"Security Violation", "The action you attempted is not permitted." after hdd-crash and datarestore

hi,

since i had a fatal hdd-crash, i had to restore all the data. it was not possible to save the users and groups, everything was root,root, so i changed most of them manual. everything is working fine in the meanwhile, except one thing:
i was always using the theme x_treme 1.0.2 and it worked fine. no i'm not able to make any changes in the theme on the admin-page. always if the X_treme-tab is selected, i get the following lines if i push the Save-button:
************************************************
** Security Violation **
** The action you attempted is not permitted. **
** Back to the Gallery **
************************************************

What I already did:
-) executet all maintainance-scripts
-) reinstalled apache2
-) reinstalled php5 module
-) checked databasetables for errors, permissions
-) uninstalled x_treme-theme and deleted all config-entries from database and made a new fresh install
-) upgraded gallery2 to 2.2.1
-) when i make settings in the database directly it works, but it's not practicable

i put the gallery in debugmode, so you can have a look:

http://elias.kiwi.at/~elias/gallery2/main.php?g2_itemId=62622
user: test
pswd: test
with all permissions in this album

try to make some changes in x_treme-theme

you'll get the follwing error:

Error (ERROR_PERMISSION_DENIED) : user id: 4 doesn't have permission: core.edit for item id: 62622
* in modules/core/classes/helpers/GalleryUserHelper_simple.class at line 47 (GalleryCoreApi::error)
* in modules/core/classes/GalleryCoreApi.class at line 477 (GalleryUserHelper_simple::assertHasItemPermission)
* in modules/core/ItemEdit.inc at line 51 (GalleryCoreApi::assertHasItemPermission)
* in main.php at line 231 (ItemEditController::handleRequest)
* in main.php at line 94
* in main.php at line 83
Debug Output
file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryFactoryHelper_loadRegistry.inc) Unimplemented: GalleryUrlGenerator getParameter language.useBrowserPref for core plugin file_exists(/home/elias/gallery2_data/cache/module/core/0/0/0.inc) controller core.ItemEdit, view Loading plugin core Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/core/module.inc) core plugin successfully instantiated file_exists(/home/elias/gallery2_data/versions.dat) file(/home/elias/gallery2_data/versions.dat, ) getParameter id.anonymousUser for core plugin [1182146124] can't guarantee 5 -- extending! file_exists(/home/elias/gallery2_data/cache/entity/0/0/4.inc) Loading plugin core core plugin successfully instantiated Check the version of the core plugin file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryPluginHelper_fetchPluginStatus.inc) The version of the core plugin is ok file_exists(/home/elias/public_html/gallery2/modules/core/ItemEdit.inc) file_exists(/home/elias/gallery2_data/cache/entity/6/2/62622.inc) (mysqlt): SET NAMES "utf8" (mysqlt): SELECT g2_Group.g_id, g2_Group.g_groupName FROM g2_UserGroupMap, g2_Group WHERE g2_Group.g_id = g2_UserGroupMap.g_groupId AND g2_UserGroupMap.g_userId = 4 ORDER BY g2_Group.g_groupName LIMIT 2147483647 file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryStorage_describeMap.inc) (mysqlt): SELECT g_module, g_permission, g_description, g_bits, g_flags FROM g2_PermissionSetMap realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_core -> /home/elias/public_html/gallery2/modules/core/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_comment -> /home/elias/public_html/gallery2/modules/comment/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_cart -> /home/elias/public_html/gallery2/modules/cart/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_photoaccess -> /home/elias/public_html/gallery2/modules/photoaccess/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_shutterfly -> /home/elias/public_html/gallery2/modules/shutterfly/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_fotokasten -> /home/elias/public_html/gallery2/modules/fotokasten/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_rating -> /home/elias/public_html/gallery2/modules/rating/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_ecard -> /home/elias/public_html/gallery2/modules/ecard/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_digibug -> /home/elias/public_html/gallery2/modules/digibug/locale (mysqlt): SELECT DISTINCT g2_AccessMap.g_accessListId FROM g2_AccessMap WHERE g2_AccessMap.g_userOrGroupId IN (4,3) AND g2_AccessMap.g_permission & 32 = 32 Loading plugin imageblock Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/imageblock/module.inc) imageblock plugin successfully instantiated Loading plugin thumbnail Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/thumbnail/module.inc) thumbnail plugin successfully instantiated Loading plugin comment Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/comment/module.inc) comment plugin successfully instantiated Loading plugin customfield Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/customfield/module.inc) customfield plugin successfully instantiated Loading plugin thumbpage Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/thumbpage/module.inc) thumbpage plugin successfully instantiated Loading plugin albumselect Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/albumselect/module.inc) albumselect plugin successfully instantiated Loading plugin sizelimit Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/sizelimit/module.inc) sizelimit plugin successfully instantiated Loading plugin multilang Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/multilang/module.inc) multilang plugin successfully instantiated Loading plugin hidden Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/hidden/module.inc) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_hidden -> /home/elias/public_html/gallery2/modules/hidden/locale hidden plugin successfully instantiated Loading plugin linkitem Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/linkitem/module.inc) linkitem plugin successfully instantiated Loading plugin rating Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/rating/module.inc) rating plugin successfully instantiated Loading plugin rss Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/rss/module.inc) rss plugin successfully instantiated Loading plugin password Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/password/module.inc) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_password -> /home/elias/public_html/gallery2/modules/password/locale password plugin successfully instantiated Loading plugin core core plugin successfully instantiated getParameter default.theme for core plugin Loading plugin x_treme Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/themes/x_treme/theme.inc) x_treme plugin successfully instantiated Check the version of the x_treme plugin file_exists(/home/elias/gallery2_data/cache/theme/_all/0/0/GalleryPluginHelper_fetchPluginStatus.inc) The version of the x_treme plugin is ok Loading plugin core core plugin successfully instantiated Check the version of the core plugin The version of the core plugin is ok getParameter id.adminGroup for core plugin (mysqlt): SELECT g_userId FROM g2_UserGroupMap WHERE g_userId=4 AND g_groupId=2 LIMIT 1 realpath(/home/elias/public_html/gallery2/modules/core/classes/../../../) realpath(/home/elias/public_html/gallery2/) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) is_dir(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) is_writeable(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931/v_12) file_exists(/home/elias/public_html/gallery2/modules/core/classes/../../../lib/javascript/local/BlockToggle.js) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: themes_x_treme -> /home/elias/public_html/gallery2/themes/x/locale file_exists(/home/elias/public_html/gallery2/modules/core/../../themes/x_treme/local/theme.css) file_exists(/home/elias/public_html/gallery2/modules/core/classes/../../../themes/x_treme/local/theme.css)

i really tried everythin , maybe you have another idea? i would be pleased!!!

thanks in advice,

elias.

Gallery-Version = 2.2.1 Kern 1.2.0.1
PHP-Version = 5.2.0 apache2handler
Webserver = Apache/2.2.3 (Linux/SUSE)
Datenbank = mysqlt 5.0.26, lock.system=flock
Werkzeuge = Exif, NetPBM, Thumbnail, ArchiveUpload, Gd, Getid3, LinkItemToolkit
Beschleunigung = partial/1800, full/3600
Betriebssystem = Linux asterix 2.6.18.2-34-default #1 SMP Mon Nov 27 11:46:27 UTC 2006 i686
Standard-Motiv = x_treme
gettext = Aktiviert
Sprache = de_DE
Browser = Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4
Zeilen in der GalleryAccessMap Tabelle = 68
Zeilen in der GalleryAccessSubscriberMap Tabelle = 10120
Zeilen in der GalleryUser Tabelle = 34
Zeilen in der GalleryItem Tabelle = 10116
Zeilen in der GalleryAlbumItem Tabelle = 178
Zeilen in der GalleryCacheMap Tabelle = 22

userid 4 is the guest-user. thats the problem, that if i want to change something in this theme, the system always belives that i am only guest and it seemed to be logged out, if you click at the loginbutton after, you are immediately logged in without typing in your logindata
this only happens at this theme. (x_treme). this was also the theme, which last was active before the crash. is it possible that there got something mixed up with the cached templates in smarty-directory? cause i also get lots of errors from there?

like:
Notice: Undefined index: adminTemplate in /home/elias/gallery2_data/smarty/templates_c/%%1907907931/%%FE^FE0^FE021CE1%%theme.tpl.php on line 766
Options

Notice: Undefined index: photoItem in /home/elias/gallery2_data/smarty/templates_c/%%1907907931/%%F2^F25^F25D63DA%%navigatorTop.tpl.php on line 110
Notice: Undefined index: show in /home/elias/gallery2_data/smarty/templates_c/%%1907907931/%%F2^F25^F25D63DA%%navigatorTop.tpl.php on line 368
...

i already tried to delete this directory completely, but afterwards nothing was working correcly so i copied it back. i also changed permissions to 777. maybe it got confused cause the gallery ran a few hours with user:root and group:root after datarecovery on all files?

is it somehow possible to restart or reinitiate template-cache? i think there is something written into database which template to use from cache?

thanks for help,

elias.

hi, i tried to clear the cache -> no changes

now i tried the following: i made a complete new installation from gallery2. i have the same problems there??!? very strange, maybe there is something missconfigured in my system?

http://elias.kiwi.at/~elias/test/gallery2/main.php

maybe you can have a short look, the gallery is in debugmode and you have all rights on the topalbum with
user: test
pswd: test

maybe you have an idea?

thanks a lot!

very weird stuff happens to the session id. not sure if this is related to your server, the x_treme theme or the debug mode.
i'll have to look at this later.

--------------
Documentation: Support / Troubleshooting | Installation, Upgrade, Configuration and Usage

hi vailant,

did you have time to look after the problem with the session-id? maybe you have a hint, so that i can look for myself? should i re-install all the php-stuff? the session-id is managed by php right?

thanks for your advice,

elias.

hi valiant,

i also made a new installation of gallery and x_treme and the problem still exists. so i'm sure the problem is with the server. maybe you have an idea where i can look?
the problem was, how i said, that after system-data recovery everything was root,root.

greetings elias.

hi vailant,

the problem is not the x_treme-theme! i installed everythin new! still the same problem. i figured out that it always seems like i get logged out, when i want to save changes in a page with "bigger" content. the x_treme-theme has lots of options, too much. i have exactly the same problem when i want to upload lots of photos in one time. see debug output...
for phpinfo see http://elias.kiwi.at/~elias/phpinfo , maybe there is a problem?

Security Violation

The action you attempted is not permitted.

Back to the Gallery
Error Detail -
Error (ERROR_PERMISSION_DENIED) : user id: 4 doesn't have permission: core.addDataItem for item id: 8823

* in modules/core/classes/helpers/GalleryUserHelper_simple.class at line 47 (GalleryCoreApi::error)
* in modules/core/classes/GalleryCoreApi.class at line 477 (GalleryUserHelper_simple::assertHasItemPermission)
* in modules/core/ItemAdd.inc at line 57 (GalleryCoreApi::assertHasItemPermission)
* in main.php at line 231 (ItemAddController::handleRequest)
* in main.php at line 94
* in main.php at line 83

Debug Output
file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryFactoryHelper_loadRegistry.inc) Unimplemented: GalleryUrlGenerator getParameter language.useBrowserPref for core plugin file_exists(/home/elias/gallery2_data/cache/module/core/0/0/0.inc) controller core.ItemAdd, view Loading plugin core Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/core/module.inc) core plugin successfully instantiated file_exists(/home/elias/gallery2_data/versions.dat) file(/home/elias/gallery2_data/versions.dat, ) getParameter id.anonymousUser for core plugin [1182985877] can't guarantee 5 -- extending! file_exists(/home/elias/gallery2_data/cache/entity/0/0/4.inc) Loading plugin core core plugin successfully instantiated Check the version of the core plugin file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryPluginHelper_fetchPluginStatus.inc) The version of the core plugin is ok file_exists(/home/elias/public_html/gallery2/modules/core/ItemAdd.inc) (mysqli): SET NAMES "utf8" (mysqli): SELECT g2_Group.g_id, g2_Group.g_groupName FROM g2_UserGroupMap, g2_Group WHERE g2_Group.g_id = g2_UserGroupMap.g_groupId AND g2_UserGroupMap.g_userId = 4 ORDER BY g2_Group.g_groupName LIMIT 18446744073709551615 file_exists(/home/elias/gallery2_data/cache/module/_all/0/0/GalleryStorage_describeMap.inc) (mysqli): SELECT g_module, g_permission, g_description, g_bits, g_flags FROM g2_PermissionSetMap realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_core -> /home/elias/public_html/gallery2/modules/core/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_comment -> /home/elias/public_html/gallery2/modules/comment/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_cart -> /home/elias/public_html/gallery2/modules/cart/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_photoaccess -> /home/elias/public_html/gallery2/modules/photoaccess/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_shutterfly -> /home/elias/public_html/gallery2/modules/shutterfly/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_fotokasten -> /home/elias/public_html/gallery2/modules/fotokasten/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_rating -> /home/elias/public_html/gallery2/modules/rating/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_ecard -> /home/elias/public_html/gallery2/modules/ecard/locale realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_digibug -> /home/elias/public_html/gallery2/modules/digibug/locale (mysqli): SELECT DISTINCT g2_AccessMap.g_accessListId FROM g2_AccessMap WHERE g2_AccessMap.g_userOrGroupId IN (4,3) AND g2_AccessMap.g_permission & 16 = 16 Loading plugin imageblock Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/imageblock/module.inc) imageblock plugin successfully instantiated Loading plugin thumbnail Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/thumbnail/module.inc) thumbnail plugin successfully instantiated Loading plugin comment Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/comment/module.inc) comment plugin successfully instantiated Loading plugin customfield Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/customfield/module.inc) customfield plugin successfully instantiated Loading plugin thumbpage Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/thumbpage/module.inc) thumbpage plugin successfully instantiated Loading plugin albumselect Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/albumselect/module.inc) albumselect plugin successfully instantiated Loading plugin sizelimit Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/sizelimit/module.inc) sizelimit plugin successfully instantiated Loading plugin multilang Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/multilang/module.inc) multilang plugin successfully instantiated Loading plugin hidden Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/hidden/module.inc) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_hidden -> /home/elias/public_html/gallery2/modules/hidden/locale hidden plugin successfully instantiated Loading plugin linkitem Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/linkitem/module.inc) linkitem plugin successfully instantiated Loading plugin rating Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/rating/module.inc) rating plugin successfully instantiated Loading plugin rss Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/rss/module.inc) rss plugin successfully instantiated Loading plugin password Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/modules/password/module.inc) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: modules_password -> /home/elias/public_html/gallery2/modules/password/locale password plugin successfully instantiated Loading plugin core core plugin successfully instantiated getParameter default.theme for core plugin Loading plugin matrix Class not defined, trying to include it. file_exists(/home/elias/public_html/gallery2/themes/matrix/theme.inc) matrix plugin successfully instantiated Check the version of the matrix plugin file_exists(/home/elias/gallery2_data/cache/theme/_all/0/0/GalleryPluginHelper_fetchPluginStatus.inc) The version of the matrix plugin is ok Loading plugin core core plugin successfully instantiated Check the version of the core plugin The version of the core plugin is ok getParameter id.adminGroup for core plugin (mysqli): SELECT g_userId FROM g2_UserGroupMap WHERE g_userId=4 AND g_groupId=2 LIMIT 1 realpath(/home/elias/public_html/gallery2/modules/core/classes/../../../) realpath(/home/elias/public_html/gallery2/) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) is_dir(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) is_writeable(/home/elias/gallery2_data/smarty/templates_c/%%1907907931) file_exists(/home/elias/gallery2_data/smarty/templates_c/%%1907907931/v_12) file_exists(/home/elias/public_html/gallery2/modules/core/classes/../../../lib/javascript/local/BlockToggle.js) realpath(/home/elias/public_html/gallery2/modules/core/classes/../../..) Binding text domain: themes_matrix -> /home/elias/public_html/gallery2/themes/matrix/locale file_exists(/home/elias/public_html/gallery2/modules/core/../../themes/matrix/local/theme.css) file_exists(/home/elias/public_html/gallery2/modules/core/classes/../../../themes/matrix/local/theme.css)

jippieeeee!!!!!!!! thanks soooo much valiant for the hint with the Suhosin!!! all the problems were based on this! Suhosin seems to be activated since upgrade to OpenSuse 10.2...
i did'nt deactivate it, but i allowed bigger request_variables and so on....lots of restrictions
everything is working fine again!!! thank you so much!

greetings,
elias.