Jump to content

[SOLVED] cannot access registration session


ekelley

Recommended Posts

I upgraded my PHP from php 4 to php 5.2.3 and now on my classifieds ads site when I try to register I get the following message cannot access registration session that’s all what comes up. Im using the geoclassifieds lite. I get no errors in my error log.

The register script code

 


<? //register.php

/**************************************************************************\
Copyright (c) 2002 Geodesic Solutions, Inc.
All rights reserved
license http://www.gnu.org/copyleft/gpl.html GNU/GPL
http://www.geodesicsolutions.com
\**************************************************************************/

error_reporting(E_ERROR | E_WARNING | E_PARSE);


include("config.php");
include("classes/adodb.inc.php");
include("classes/site_class.php");
include("classes/register_class.php");

$db = &ADONewConnection('mysql');

if (!$db->Connect($db_host, $db_username, $db_password, $database))
{
echo "could not connect to database";
exit;
}


if (!$_COOKIE["classified_session"])
{
$current_time = time();
$sql_query = "delete from geodesic_sessions WHERE last_time < ".($current_time - 3600);
//echo $sql_query." is the query<br>\n";
$delete_session_result = $db->Execute($sql_query);
if (!$delete_session_result)
{
	echo $sql_query." <br>\n";
	return false;
}

//set session in db
srand((double)microtime()*1000000);
do {
	$custom_id = md5(uniqid(rand(),1));
	$custom_id = substr( $custom_id, 0,32);
	$sql_query = "SELECT classified_session FROM geodesic_sessions WHERE classified_session = \"".$custom_id."\"";
	//echo $sql_query." is the query<br>\n";
	$custom_id_result = $db->Execute($sql_query);
	if (!$custom_id_result)
	{
		//echo $sql_query."<br>\n";
		return false;
	}
} while ($custom_id_result->RecordCount() > 0);

//$ip = getenv("REMOTE_ADDR");
$ip = 0;
$sql_query = "insert into geodesic_sessions
	(classified_session,user_id,last_time,ip,level)
	values
	(\"".$custom_id."\",0,".$current_time.",\"".$ip."\",0)";
//echo $sql_query." is the query<br>\n";
$insert_session_result = $db->Execute($sql_query);
if (!$insert_session_result)
{
	//echo $sql_query."<br>\n";
	return false;
}
$expires = time() + 31536000;
$user_id = 0;
$user_level = 0;
$classified_session = $custom_id;
header("Set-Cookie: classified_session=".$custom_id."; path=/; domain=".$HTTP_HOST."; expires=".gmstrftime("%A, %d-%b-%Y %H:%M:%S GMT",$expires));
}
else
{
$current_time = time();
$sql_query = "delete from geodesic_sessions WHERE last_time < ".($current_time - 3600);
$delete_session_result = $db->Execute($sql_query);
//echo $sql_query." is the query<br>\n";
if (!$delete_session_result)
{
	echo $sql_query."<br>\n";
	return false;
}
//get session information
$sql_query = "SELECT * FROM geodesic_sessions WHERE classified_session = \"".$_COOKIE["classified_session"]."\"";
$session_result = $db->Execute($sql_query);
//echo $sql_query." is the query<br>\n";
if (!$session_result)
{
	//echo $sql_query."<br>\n";
	return false;
}
elseif ($session_result->RecordCount() == 1)
{
	//$current_ip = getenv("REMOTE_ADDR");
	$current_ip = 0;
	$show = $session_result->FetchNextObject();

	$sql_query = "update geodesic_sessions set last_time = ".$current_time." where classified_session = \"".$_COOKIE["classified_session"]."\"";
	$update_session_result = $db->Execute($sql_query);
	//echo $sql_query." is the query<br>\n";
	if (!$update_session_result)
	{
		//echo $sql_query."<br>\n";
		return false;
	}
	elseif ($session_result->RecordCount() == 1)
	{
		if (($show->LAST_TIME < ($current_time + 60)) && ($current_ip == $show->IP))
		{
			$user_id = $show->USER_ID;
			$user_level = $show->LEVEL;
			$classified_session = $_COOKIE["classified_session"];
		}
		else
		{
			//change session
			//setcookie("classified_session","",0,"/","$HTTP_HOST");
			$sql_query = "delete from geodesic_sessions where classified_session = \"".$_COOKIE["classified_session"]."\"";
			$delete_session_result = $db->Execute($sql_query);
			//echo $sql_query." is the query<br>\n";
			if (!$delete_session_result)
			{
				//echo $sql_query."<br>\n";
				return false;
			}
			include("classes/authenticate_class.php");
			$auth = new Auth($db,$language_id);
			header("Location: ".$auth->configuration_data->CLASSIFIEDS_URL);

		}
	}
	else
	{
		//setcookie("classified_session","",0,"/","$HTTP_HOST");
		include("classes/authenticate_class.php");
		$auth = new Auth($db,$language_id);
		header("Location: ".$auth->configuration_data->CLASSIFIEDS_URL);

	}
}
else
{
	//setcookie("classified_session","",0,"/","$HTTP_HOST");
	include("classes/authenticate_class.php");
	$auth = new Auth($db,$language_id);
	header("Location: ".$auth->configuration_data->CLASSIFIEDS_URL);

}
}

if ($_REQUEST["set_language_cookie"])
{
$expires = time() + 31536000;
setcookie("language_id",$_REQUEST["set_language_cookie"],$expires);
$site = new Site($db,0,$_REQUEST["language_id"],$auth->classified_user_id);
header("Location: ".$site->configuration_data->CLASSIFIEDS_URL);
}

$language_id = $_COOKIE["language_id"];

$register = new Register($db,$language_id,$classified_session);
if ($user_id)
{
include("classes/classified_browse_class.php");
$browse = new Classified_browse($db,$user_id,$language_id);
$browse->classified_close($db);
$browse->header($db);
$browse->main($db);
$browse->footer($db);
exit;
}
else
{
if (($classified_session) && (!$register->setup_error))
{
	if ($_REQUEST["b"] == 3)
	{
		//the user has clicked the confirmation sent in the email sent to him
		//process the confirmation and put the user in the

		if ($register->confirm($db,$_REQUEST["hash"],$_REQUEST["username"]))
		{
			if (!$register->configuration_data->USE_API)
			{
				//display the registration confirmation completion
				$register->set_new_user_id_in_current_session($db);
				$register->header($db);
				$register->registration_confirmation_success($db);
			}
		}
		else
		{
			//display the error message from confirmation
			$register->header($db);
			$register->confirmation_error();
		}
	}
	elseif ($_REQUEST["b"] == 4)
	{
		$register->header($db);
		$register->end_registration($db);
	}
	else
	{
		//show the basic form to register
		$register->error_found = 0;
		if (!$register->registration_code_checked)
		{
			if ($register->registration_code_use)
			{
				$c = $_REQUEST["c"];
				if ($$_REQUEST["registration_code"])
				{
					if ($register->check_registration_code($db,$_REQUEST["registration_code"]))
					{
						$register->header($db);
						$register->registration_form_1($db);
					}
					else
					{
						$register->header($db);
						$register->registration_code_form($db);
					}
				}
				elseif (strlen(trim($c[bypass_registration_code])) > 0)
				{
					$register->header($db);
					$register->update_registration_code_checked($db,1);
					$register->set_default_group($db);
					$register->registration_form_1($db);
				}
				elseif (strlen(trim($c[submit_registration_code])) > 0)
				{
					if ($register->check_registration_code($db,$c[registration_code]))
					{
						$register->header($db);
						$register->registration_form_1($db);
					}
					else
					{
						//display error messages
						$register->header($db);
						$register->registration_code_form($db);
					}
				}
				else
				{
					$register->header($db);
					$register->registration_code_form($db);
				}
			}
			else
			{
				$register->header($db);
				$register->update_registration_code_checked($db,1);
				$register->set_default_group($db);
				$register->registration_form_1($db);
			}
		}
		elseif (!$register->personal_info_check)
		{
			if ($_REQUEST["c"])
			{
				if ($register->check_info($db,$_REQUEST["c"]))
				{
					$register->update_personal_info_check($db,1);
					if ($register->configuration_data->USE_EMAIL_VERIFICATION_AT_REGISTRATION)
					{
						//do the confirmation
						$register->insert_user($db);
						$register->header($db);
						$register->confirmation_instructions($db);
						$register->remove_registration_session($db);
					}
					else
					{
						$register->insert_user($db);
						if (!$register->configuration_data->USE_API)
						{
							$register->set_new_user_id_in_current_session($db);
							$register->header($db);
							$register->registration_confirmation_success($db);
							$register->remove_registration_session($db);
						}
					}
				}
				else
				{
					$register->header($db);
					$register->registration_form_1($db);
				}
			}
			else
			{
				$register->header($db);
				$register->registration_form_1($db);
			}
		}
		else
		{
			$register->header($db);
			$register->registration_form_1($db);
		}
	}
	$register->footer($db);
}
else
{
	//cannot access registration without a classified session
	echo "cannot access registration session<br>\n";
}
}

?>

 

any suggestions?

Link to comment
Share on other sites

if this is a distributed script i would suggest going to their forums and asking the question

 

Geoclassifieds don’t support the Lite version which is their free open source edition. They only support the paid editions. Their forums are closed to the public for posts unless you pay for support with the upgraded versions. I was thinking about paying for their full Basic version but it is lacking some features that their free one offers.

Link to comment
Share on other sites

99.5% of the time when code runs on one php version/server and not another it is due to php configuration differences. The other .5% of the time it is due to php version differences.

 

The code is setting a reporting level (that does not include NOTICE messages which could be masking messages that could help pinpoint the problem), but an error could be occurring before that point in the code.

 

Set error_reporting to E_ALL in your php.ini or a .htaccess file and temporarily change the line in that file to error_reporting(E_ALL); and then check your web server log for errors (or turn on display_errors in your php.ini or in a .htaccess file) to find out if there might be any errors occurring that would help pinpoint the problem.

Link to comment
Share on other sites

Thank you PFMaBiSmAd

I added error_reporting(E_ALL); right above my echo "cannot access registration session<br>\n"; I already have  error_reporting = E_ALL in my php.ini. After I added the error error_reporting(E_ALL); No errors came up in my error log so to make sure that it is reporting errors to right log i commented out the include("classes/register_class.php"); then it started producing errors. So then I added the error_reporting(E_ALL); to the end of my register_class.php and got this

I got 2 errors

 

Notice: Undefined index: set_language_cookie in \Classified\register.php on line 152

which is

if ($_REQUEST["set_language_cookie"])
{
$expires = time() + 31536000;
setcookie("language_id",$_REQUEST["set_language_cookie"],$expires);
$site = new Site($db,0,$_REQUEST["language_id"],$auth->classified_user_id);
header("Location: ".$site->configuration_data->CLASSIFIEDS_URL);
}

 

Notice: Undefined variable: update_registration_group in \Classified\classes\register_class.php on line 1697

cannot access registration session

 

In register_class.php on line 1697 is the following code I would post the hole thing but its huge. so this is lines 1689-1705

function update_registration_group($db,$registration_group)
{
	$this->registration_group = $registration_group;
	$this->sql_query = "update ".$this->registration_table." set
		registration_group = ".$registration_group."
		where session=\"".$this->session_id."\"";
	$registration_group_result = $db->Execute($this->sql_query);
	//echo $this->sql_query."<br>\n";
	if (!$update_registration_group)
	{
		return false;
	}
	return true;

} //end of function update_registration_code

//%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

 

 

 

I also added the error_reporting(E_ALL);  to the other scripts that are included in that page and I did not get a error with those.

Link to comment
Share on other sites

Both of the Notice messages are just due to poor programming in the code and are not causing the main problem.

 

The first one should be using the isset() function to test if the variable is set.

 

The second one is an incorrectly named variable that is setting and returning a false value from the function, but at least in that class, the return value is never used (the value returned by that function could be used elsewhere, but I did not go looking for it, and I don't think this is causing the problem.)

 

You can fix these as follows (it might help) -

 

register.php, line 152, change to -

 

if (isset($_REQUEST["set_language_cookie"]))

 

register_class.php, line 1697, change to -

 

if (!$registration_group_result)

 

Because this code sets its' own error_reporting() level in the code, it is masking errors like these two. I don't know how the register.php script is reached, directly by a url or if it is included in an index file, so I would recommend going through all the files and commenting out any error_reporting() statements, so that your E_ALL setting in your php.ini will not be overridden. Hopefully, this will help pin down where the problem is.

 

It is too bad they wrote the code with these type of errors, a general lack of through error checking and error reporting and with no support. I guess you get what you pay for (assuming their paid versions are not the same code base as the free version.)

Link to comment
Share on other sites

Here is another approach to finding the problem. Line 175 in register.php is what is triggering the "cannot access registration session" message -

 

if (($classified_session) && (!$register->setup_error))

 

Right after line 311, where the echo "cannot access registration session<br>\n"; is, add the following and see what the variables contain -

 

var_dump($classified_session);
var_dump($register->setup_error);

Link to comment
Share on other sites

My guess is that you will find that the $register->setup_error is set to 1, indicating an error with executing a database query. Unfortunately, that code is using a database abstraction layer and while it is returning a true/false result, it is not returning actual database errors. There is also one commented out echo statement in register_class.php, line 85, for one of the queries that sets the setup_error element.

 

So, I suspect that php is not able to connect to your database.

 

What database type are you using and have you confirmed that the support for that database is enabled in php.ini and is getting loaded?

Link to comment
Share on other sites

First off I agree with their code I have been messing with this for a long time and I like the look of the classifieds but its kinda difficult for me to manage especially since im not to advanced at php im still learning.

 

I have made the changes you sugested off course did not resolve the issue it did seem to clear those errors.

 

For the sugestion of doing the

var_dump($classified_session);
var_dump($register->setup_error);

 

It gave me the following out put

string(32) "f40d8aa4731f7fc84168a3fd90d1a4ea" int(1)

 

for your question on the PHP connecting to a database yes im using MySQL 5.1.11 on Apache I know the php and mysql work because several applications use the mysql and their running just fine plus the Classifieds site using mysql for all of its settings and all of that is still working so the configuration for the classifieds site are still working.

 

I was thinking about paying for their software but I’m a little worried about doing that now.

 

Link to comment
Share on other sites

The data you just posted indicates that $register->setup_error is set to a 1.

 

There are two places in register_class.php where this gets set to that value, line 46 and line 86.

 

Right before line 46 is an echo "no select reg<br>\n"; If this is being output you should see it, so I suspect that the code near line 86 is actually what is getting executed.

 

On line 85 is a commented out echo statement. Remove the // so that the echo statement is in effect and see if you get the "no insert" message. If it turns out to be this section of code, echo out the $this->sql_query variable to see what the query string looks like.

 

About the only thing at that point would be to see if some piece of the query string is missing or contains a value that does not look correct.

Link to comment
Share on other sites

Once again I want to say thank you PFMaBiSmAd for all your help.

 

I did what you sujested and the out put i got was

no insert

insert into geodesic_classifieds_registration_session (session,time_started) values ("f40d8aa4731f7fc84168a3fd90d1a4ea",1199229165)

 

so I take it its a issue with it trying to insert ("f40d8aa4731f7fc84168a3fd90d1a4ea",1199229165) into the mysql?

Link to comment
Share on other sites

If one of the variables was empty, that would point to a problem in the code, but the query itself looks okay.

 

According to the definition of that table (assuming that the *.sql files that come in the download are accurate), there are a number of columns that are specified as being NOT NULL, but they don't have default values. This should generate a mysql error for the INSERT statement that we are looking at.

 

Is there a chance that you upgraded mysql too or that mysql got switched to STRICT mode?

 

Before MySQL 5.0.2, MySQL is forgiving of illegal or improper data values and coerces them to legal values for data entry. In MySQL 5.0.2 and up, that remains the default behavior, but you can change the server SQL mode to select more traditional treatment of bad values such that the server rejects them and aborts the statement in which they occur.
Link to comment
Share on other sites

OMG YOU ARE MY HERO!!!!!!

 

THANK YOU SO SO MUCH PFMaBiSmAd

 

my.cnf was set for sql-mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"\

I removed the STRICT_TRANS_TABLES and it worked.

 

is their any security issues with having STRICT_TRANS_TABLES off?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.