),
)
);

// Make sure they can do it on all of the boards.
if ($smcFunc['db_num_rows']($request) != count($boards))
return false;

$result = true;
while ($row = $smcFunc['db_fetch_assoc']($request))
$result &= !empty($row['add_deny']);
$smcFunc['db_free_result']($request);

// If the query returned 1, they can do it... otherwise, they can't.
return $result;
}

// Fatal error if they cannot...
function isAllowedTo($permission, $boards = null)
{
global $user_info, $txt;

static $heavy_permissions = array(...bla bla bla...



Couldn't find anything outside of the request to get index.php in the error message, and the issue appears to be whether or not this Guest has permission to even look at index.php.

// You're never allowed to do something if your data hasn't been loaded yet!
   if (empty($user_info))
      return false;

The context for the Error Log citing line 832 in Security.php:

Code Select Expand


// Check if they can do it.
if (!is_array($permission) && in_array($permission, $user_info['permissions']))
return true;


[Sir Osis of Liver]

Do the two errors always occur in pairs?

[MrPhil]

Possible there's a hack in your code preventing SMF from displaying the IP?

Didn't I see some discussion a while ago about an IPv6 address causing a blanked-out display?

[Kindred]

Yes... I believe that ipv6 does not display correctly.

However, I will give the sermon... Clara, you really need to upgrade your forum, si
Me rc2 has known security issues and we can't Ben responsible or supporting outdated versions that are 5 versions out of date in terms of security and other fixes.

[Clara Listensprechen]

Do the two errors always occur in pairs?

Apparently, and there's pages and pages of them, which is why I suspect a deliberate attack by one individual.  It's just coincidence perhaps, but I did have issues with a renegade Admin person whom I deleted from the member roster and who has been peppering my Yahoo email account ever since. One of the reasons I really need to establish if this was an inside job (no, it wasn't Gri.  I'd take Gri over this guy any day of the week).

[Clara Listensprechen]

Yes... I believe that ipv6 does not display correctly.

However, I will give the sermon... Clara, you really need to upgrade your forum, si
Me rc2 has known security issues and we can't Ben responsible or supporting outdated versions that are 5 versions out of date in terms of security and other fixes.

...and I'll repeat the litany I usually say in response to that: I'll upgrade when the mods I have on my 2RC2 work on that plain vanilla (and to me, useless) "better" version.  I'm not even asking for you to be responsible, either.  I just want clues I can *** well do myself, thank you very much.  I just need to know where to start.  I am my own best support, as I have been over the years my board has been online.

Besides, we have NOT established that this was actually a hack job with any certainty. There is only highly suspicious coincidence, but no proof.  Prove to me that this was actually a hack job due to a specific vulnerability or a list of specific vulnerabilities, and name those vulnerabilities along with why you think they're the problem.

From my cold dead hands, Kindred.

From my cold dead hands.

[Clara Listensprechen]

Possible there's a hack in your code preventing SMF from displaying the IP?

Didn't I see some discussion a while ago about an IPv6 address causing a blanked-out display?

Did you? Know where to find it?

[mashby]

Hmm. I am really wondering why you are on RC2. From what I see in your responses, it is due to mods that only work on 2RC2. From a support perspective, it's really difficult to support a version that is no longer available on the Download section of this site. On one response you are asking Kindred to "Prove to me that this was actually a hack job due to a specific vulnerability or a list of specific vulnerabilities, and name those vulnerabilities along with why you think they're the problem." Yet, in another response, you are indicating you may have a rogue ex-admin. All of these conditions make support a near impossible thing to achieve (as in many unknowns). God bless K@, emanuele, Krash, and MrPhil for at least trying. I'm really just wondering what makes the mods you have on 2RC2 the ability to make your hands so cold and dead?

[Kindred]

And I just told you that it probably was not a ack and that mr.phil was correct....

http://www.simplemachines.org/community/index.php?topic=457400.msg3195740#msg3195740

Of course, it appears that the ipv6 mod only works on 2.0 rc5+

As for your mods....   I don't know any mod that only installs on rc2 at this point.... I have several rc3 mods installed on my 2.0.1 forum without error as well, though,

[Clara Listensprechen]

Exactly why I didn't ask for support.  If you'll kindly take the time to read the OP, the question was if anybody else had this happen, and what was the determined reason?

Now--in this thread is a post that somebody else had seen a thread on a blank IP before, and if that thread is well buried in the message vault, then it hasn't been an issue with anybody else since it was posted.  As I also stated, this is the first time in the near-decade that I've been online that this has ever happened.

So--if Kindred is so sure of himself about this being the result of vulnerabilities, he should also be able to be specific as to why he thinks so. Otherwise, his statement rises no higher than pure speculation, and I need good reasons to drop 2RC2 when it has served me so well AND I'm intimately enough familiar with it to have done my own support all these years except for a snag here and there that gets me flummoxed about where to start looking.

Look at my userdata under my avatar--I'm still a Junior here, with a few posts, and I've been here for years.  That's how much support I've ever asked for.  Now then, I'll ask again:

Has anybody else had this problem and if so, what was YOUR solution to the problem?  Can this be performed by external script or is this necessarily an inside job? No ephemeral speculations or all-versions-prior-to-2.0.1- are automatically guilty without a fair trial, please.

Again: this has happened to my board only once, and one occurrance does not a flat out condemnation make.  From my cold dead hands.

[Clara Listensprechen]

And I just told you that it probably was not a ack and that mr.phil was correct....

http://www.simplemachines.org/community/index.php?topic=457400.msg3195740#msg3195740

Of course, it appears that the ipv6 mod only works on 2.0 rc5+

As for your mods....   I don't know any mod that only installs on rc2 at this point.... I have several rc3 mods installed on my 2.0.1 forum without error as well, though,

Well, then.  What you didn't have before was pertinent information. That makes this different, and that's really all I was looking for. BTW, RC3 doesn't seem to be backwards compatible with 2RC2.  I'd considered moving up to 2RC5 at least, but then I discovered that, too, was too limited.

Again, thank you for the information. A little information PWNS speculation 7 ways from Sunday.  And see? No support. You're clean.

======PS...Noticed the discussion about Captcha in the process. What's also true of my board is that Captcha was preventing people from registering, and I also had it disabled.  Very interesting indeed.

[Clara Listensprechen]

Well, I got the requested information after too much sermon, and although the problem isn't fixed, the requested information was provided.  Marking this solved.

[kat]

I could understand, if you were reluctant to move from SMF v1.1.15 to 2, Clara.

My own forum's v1.1.15 and it's likely to stay that way.

But, an "RC" release is a "Release candidate".

In essence, it's a beta version, with many known bugs and security problems.

Now, I don't want to do the "Sermon", because you seem like a nice lady, to me.

That having been said, YOU REALLY SHOULD UPGRADE TO SMF 2.0.1 NOW!!!

Using an RC is like using IE 6. (Or any version of IE, come to that)

[Don Houston]

This thread came to me via some people I know of.  Clara is accusing me of hacking her site.  I have not, nor would I ever do such a thing.  Her problems that she did have was with an RSS Feed that I had put on my site WITH her permission.  Once we figured that out, we tried to limit the solution.  At the time we figured out where the IP was, I told her I would remove the feed to see if that would correct the problem.  She replied it was NOT necessary.

Clara, since you don't seem to answer any other response, I guess doing this here would be the next best thing.

I did not hack your site.  I don't care and did not have the time to do that.  I did not ban you from any other site either.  Normally I don't do this is public, but I feel that she has left me no choice.  I refuse to allow anyone to spread lies about me.  Now Clara, I am asking you to take the remark on your website about me down, I am also asking that you stop spreading rumors about me that are not true.  If you feel that I did something, why don't you ask me first?  That would be the simplest thing to do.  I am not going to allow you or anyone else to destroy me because of being upset over something foolish.  You and I need to talk, or you just need to let me go.  I have 8 years in this business.  I have been an administrator for a web hosting Company with over 300 clients and NOT one of them has ever had a problem.  I was informed of this thread and I could not allow it to go on.  If you think I got into your account, contact the provider they should be able to give you login details.

Now, Please stop this I am asking because failure in doing so will result in this escalating into a larger issue and I do not want to do that

[Clara Listensprechen]

I could understand, if you were reluctant to move from SMF v1.1.15 to 2, Clara.

My own forum's v1.1.15 and it's likely to stay that way.

But, an "RC" release is a "Release candidate".

In essence, it's a beta version, with many known bugs and security problems.

Now, I don't want to do the "Sermon", because you seem like a nice lady, to me.

That having been said, YOU REALLY SHOULD UPGRADE TO SMF 2.0.1 NOW!!!

Using an RC is like using IE 6. (Or any version of IE, come to that)

It's like this, K@--I don't have a problem with the latest 1.x. It's a great li'l piece of boardware. My domain runs two 2.x boards and one of those is, in fact, a 2.0.1 board just so I can play with it. the 2RC2 leaves it in the dust as a workhorse, so don't try to tell me I haven't given 2.0.1 a fair shot.  I did. As a workhorse, It fails.

I never send a productive workhorse to the glue factory just because it's old.  I draw your attention to the fact that I found it preferable to all the subsequent RC versions, too. I stick with what does what I want it to, especially because every time I've asked for a feature, the only response I get from you people is NO.  2RC2 does what I want it to do and I've already invested plenty of my own quality time to get it to do what I want it to do, and let me put it this way--I'm danged if I'm gonna get stuck with boardware that won't.

[ARG01]

@Don Houston. I wouldn't sweat it much as anybody with a lick of common sense knows not to take the website in question and/or the accuser seriously.
Anyone who has encountered this person, as well as most people here are aware of her standard tactics of accusations and meaningless and useless confrontation simply for the sake of argument.
Just ignore her like the plague, sooner or later she will simply move on to harass another.

[Don Houston]

I noticed you did not respond nor apologize, which is fine.  But I did send you a warning asking you to stop slandering my name, and if you refuse to do so, the consequences of the actions will be severe.

I did not hack your site.  as for running circles around the other site?  your biggest gripe is about the arcade.  How can the same software out work itself?  Do you listen to yourself?

Just like you said Gri was better than I was, yet he left you high and dry.  Gee, great pick if you ask me.  Really smart one too.  I don't see you blaming him for your problems.  I don't see you telling people how you threw fits on others sites because you got upset.  I do see that you continue to lie about me and you think your going to get away with it.  Kind of funny.  I asked you to take a message off your site that is still there.  I suggest you do that because what you are doing is breaking the law.  I may not have the DB experience you do, but I have admin experience and plenty of it.  I am one last time asking you to take down that message. 

[Don Houston]

@Don Houston. I wouldn't sweat it much as anybody with a lick of common sense knows not to take the website in question and/or the accuser seriously.
Anyone who has encountered this person, as well as most people here are aware of her standard tactics of accusations and meaningless and useless confrontation simply for the sake of argument.
Just ignore her like the plague, sooner or later she will simply move on to harass another.

hey ARG,

I am sorry I refuse to allow her to drag my name down because she wants to pout like a little 10 year old. I take my reputation seriously and I do have people who look at these forums to review that I know what I am doing.  This is a black eye on my end and I won't stand for it.  she is the one that refuses to update.  Anyone knows that if you don't update, you have security risks, and then she blames me??  I don't think so.


TAKE THE MESSAGE OFF THE SITE CLARA