Security Violation when changing album-titles and descriptions

Ralf-Schlieper

Joined: 2005-09-25
Posts: 38
Posted: Thu, 2009-10-22 08:42

I always get a Security Violation, when I change album-titles and descriptions (as ADMIN). The changes will be done, but after storing I get a white page with this error message:

-----------------------------------
Security Violation

The action you attempted is not permitted.

Back to the Gallery
Error Detail -
Error (ERROR_BAD_PARAMETER) : Controller results are missing status, error, (redirect, delegate, return)

* in main.php at line 243 (GalleryCoreApi::error)
* in main.php at line 94
* in main.php at line 83

System Information
Gallery version 2.2.4
PHP version 5.2.11 cgi
Webserver Apache (1.3)
Database mysql 4.0.27-standard
Toolkits Thumbnail, NetPBM
Operating system Linux infong 2.4 #1 SMP Thu May 28 16:09:02 UTC 2009 i686 GNU/Linux
Browser Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB6 (.NET CLR 3.5.30729)
--------------------------------------

System-Info of my Gallery:
++++
Gallery-Version = 2.2.4 Kern 1.2.0.6
PHP-Version = 5.2.11 cgi
Webserver = Apache
Datenbank = mysql 4.0.27-standard, lock.system=flock
Werkzeuge = Thumbnail, NetPBM, LinkItemToolkit, Exif
Beschleunigung = full/1800, none/900
Betriebssystem = Linux infong 2.4 #1 SMP Thu May 28 16:09:02 UTC 2009 i686 GNU/Linux
Standard-Motiv = x_treme
gettext = Aktiviert
Sprache = de_DE
Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB6 (.NET CLR 3.5.30729)
Zeilen in der GalleryAccessMap Tabelle = 1011
Zeilen in der GalleryAccessSubscriberMap Tabelle = 35627
Zeilen in der GalleryUser Tabelle = 148
Zeilen in der GalleryItem Tabelle = 35573
Zeilen in der GalleryAlbumItem Tabelle = 1702
Zeilen in der GalleryCacheMap Tabelle = 4
+++++

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de
 
nivekiam
nivekiam's picture

Joined: 2002-12-10
Posts: 16503
Posted: Sun, 2009-10-25 09:41

I don't know. First I'd try putting gallery into debug mode and doing that. You can copy and paste the debug output into a text file, zip it and attach.

We do not need the Smarty debug info :)

I'd also look at upgrading, 2.2.4 is rather old and has known security issues.
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
 
Ralf-Schlieper

Joined: 2005-09-25
Posts: 38
Posted: Sun, 2009-10-25 14:49
Quote:
First I'd try putting gallery into debug mode and doing that. You can copy and paste the debug output into a text file, zip it and attach.

Here is the debug output.

PS: Upgrading is always a very nasty thing because of the X_TREME Template .

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de

AttachmentSize
debug-output-fotogemeinschaft_de.txt11.75 KB
 
nivekiam
nivekiam's picture

Joined: 2002-12-10
Posts: 16503
Posted: Mon, 2009-10-26 03:53
Quote:
PS: Upgrading is always a very nasty thing because of the X_TREME Template .

That's one (of MANY) reasons I always urge people to not use that theme.

From the errors I'm seeing, make sure that your files are intact:
FAQ: How can I make sure that my installation files are all intact?
____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
 
Ralf-Schlieper

Joined: 2005-09-25
Posts: 38
Posted: Mon, 2009-10-26 07:48
Quote:
That's one (of MANY) reasons I always urge people to not use that theme.

But in my opinion the most other (perhaps technical better) templates are very ugly. Do you know a template, which is technical better but with a design that is just as good as the X_TREME?

Quote:
From the errors I'm seeing, make sure that your files are intact:
FAQ: How can I make sure that my installation files are all intact?

Here :

Missing Data
modules/notification/test/phpunit/NotificationEvents.class
modules/notification/test/phpunit/NotificationHelperTest.class
modules/notification/test/phpunit/NotificationItemControllerTest.class
modules/notification/test/phpunit/NotificationMethods.class
modules/notification/test/phpunit/NotificationSiteAdminControllerTest.class
modules/notification/test/phpunit/NotificationSystemTest.class
modules/notification/test/phpunit/NotificationTests.class

modified Data
modules/rewrite/data/mod_rewrite/custom/.htaccess
modules/rewrite/data/mod_rewrite_no_options/custom/.htaccess
themes/x_treme/templates/extra/banners/banner_footer.tpl
themes/x_treme/templates/extra/banners/banner_top.tpl
themes/x_treme/templates/theme.tpl

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de
 
nivekiam
nivekiam's picture

Joined: 2002-12-10
Posts: 16503
Posted: Mon, 2009-10-26 15:46

Check out lots of different themes and colorpacks here:
http://themes.gallery2.hu/

Try uninstalling the Notifications module. If that fixes things and you still want to use it, then delete it from Site Admin > Plugins and then click on Get More Plugins (tab at the top of that page) and re-download it fresh.

Why are these modified?
modules/rewrite/data/mod_rewrite/custom/.htaccess
modules/rewrite/data/mod_rewrite_no_options/custom/.htaccess

Looks to me like you've only modified 3 files in x_treme theme, I still strongly suggest you upgrade. It shouldn't be hard to backup those files and download the latest version of Gallery and x_treme and re-modify the new files.

If you had put your changes into a 'local' directory you shouldn't need to do that, as your changes to themes woulnd't get overwritten.
http://codex.gallery2.org/Gallery2:Editing_Templates

____________________________________________
Like Gallery? Like the support? Donate now!!! See G2 live here
 
Ralf-Schlieper

Joined: 2005-09-25
Posts: 38
Posted: Mon, 2009-10-26 17:20

Dear nivekiam

thanks for your detailed answer; I will try your tips..

Ralf

Please visit my gallery if you are interested in good B/W-photos:
http://www.fotogemeinschaft.de