Can't Create New Album, Attempted security breach - In Mambo
|
keeva
Joined: 2005-02-12
Posts: 16 |
Posted: Thu, 2005-02-24 08:32
|
|
I have gallery 1.5rc1 (2/17/05 I think) embedded in Mambo (4.5.1a Stable [Three For Rum] 05/10/2004 16:12 GMT). Everything works great, except I can not create new albums from Mambo's front end. I can edit, move, delete photos, rename albums, etc.. but when I choose to create a new main album or a new nested album I get a blank white screen that says "Attempted security breach". I'm logging in with the Mambo Super Administrator. Any help would be greatly appriciated. I've found only one other similar post but his problem was more geared toward general users - not admins and was resolved by using a newer Gallery build. As far as I know, I have the latest build of Gallery. thanks so much!, - Kevin |
|
Posts: 347
This error appears when you use the SEF hack from this topic:
http://gallery.menalto.com/index.php?name=PNphpBB2&file=viewtopic&t=23142&sid=a0d7441c47961105daf6f1d0e0d907e2
with Gallery 1.5-RC1.
Kai
Posts: 2322
kai_tom, that's not supported. Sorry.
Posts: 2322
keeva, I'm unable to reproduce this at all.
Can you paste the contents of your New Album link, from the root Gallery page?
Posts: 16
Here is the [NEW ALBUM] link from the main Gallery page in Mambo when logged in as super admin:
maktub.lunarpages.com/index.php?return=http%3A%2F%2Fwww.maktub.lunarpages.com%2Fcomponent%2Foption%2Ccom_gallery%2FItemid%2C40%2Finclude%2Cview_album.php%2F&cmd=new-album&option=com_gallery&Itemid=40&include=do_command.php
I removed the www. since I don't want spiders crawling this staging URL.
I did use the SEF Hack from Gary_d (mentioned by kai_tom) but have since removed it to verify that is not the problem with [NEW ALBUM].
thanks again,
- Kevin
Posts: 2322
keeva, your issue is the missing www.
Your return URL has the www, but when Gallery compares that against its configuration value, they don't match.
Posts: 16
Thank you Signe,
When I manually remove the "http%3A%2F%2F" it does create the new album no problem. However, I remvoed the "http:// from my config file on these lines:
Then I clearched all my browsers cache, cleared cookies and sessions and logged out then logged back in on two different computers and it still puts the "http%3A%2F%2F" in the URL when creating new albums.
How do I remove the "http%3A%2F%2F" from this URL? Or, better yet simply get my config to match the url so there is no security breach?
thanks for helping on this!,
- Kevin
Posts: 347
I know this hack is not supported, thought keeva is using it. :wink:
If I modify the lib/url.php with the SEF Hack from Gary_d I get exactly this error, I'm not able to create new albums, "Attempted security breach", http%3A%2F%2....
I restored the original url.php, cleaned the Mambo- and browser cache and Gallery works perfect again.
- In my case - :-?
Gallery 1.5-RC2-cvs-b13
Mambo 4.5.2.1 (SEF enabled)
Kai
Posts: 16
Kai,
Thank you for persisting. You are correct! I removed the hack on about line 77 of gallery/lib/url.php and I can now create new albums. Also, the good news is that the SEF titles still work fine without this tweak.
(On a side note, I still have not found a way for the individual image name or caption to show up in the title when in Mambo.)
Thank you both for your time and patience with me : )
- Kevin
Posts: 31
keeva:
This can be accomplished with my Mambo Gallery SEF URLs Hack
I'd like to hear if there are any album creation problems when using my hack.
Posts: 16
Logicx,
I can create new albums no problem with your mod. In fact, all looks fantastic so far with this mod.
If I had to nit pick there is only one area to tweak. The uploading progress indicator pop window loads with my site's UI. Idealy this pop up would load into a blank white page with no site navigation.
Thanks again for the mod. Great work!
- Kevin