[SOLUTION] Error 404 Login CB 1.1 Joomla 1.5 RC2

11 years 11 months ago #53983 by beat
Just to be clear, this is not a CB bug, but a joomla bug, that has quite some implications on legacy extensions. I reported on the joomla 1.5 bugtracker here:

joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=9140

You can subscribe and watch the fix progress.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
11 years 11 months ago #54131 by cosmicfantasia
Hi Beat,

I was wondering if there was any way to make that bug report a level 1 or 2 priority on Joomlacode. As I am sure you know J1.5 is very very very close to going gold and this sound slike a pretty important bug for the CB community.

Not sure if you have seen this -->

groups.google.com/group/joomla-devel/browse_thread/thread/e551abde11198fbc
11 years 11 months ago #54140 by beat
Yes, I saw that, thanks. :)

I'm in IM contact with Joomla's and Mambo's devs, and I just brought this to the attention of Wilco. ;)

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
11 years 11 months ago #54273 by cosmicfantasia
Excellent... :)

Although not all bugs are going to be fixed for them going gold, this looks to be a big one for the CB community.
11 years 10 months ago #55023 by twhiting9275
beat wrote:

Just to be clear, this is not a CB bug, but a joomla bug


Actually, I hate to break it to you, but this IS a CB bug, not a Joomla bug. Here's the problematic code:
[code:1]

// variant 1: (13 lines up to variant 2):
$request_uri = mosGetParam( $_SERVER, 'REQUEST_URI', null );
$isHttps = (isset($_SERVER) && ( !empty( $_SERVER ) ) && ($_SERVER != 'off') );
if (!(strncmp($request_uri, "http:", 5)==0) && !(strncmp($request_uri, "https:", 6)==0)) {
$return = "http".( $isHttps ?"s":""«»)
."://".mosGetParam( $_SERVER, 'HTTP_HOST', null ).((strpos($request_uri, '/') !== 0) ? "/":""«»).$request_uri;
} else {
$return = $request_uri;
}
if (strncmp($mosConfig_live_site, $return, $len_live_site) == 0) {
$return = substr($return, $len_live_site);
if (strncmp($return,"/",1) == 0) {
$return = substr($return, 1);
}
}
[/code:1]

THANKFULLY, there is a true workaround to this, just a few lines down.

All you have to do iscomment all of the above code, so it looks like:
[code:1]
/*
// variant 1: (13 lines up to variant 2):
$request_uri = mosGetParam( $_SERVER, 'REQUEST_URI', null );
$isHttps = (isset($_SERVER) && ( !empty( $_SERVER ) ) && ($_SERVER != 'off') );
if (!(strncmp($request_uri, "http:", 5)==0) && !(strncmp($request_uri, "https:", 6)==0)) {
$return = "http".( $isHttps ?"s":""«»)
."://".mosGetParam( $_SERVER, 'HTTP_HOST', null ).((strpos($request_uri, '/') !== 0) ? "/":""«»).$request_uri;
} else {
$return = $request_uri;
}
if (strncmp($mosConfig_live_site, $return, $len_live_site) == 0) {
$return = substr($return, $len_live_site);
if (strncmp($return,"/",1) == 0) {
$return = substr($return, 1);
}
}
*/
[/code:1]


What was happening here (at least for ME) was the return URL (ie: as sent by your form) was not sent properly to the form. It's the script's responsibility to verify that the data sent to it is properly done.

By commenting out the above lines, AND chaanging
[code:1]
// $return = 'index.php?' . mosGetParam( $_SERVER, 'QUERY_STRING', '' );
[/code:1]
to
[code:1]
$return = 'index.php?' . mosGetParam( $_SERVER, 'QUERY_STRING', '' );
[/code:1]

this solved my issues, nd allowed individuals to login, and register quite successfully, whereas before, not so much. I'd get redirected to the default opendns 404 page.

Not sure what's wrong with the coding for the first box, not really concerned, but it's improperly done.

Post edited by: twhiting9275, at: 2008/01/24 05:10
11 years 10 months ago #55467 by Pulfordm
Even using the version 2 as per the last post does not work. The problem is calling
$login = sefRelToAbs( $login );

on line 431 (for me)

That legacy code changes & to & fine.

But when it sort the form is calls htmlspecialchars for the return parameter. That will change the & in front of the & to & so you get & which is not desireable.

One cannot change the Legacy class. So what to do?
My suggestion is to remove the remove the htmlspecialchars what entrties can go in the parameters? You do need version 2 still by the way.
Moderators: beatnantkrileon
Time to create page: 0.440 seconds

Facebook Twitter LinkedIn