Login broken

donatmote · Post by **donatmote** » Fri Aug 19, 2005 7:59 pm

System: Debian Etch AMD64

Whe I try to login with any of the username/passwords in my database, I just get
the login screen redisplayed.
I can get a console by turning off authentication in the database, but that's unacceptable.
Trying to find where the failure occurs, I turned on debugging in zm.php. Below are the
php variables dumped after a login attempt. I notice that:
_SERVER["REQUEST_METHOD"] GET
even though the method in the sourece and in the access.log is POST.
_SERVER["QUERY_STRING"] no value
This is true in the access log -- there is no query string
_SERVER["argv"]
is empty.
This is the case with firefox and IE.

So my questions: Is this the reason for the login failure?
If so, where in the process are the login values likely not being forwarded?
Is my apache build whacked? or my php? or.....
If not, whare should I be looking?

Thanks.

Don

Variable Value
_REQUEST["bandwidth"] high
_REQUEST["format"] html
_REQUEST["ZMSESSID"] 46d6faae8e720027802eeec33f8b5983
_COOKIE["bandwidth"] high
_COOKIE["format"] html
_COOKIE["ZMSESSID"] 46d6faae8e720027802eeec33f8b5983
_SERVER["DOCUMENT_ROOT"] /var/www
_SERVER["HTTP_ACCEPT"] text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
_SERVER["HTTP_ACCEPT_CHARSET"] ISO-8859-1,utf-8;q=0.7,*;q=0.7
_SERVER["HTTP_ACCEPT_ENCODING"] gzip,deflate
_SERVER["HTTP_ACCEPT_LANGUAGE"] en-us,en;q=0.5
_SERVER["HTTP_CONNECTION"] keep-alive
_SERVER["HTTP_COOKIE"] bandwidth=high; format=html; ZMSESSID=46d6faae8e720027802eeec33f8b5983
_SERVER["HTTP_HOST"] zoneminder.mote.org
_SERVER["HTTP_KEEP_ALIVE"] 300
_SERVER["HTTP_REFERER"] http://zoneminder.mote.org/zm/zm.php
_SERVER["HTTP_USER_AGENT"] Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.8) Gecko/20050518 Firefox/1.0.4 (Debian package 1.0.4-2)
_SERVER["PATH"] /bin:/usr/bin:/usr/local/bin
_SERVER["REMOTE_ADDR"] 12.174.210.200
_SERVER["REMOTE_PORT"] 38016
_SERVER["SCRIPT_FILENAME"] /var/www/zm/zm.php
_SERVER["SERVER_ADDR"] 12.174.210.138
_SERVER["SERVER_ADMIN"] don@mote.org
_SERVER["SERVER_NAME"] zoneminder.mote.org
_SERVER["SERVER_PORT"] 80
_SERVER["SERVER_SIGNATURE"] <ADDRESS>Apache/1.3.33 Server at zoneminder.mote.org Port 80</ADDRESS>
_SERVER["SERVER_SOFTWARE"] Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-15
_SERVER["GATEWAY_INTERFACE"] CGI/1.1
_SERVER["SERVER_PROTOCOL"] HTTP/1.1
_SERVER["REQUEST_METHOD"] GET
_SERVER["QUERY_STRING"] no value
_SERVER["REQUEST_URI"] /zm/zm.php
_SERVER["SCRIPT_NAME"] /zm/zm.php
_SERVER["PATH_TRANSLATED"] /var/www/zm/zm.php
_SERVER["PHP_SELF"] /zm/zm.php
_SERVER["argv"]
Array
(
)

_SERVER["argc"] 0
_ENV["LANG"] C
_ENV["PATH"] /bin:/usr/bin:/usr/local/bin

donatmote · Post by **donatmote** » Mon Aug 22, 2005 7:06 pm

Hi all,

It seems that somehow my database had been corrunpted. All the passwords were 16
character "hashed" strings that did not match to output of the current mysql password
function, which is more like 32 characters with a leading '*'. I used mysql monitor to update
my Password entries and things are now functioning normally.

Don

jameswilson · Post by **jameswilson** » Mon Aug 22, 2005 8:03 pm

good call how did you fix it?

donatmote · Post by **donatmote** » Tue Aug 23, 2005 12:44 pm

# mysql zm
mysql> update Users set Password = password('apassword') where Username = 'admin';
...
etc.
mysql> \q

I found a place in userLogin in zm_funcs.php where user authentication is done, and
the mysql password() function is used there.

Regards.

Don

lazyleopard · Post by **lazyleopard** » Wed Aug 24, 2005 10:22 am

Hmmm... That got the login working as far as the main summary screen, but the Options pop-up triggers another login, and that seems to drop back to the main summary screen each time. Weird...

If fact, it seems to trigger a re-login every time a pop-up is needed. Even weirder...

donatmote · Post by **donatmote** » Thu Aug 25, 2005 2:31 pm

I'm not having any trouble with the options popup --
How do the other values in the user table look?

Don

yeager · Post by **yeager** » Sat Aug 27, 2005 1:52 pm

I have similar problems.

Tried both compiling and running the Debian package (which depended on an old non-existing phpapi).

Compiled version 1.21.3:

Login screen is accepting "admin/admin" and then just flashes and then back to login page. Tried to set a new password directly in the database, same result.

Debian package, login screen:

Code: Select all

Warning: mysql_pconnect(): Client does not support authentication protocol requested by server; consider upgrading MySQL client in /var/www/zm/zm_db.php on line 21
Could not connect to database: Client does not support authentication protocol requested by server; consider upgrading MySQL client

I'm running Debian (unstable) with Mysql 4.1.13a-3, PHP 4.4.0.

[/code]

Post by **cordel** » Sat Aug 27, 2005 6:25 pm

There are issues with PHP 4.4 at the moment. But this detail is good. thank you,
Cordel

thestaz · Post by **thestaz** » Sun Aug 28, 2005 8:59 pm

then, DUH, turned cookies ON and java-script ON. May not be same problem for you, but saved it for me. Life is good now.

Randy

juju_bean · Post by **juju_bean** » Wed Apr 25, 2007 10:31 pm

The mysql password change fixed my login after a debian upgrade. It was returning to login screen after entering password and username. I think mysql gets upgraded from version 4 to version 5 in th etch upgrade (etch makes me itch!

).

ZoneMinder Forums

Login broken

Login broken

happened to me too

this fixed login after debian etch upgrade foobarred it