[Embedding, Thumbnail Issue] G2 Post B2
|
ozgreg
Joined: 2003-10-18
Posts: 1378 |
Posted: Wed, 2005-05-04 06:25
|
|
Found a very interesting issue when running G2 in Embedded mode.. New Album restricted access, that is Everyone permissions have been removed (No guest access) Granted G2 (WP) user access(all access) to the album, confirmed permissions in g2_AccessMap making sure all is ok.. Album displays on the list, but no thumbnail is displayed (nor full item). Logging into G2 (not as embedded) thumbnail and Full Item display fine. |
|
Posts: 32509
There's nothing in the G2 architecture that would allow this behavior. More probably is that you assigned this mapped WP user to the G2 admin group or another group.
And if you manipulated the database manually, make sure to flush the db cache afterwoods.
Posts: 1378
Except we reproduced this issue on two other G2 installations...
Posts: 8601
"no thumbnail is displayed".. what IS displayed? text "no thumbnail", broken image icon, or actual broken image? what about full image? no link at all or something broken?
Posts: 32509
ozgreg, i doubt it's a permission issue. more probably it has something to do with the generated urls. maybe the rewrite module? wrong config paths in ::init?
, but i doubt this is a G2 bug.
and if you can reproduce it, it's probably something wrong with the integration code. G2 has bugs, i.e. mindless is constantly fixing them
Posts: 54
The thumbnail is broken.
It links to:
Security Violation
The action you attempted is not permitted.
Back to the Gallery
Error Detail -
Error (ERROR_BAD_PARAMETER, ERROR_UNKNOWN) :
* in modules/core/DownloadItem.inc at line 53 (DownloadItemView::error)
* in main.php at line 285 (DownloadItemView::renderImmediate)
* in main.php at line 79
* in main.php at line 70
So to reproduce, have an image/album in Gallery.
Remove "Everybody" from the permissions.
Add All Users to view all. (so only registered users have access to the item)
If you're in your embedded Gallery, it won't work you have the above error.
If you're in Galley2 it will work just fine if you're signed in.
If you're Logged in to your standalone Gallery, you'll then have access to both the Standalone image, and the embedded image. Cleare the cookie for Standalone G2 and the thumbnails break.
Its odd because The embedded app shows the info on the image, just a broken thumb. I caught this by originally allowing everyone only access to the thumbnail, and All Users could see the resized. In the embedded ap, they see the options for the resize, but no images.
Its like the embedded cookie isn't enough for G2 to get the image, but setting the g2 standalone cookie fixed the problem.
Now all of this was found in the WP-G2 plugin, so it might be something in our code. (the logout function suggested by the docs)
Its not a mapping or path problem, because logging in fixes it. Also if you have other images set for everybody, it works.
Also just logging out of Gallery2 doesn't seem to break the images, killing the cookie is needed.
Posts: 8601
"Clear the cookies" == logout, by the way.. if cookies are in use, so the session id isn't in the urls.
Just to clarify, with the permissions already set if you go to embedded G2 (not logged in) you don't see the item, right? After logging in via embedded G2 now you see the item but the thumbnail is broken? What is the url in the html source for the thumbnail? The error you listed means it was a download request but with no itemId.
Posts: 54
Image ID is included, but I think I found it!
the embedded page has the correct hyper link urls, but the img src is wrong.
So the image URL is:
http://holosite.servepics.com/gallery2/main.php?g2_view=core:DownloadItem&g2_itemId=3606&g2_serialNumber=1
But it should be:
http://holosite.servepics.com/baby/wp-gallery2.php?g2_view=core:DownloadItem&g2_itemId=3606&g2_serialNumber=1
So it looks like embedding the image isn't using the embedded page.
All links on the embedded app work.
This is why when only logged into the embedded app (WordPress) it breaks, but when I'm also logged into Standalone it works, but all URIs for the src don't.
Posts: 8601
to improve performance all core:DownloadItem urls go directly to G2 and not through your embed layer. for this reason it is important the GALLERYSID cookie path is set so both embed and standalone urls will see the cookie, to get the right session/access rights. can you verify your GALLERYSID cookie has path '/' and not '/baby/' ?
also, I don't see how you could get the BAD_PARAMETER error listed above with the Image URL you just posted.
Posts: 54
It helps if I use the same Item id in the examples. I've edited my post to correct the issue, but the second link I posted also shows you the BAD_PARAMETER error, and I can tell you if you had an account in my Gallery2 you'd see the image.
I can't tell you why it does it, only that it does.
So if I need to set my cookie path, how do I do that through the embed class?
Posts: 8601
you don't need to set your cookie path.. if you're supplying the right init params it will work. i asked you to verify the path in your cookie, not to change the path... i also asked you if you see the item when not logged in..
i see permission denied for both links you posted, which makes sense since i'm not logged in...
Posts: 54
When logged into just WP I don't see the image.
When I'm logged in to Gallery, I see the image in both WP and Gallery2
When logged into WP and I view the second link above, I do see the image.
If not logged in, you can't see the image on either (hence the error message anyone here gets with the links above).
My Embedded init is
$ret = GalleryEmbed::init(array( 'embedUri' => 'wp-gallery2.php', 'relativeG2Path' => $g2_option['g2_path'], 'loginRedirect' => $g2_options['g2_redirect'], 'activeUserId' => ('wp_'.$GalleryUser->ID)));Where wp-gallery2.php is the page.
$g2_option['g2_path'] is "../gallery2/" but if gallery is in the WP directory, its gallery2/
and it still breaks. (Ozgreg tested this last night on his dev site)
and $GalleryUser->ID is the ID of the current WP User.
The above code is followed by
That seems to work because in the top part of the embedded gallery, its says Welcome, John W. Arnold Site Admin.
So where might I not be setting the right params, to have the cookie path be '/' and not '/baby/'?
I tried print_r'ing the cookie and I got nothing, so maybe I'm not setting the cookie.
Do I also need to include GalleryEmbed::login($extUserId)?
Posts: 32509
Arnoldjw, mindless asked you to verify the cookie path. you can/should do that in your browser, not in the sourcecode/on the server.
in firefox, in the menu, go to properties -> security (or privacy) -> cookies and in the list of all cookies, search for the domain, click on the GALLERYSID cookie and verify the path.
Posts: 54
Thanks valiant sorry for being thick.
My WP set cookie for GALLERYSID is '/'
My gallery2 set cookie is '/gallery2/'
Posts: 32509
Arnoldjw, can you try the following:
Log in in standalone G2.
Stay logged in.
Log in in WP/embedded G2. (now you're logged in in standalone and embedded G2)
do you still get a permission error when browsing to downloaditem links / do you still don't see the thumbs in embedded G2?
ps:
standalone cookie = logged out && embedded cookie = logged in is a case we didn't think of. in this case, you'd see everything fine in embedded G2, but you'd get permission errors for all download links. we will have to fix this. but this problem is not necessarily related.
Posts: 54
Ok heres the break-down:
Updated based on feedback from IRC logs:
*Deleted Cookies no GALLERYSID*
not logged into WP or G2 - Embed displays a login page
Cookie Path '/'
*Log into G2*
not logged into WP but Logged into G2 - Embed displays a login page, standalone I see images
Second Cookie Created, path '/gallery2/'
*Delete Cookies*
Logged into WP but not G2 - See album names, but broken or missing images.
Three GALLERYSID Cookies created : Cookie Path '/', '/gallery2/d/3477-5/', and '/gallery2/d/3683-1/'
Logged into WP and G2 - I see images in both embedded ap and standalone G2
Fourth Cookie created '/gallery2/'
*Log out of G2, didn't delete Cookies*
Logged into WP but logged out of G2 - I see image in Embedded Ap, but not visible in G2
No change to the 4 GALLERYSID Cookies.
Again the permission (because its been a while) to recreate the problem.
Add and image/album in G2.
Removed "Everyone" from the permissions.
Add "All Users" to the permission save view or View all versions.
have an embedded ap and login.
I'm not worried about loggin out of Gallery and still seeing the images. If they can login, its ok. What I want to avoid is requiring users to login twice to see the images.
My directory structure is both gallery and wordpress are at the same level in the directory, but I have tried this with Gallery living within the WordPress directory, and I get the same issue.
System is MacOSX 10.3
Apache 2
PHP 5
WP 1.5
Gallery2 the CVS from 3-4 days ago, after the cookie problem was fixed.
But Gallery2 beta 2 had the same problems, I hoped the cookie fix would fix the issue.
Browser: FireFox (Windows) but Safari and IE6 have the same problem.
Posts: 1378
Nice analysis Arnoldjw, although you going to need a cookie jar to hold all these cookies at this rate
Valiant be very happy to give you access our devtest area for you to login and reproduce this issue if you need as the devtest board also displays the same issue..
Posts: 32509
Arnoldjw, weird results. And you could have mentioned that you use rewrite module a little bit earlier.
It would be interesting if you have the same results in the case "cleared cookies, login in WP, visit embedded G2" if you have the rewrite module disabled.
What goes wrong here:
- it should create 2 GALLERYSID cookies at max: obviously, the rewrite module leads to incorrects cookie paths, eg. '/gallery2/d/3477-5/'.
The question is: why does it create the '/gallery2/d/3477-5/' cookies / sessions, when it already should have received the '/' cookie.
Posts: 54
Sorry Valiant,
I thought I had the rewrite module off because in beta 1 short URLs (and I thought URLrewrite too) broke the embedded ap links.
In fact:
On holosite URLrewrite is:
configure
uninstall
On localhost (second test box) URLrewrite Module isn't installed.
I uninstalled URLrewrite, and deleted cookies. Same 3 cookies are set.
Posts: 32509
if the rewrite module is really deactivated (and you deleted your cookies afterwards), then cookie paths like '/gallery2/d/3477-5/' can't be generated, can't be.
Posts: 54
Sorry,
Deleted Cookies again, and only two cookies are created.
"/"
and
"/gallery2/"
Posts: 32509
Arnoldjw, ozgreg, i need access to your boxes (one of them) to debug this.
1. at least WP / G2 accounts
2. ftp or ssh access to enter debug information in the code would make it a lot easier.
Posts: 32509
There's something wrong with your G2 / WP integration.
I've just debugged a little and the result is, that there's no session file /data stored for the embedded G2 sessions.
Could you WP guys debug this?
It works in the xaraya integration.
G2 stores the session data in main.php GalleryMain.php in $session->save();
this is called by GalleryEmbed::handleRequest();
Posts: 54
I'll take a look this evening.
I'll look at the xaraya integration and see what they do.
We do a
$ret = GalleryEmbed::init(....)
Followed later by
$gallerySessionId = GalleryEmbed::getSessionId();
$g2data = GalleryEmbed::handleRequest();
But I'll see how others handle it.
Thanks
Posts: 32509
xaraya? no, i never do GalleryEmbed::getSessionId();
i don't know why it doesn't work for you / what goes wrong.
all what you need to do:
GalleryEmbed::init(array('activeUserId' => something, 'relativeG2Path' => something));
GalleryEmbed::handleRequest();
if you don't call handleRequest, you have to call ::done();
if you give me also FTP access for g2data, i could find it out, perhaps.
Posts: 1378
Valiant, you should have a PM with the devtest board details..
Thanks for your Help...
Posts: 32509
ozgreg, no, i didn't receive any pm from you in the last few days.
Posts: 32509
My first short debug session on ozgregs site yields the following:
- There are several things wrong, let's start with things that WP does wrong, because G2/embedded is proven to work correctly with other CMS'.
- WPG2 sometimes sets activeUserId in the init call to '0' / anonymous, when it actually set it to Admin. Or something like that, because i can't explain it.
- The current WPG2 integration code isn't 100% correct.
current code:
//Include Gallery2's Embed Page to run Gallery Class if path exists require_once(ABSPATH.$g2_option['g2_path'].'embed.php'); //Setup Gallery Information Pass to Gallery WordPress's CurrentUser $ret = GalleryEmbed::init(array( 'embedUri' => 'wp-gallery2.php', 'relativeG2Path' => $g2_option['g2_path'], 'loginRedirect' => $g2_options['g2_redirect'], 'activeUserId' => ('wp_'.$GalleryUser->ID))); if ($ret->isError()) { //If no user match, then send the current user to gallery $ret = GalleryEmbed::createUser(('wp_'.$GalleryUser->ID), array ('username' => $GalleryUser->user_login, 'fullname' => $GalleryUser->fullname, 'email' => $GalleryUser->user_email, 'password' => 'test')); $ret = GalleryEmbed::init(array( 'embedUri' => 'wp-gallery2.php', 'relativeG2Path' => $g2_option['g2_path'], 'loginRedirect' => $g2_options['g2_redirect'], 'activeUserId' => 'wp_'.$GalleryUser->ID)); } $gallerySessionId = GalleryEmbed::getSessionId(); $g2data = GalleryEmbed::handleRequest(); if ($g2data['isDone']) { exit; // G2 has already sent output (redirect or binary data) } // Should we Disable the Header output and instead allow the g2wpheader to control the Output? if ($g2_option['g2_externalheader']=="No") { //Include WP Theme or basic html header if ($g2_option['g2_themewrap']!="No") { //Include the WP Header get_header(); //Include any plug-in header content set in the plugin options checkforsidebar ('g2_header'); }else{ //No Theme, Include include standard html tags echo "<html>\n<head>"; } if ($g2_option['g2_galleryhead']!="No") { //Start Gallery Header echo $g2data['headHtml']; //Display the gallery header } //If theme for Gallery is missing include standard html tags if ($g2_option['g2_themewrap']=="No") { echo "</head>\n<body>"; } } else if ( $g2_option['g2_externalheader']=="Yes" && file_exists( $current_stylesheet_dir.'/wpg2header.php') ) include ($current_stylesheet_dir.'/wpg2header.php'); echo $g2data['bodyHtml']; //Display the gallery content //Close Gallery Connection $ret = GalleryEmbed::logout(); } else { //We were not able to get gallery connected get_header(); checkforsidebar ('g2_header'); if (!$isg2active){ echo "<h1>Sorry the Gallery Plug-in is not enabled.</h1>"; }else{ echo "<h1>Sorry the Gallery Plug-in is not configured.</h1>"; } }corrected code:
//Include Gallery2's Embed Page to run Gallery Class if path exists require_once(ABSPATH.$g2_option['g2_path'].'embed.php'); //Setup Gallery Information Pass to Gallery WordPress's CurrentUser /* Why do you call this variable $GalleryUser ? * actually it's $WPUser ! and no wp_ prefix is needed! doesn't do harm though. */ $uid = $GalleryUser->ID; // now check if the $uid == id of anonymous WP user // change this code... if ($uid == _WP_ID_UNREGISTERED) { $uid = ''; } /* added embedPath (more robust!) */ $ret = GalleryEmbed::init(array( 'embedUri' => 'wp-gallery2.php', 'embedPath' => $g2_option['embedPath'], 'relativeG2Path' => $g2_option['g2_path'], 'loginRedirect' => $g2_options['g2_redirect'], 'activeUserId' => $uid));(see my changes in the above code)
Now you have to do more error checking, see my explanations in http://gallery.menalto.com/index.php?name=PNphpBB2&file=viewtopic&p=129275#129275
// check $ret from ::init if ($ret->isError()) { if ($ret->getErrorCode() & ERROR_MISSING_OBJECT) { // check if the there's no G2 user mapped to the activeUserId $ret = GalleryEmbed::isExternalIdMapped($uid, 'GalleryUser'); if ($ret->isError() && ($ret->getErrorCode() & ERROR_MISSING_OBJECT)) { // user not mapped, map and create G2 user now $ret = GalleryEmbed::createUser($uid, array ('username' => $GalleryUser->user_login, 'fullname' => $GalleryUser->fullname, 'email' => $GalleryUser->user_email, 'password' => 'test')); // check $ret error code if ($ret->isError()) { print "couldn't create G2 user, here's the error from G2: " .$ret->getAsHtml(); exit; } // login as the $uid user in G2 now that the user exists $ret = GalleryEmbed::checkActiveUser($activeUserId); if ($ret->isError()) { print "couldn't login with new G2 user, here's the error from G2: " .$ret->getAsHtml(); exit; } } else { // an unknown / strange error print "unknown G2 error, here's the error from G2: " .$ret->getAsHtml(); exit; } } else { // an unknown / strange error print "unknown G2 error, here's the error from G2: " .$ret->getAsHtml(); exit; } } $g2data = GalleryEmbed::handleRequest();- $ret->isError() on ::init can be caused be various things. don't interpret too much in it. you have to call isexternalidmapped() as i do in the above code.
- don't reinit, just call checkactiveuser
- always check the $ret status codes
Posts: 32509
and what do you do with the $gallerySessionId ? support cookie-less browsing? i didn't use it in xaraya... screw cookieless users.
and replace :
if ($g2data['isDone']) { exit; // G2 has already sent output (redirect or binary data) }by
// show error message if isDone is not defined if (!isset($g2data['isDone'])) { // set can be false or true print 'isDone is not defined, something very bad must have happened.'; exit; } // die if it was a binary data (image) request if ($g2data['isDone']) { // check if it's true exit; /* uploads module does this too */ }Posts: 32509
please implement the changes and then let's check the status again.
Posts: 1378
Thanks for your list of changes Valiant, although none of those changes corrected the issue, it got me thinking about the issue in a different way which led me to what I believe the issue is and a correction, then also a discovery of what could be a limitation..
The issue is Gallery is generating two cookies, one for WP embedded in the / path the second for g2 in the /gallery2/ path which is confusing the creation of the thumbnails.
Removing the relative path and instead setting the embedPath to /gallery2/ corrected the second cookie issue (once I had cleared cookies) however it now created a second issue as G2 thinks the embedding php in the /gallery2/ path not / where is it located..
To work around this I set the embedURI to ../gallery2.php which solved the issue in the short term however it is not a setting that can be utilised as it will only work if Gallery2 is a subdirectory of WP and WP is in /
Thus in summary I see two concerns..
A) Cookie information and how it can lead to issues with sessions in G2 (including how in the future this is going to be a concern if someone incorrectly configures a path)
B) embeduri and setting a path back to where it is located..
Again thanks for looking over the code, I been a joint effort involving members of the WPG2 community and yourself, and I hope now that we have figured out what I believe the issue is..
Posts: 32509
- G2 is supposed to create two cookies, one for embedded and one for standalone.
- The embedded cookie is set with a path that is also "visible" for the standalone G2, i.e. when using G2 in embedded only, G2 should always only create 1 cookie, the one with path / (or whatever path is set in the embedded cookie case).
- let's first focus on the urlrewrite module deactivated case, because it works for other embedded G2s (xaraya).
- setting the G2 standalone cookie path for embedded G2 is a bad hack. This way, embedded G2 doesn't see the cookie (in the general case) and a new session (+ cookie) is created on each request.
- but we are already working on a different cookie solution, see the cookie / auth topic. we will set the cookie path to "/" on all installations, embedded or not. this will guarantee that only a single GALLERYSID cookie exists per installation and thus fix all problems.
- don't change relativeG2Path, embedUri, embedPath to something else what they actually are please.
i don't think that we really identified the actual cause of the current WPG2 cookie problems (when url rewrite is deactivated).
with url rewrite deactivated, we have to analyze this case:
Posts: 1378
Valiant,
I just totally rewrote the WPG2 calling GalleryEmbed::init function(s) removing all the calls replacing them with a standard function. Rewrote the WP user detection as I found the standard WP get_currentuserinfo() to be problematic in the returning of $user_ID on the first loading of WP (First pass)
I now have two cookies, all thumbnails displaying when they should, with full permissions and yes I corrected the path removing the embedpath back to a relativepath as my "hack" as you described it would have caused no end of issues anyway and I was never happy with it..
Posts: 32509
Sounds great.
So what does work and what not with the new code? No problems with url rewrite disabled?
From what you write, I have the impression that you set embedPath to the same value as relativeG2Path. But these are different things, see the examples in docs/EMBEDDING.
ps: trying to find out where you define function g2_login(), no luck yet.
Posts: 1378
Works both with url rewrite disabled and enabled (I tested under both).
Relative path is gallery2/ under my "hack" I had set it to embedpath /gallery2/, creative but as you pointed out not really a solution..
The function g2_login() is now in our core WPG2 code in g2embed.php..
All the changes will be in our latest snapshot (which you can grab from downloads)
Posts: 54
Thank you for looking at the code.
Ozgreg and I have made a number of changes to the code, and most of the time seems to function as expected.
Thanks