Forum Index >  glFusion >  glFusion Support New Topic Post Reply
 Bad Behavior
   |  Printable Version
By: dtrumbower (offline)  Mar 02 2011 09:42 am (Read 2339 times)  
dtrumbower

When I upgraded to the latest glfusion, I now get the following error when I try to login as admin.

Error 403

We're sorry, but we could not fulfill your request for /admin/filecheck.php on this server.

You do not have permission to access this server. Data may not be posted from offsite forms.

Your technical support key is: cf76-a314-cd36-1abb

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact webfooterweb at gmail.com and be sure to provide the technical support key shown above.

Forum Active Member
Active Member

Group Comfort
Level:
: +7

Registered: 11/24/05
Posts: 151

Profile Email    
  Quote
By: lgarner (offline)  Mar 02 2011 10:11 am  
lgarner

Is it possible that you accessed your site using a different URL than the URL configured for the site? Such as with or without the "www"?

Forum Admin
Admin

Group Comfort
Level:
: +52

Registered: 06/10/08
Posts: 1912

Profile Email Website  
  Quote
By: Mark (offline)  Mar 02 2011 10:39 am  
Mark

I think Lee is on to something. That specific error number means "'Referer did not point to a form on this site". This is usually when you access the site with http://sitename.com but have configured glFusion to use http://www.sitename.com (notice the www). If this isn't it, then I'll poke around and see why it things there is a mismatch.

Thanks!
Mark

Forum Admin
Admin

Group Comfort
Level:
: +110

Registered: 10/21/05
Posts: 6258
Location: The Great State of
Texas

Profile      
  Quote
By: dtrumbower (offline)  Mar 02 2011 10:56 am  
dtrumbower

That's it. I never type in www.

Thanks

Forum Active Member
Active Member

Group Comfort
Level:
: +7

Registered: 11/24/05
Posts: 151

Profile Email    
  Quote
By: André (offline)  May 19 2011 12:21 pm  
André

Hello everybody,

I stay in this thread.
My known has a problem when calling my web site. The call to work out for me, as in others, without any problems.

PHP Formatted Code
Error 403. We're sorry, but we could not fulfill your request for ./public_html/index.php on this server. You do not have permission to access this server.”


Is caused by:

PHP Formatted Code
./public_html/bad_behavior2/bad-behavior/banned.inc.php



Error log: No entries.

The troubleshooting is as follows:
I created 2 files, save the server variables in a logfile.
Eingabeformular.php

PHP Formatted Code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>gut in form</title>
        <style type="text/css">
            * { margin: 0; padding: 0; }
            body {
                font-family: verdane, arial, sans-serif;
                font-size: small;
                color: #505050;
            }
            label {
                display: block;
                float: left;
                width: 100px;
                background-color: #dcdcdc;
                padding-left: 5px;
                padding-top: 1px;
                margin-right: 2px;
                height: 17px;
            }
            input,textarea {
                border-top: 1px solid #ddd;
                border-right: 1px solid #ccc;
                border-bottom: 1px solid #ccc;
                border-left: 1px solid #ddd;
                background-color: #ebebeb;
            }
            input {
                width: 159px;
            }
            input.control {
                background-color: #ffb300;
                border: 1px solid #b4b4b4;
                color: #000066;
                width: 100px;
                margin-left: 58px;
            }
            .control + .control { margin: 10px; }
            form > div {
                margin: 5px 0;
            }
            #wrapper {
                position: absolute;
                top: 50px;
                left: 50%;
                width: 600px;
                margin-left: -300px;
            }
        </style>
    </head>
    <body>
        <div id="wrapper">
            <form method="post" action="Ergebnis.php">
                <div><label for="Name">Name</label><input type="text" name="Name" value="" /></div>
                <div><label for="Vorname">Vorname</label><input type="text" name="Vorname" value="" /></div>
                <div><label for="beschr">Beschreibung</label><input type="text" name="beschr" value="" /></div>
                <div><label for="komm">Kommentar</label><textarea name="komm" cols="18" rows="5"></textarea></div>
                <div><input type="reset" class="control" value="zur&uuml;cksetzen" /><input type="submit" class="control" name="submit" value="senden" /></div>
            </form>
        </div>
    </body>
</html>

 


Ergebnis.php

PHP Formatted Code

<meta http-equiv="content-type" content="text/html; charset=utf-8">

<?php
setlocale(LC_TIME, "de_DE");

$display = '<style type="text/css">';
$display .=     'body { font-family: Arial,Calibri,Verdana,"Arial Unicode MS","Trebuchet MS",Tahoma,Helvetica,sans-serif;}';
$display .= '</style>';

$Info .= "Sie haben folgende Daten eingegeben:" . "\n";
$Info .= "Name:" . chr(1) . $_POST[Name]. "\n";
$Info .= "Vorname:" . chr(1) . $_POST[Vorname]. "\n";
$Info .= "Beschreibung:" . chr(1) . $_POST[beschr]. "\n";
$Info .= "Kommentar:" . chr(1) . $_POST[komm] . "\n"."\n";

$Info .= "Sprache:" . chr(1) . $_SERVER['HTTP_ACCEPT_LANGUAGE'] . "\n";
$Info .= "Datum:" . chr(1) .   strftime("%A, %d.%m.%Y - [%H:%M]\n") . "\n";



foreach ($_SERVER as $i => $value) {
    $ServerInfo .= "[" . $i. "]" . chr(1) . chr(1) . chr(1) .$_SERVER[$i] ."\n";
}

$ServerStatus = "./../private/logs/serverstatus.txt";
$somecontent  = $Info  . "\n" . $ServerInfo . "\n" . "#############################################################################################################" . "\n"."\n";

$info ='';

if (!file_exists($ServerStatus)) {
    $handle = fopen($ServerStatus, "a+");
    $info .= "Datei wurde erstellt." . '<br>';
    fwrite($handle, "Ermittlung von " . '$_SERVER'  ." mit allen im Header übermittelten Daten." ."\n");
}

// Sichergehen, dass die Datei existiert und beschreibbar ist
if (is_writable($ServerStatus)) {

    // Wir öffnen $ServerStatus im "Anhänge" - Modus.
    // Der Dateizeiger befindet sich am Ende der Datei, und
    // dort wird $somecontent später mit fwrite() geschrieben.

    if (!$handle = fopen($ServerStatus, "a+")) {
         $info .= "Kann die Datei $ServerStatus nicht öffnen" . '<br>';
         exit;
    }

    // Schreibe $somecontent in die geöffnete Datei.
    if (!fwrite($handle, $somecontent)) {
        $info .="Kann in die Datei $ServerStatus nicht schreiben";
        exit;
    }

    $info .= "Fertig, in Datei $ServerStatus wurde $somecontent geschrieben" . '<br>';
    fclose($handle);

} else {
    $info .= "Die Datei $ServerStatus ist nicht schreibbar" . '<br>';
}


echo $display;
echo str_replace("\n", '<br>',$Info) . '<br><br>';
echo "Danke für die Unterstützung";


closelog();

 unset ($handle,
        $ServerStatus,
        $totalhits,
        $access,
        $somecontent,
        $hostname,
        $MyHost,
        $info);

?>
 



Result

PHP Formatted Code

[CONTENT_LENGTH]826
[CONTENT_TYPE]application/x-www-form-urlencoded
[DOCUMENT_ROOT]/var/www/web1457/html
[GATEWAY_INTERFACE]CGI/1.1
[HTTP_ACCEPT]image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/msword, */*
[HTTP_ACCEPT_ENCODING]gzip, deflate
[HTTP_ACCEPT_LANGUAGE]de
[HTTP_CACHE_CONTROL]no-cache
[HTTP_CONNECTION]Keep-Alive
[HTTP_HOST]as-engineering.info
[HTTP_REFERER]http://as-engineering.info/check/Eingabeformular.php
[HTTP_USER_AGENT]Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 8.0; Win32; GMX); (gmx/1.1.0.21); GTB6.6)
[PATH]/bin:/usr/bin
[PHPRC]/etc/apache2/confixx_phpini/web1457/1
[QUERY_STRING]
[REDIRECT_STATUS]200
[REMOTE_ADDR]79.194.169.230
[REMOTE_PORT]1511
[REQUEST_METHOD]POST
[REQUEST_URI]/check/Ergebnis.php
[SCRIPT_FILENAME]/var/www/web1457/html/check/Ergebnis.php
[SCRIPT_NAME]/check/Ergebnis.php
[SERVER_ADDR]*******************
[SERVER_ADMIN][no address given]
[SERVER_NAME]as-engineering.info
[SERVER_PORT]80
[SERVER_PROTOCOL]HTTP/1.1
[SERVER_SIGNATURE]<address>Apache Server at as-engineering.info Port 80</address>

[SERVER_SOFTWARE]Apache
[PHP_SELF]/check/Ergebnis.php
[REQUEST_TIME]1305694743
[argv]Array
[argc]0

#############################################################################################################
 


I checked 2 x: the IP and the entire IP range are not locked.
If the missing cookies the cause?

Idea Does anyone have any idea? Idea

Thanks!
Thanks in advance!

Greetings

André

Forum Chatty
Chatty

Group Comfort
Level:
: +2

Registered: 03/30/11
Posts: 49
Location: Germany /
Deutschland

Profile Email    
  Quote
By: Mark (offline)  May 19 2011 21:31 pm  
Mark

I'm not sure that Bad Behavior is actually causing the problem. The 403 error is generally a permission issue on either the index.php or the public_html/ directory. Usually when Bad Behavior blocks access, it will provide a 'diagnostic' number to help identify why, plus it will log the issue in the bad_behavior2 table in the database. Can you access any other pages on the site?

Thanks!
Mark

Forum Admin
Admin

Group Comfort
Level:
: +110

Registered: 10/21/05
Posts: 6258
Location: The Great State of
Texas

Profile      
  Quote
By: André (offline)  May 20 2011 03:17 am  
André

Mark,

thanks for the quick reply.

No, my website makes absolutely no problems.
I have several test accounts with very different group affiliations.
Furthermore i use the IE8 and the latest Firefox. The file - and directory permissions do not cause problems.

It was only random that i discovered that my known does not have access (as guest) got.

Because of the lack of log entries, i went the way of the scripts to check the server variables.
I'm executed Firefox with the script.
Difference (my known):

PHP Formatted Code

[HTTP_CACHE_CONTROL]   no-cache
[HTTP_COOKIE]          is empty!

default: glf_theme=nouveau [or lightash, charcoal]

In their own scripts, i sometimes get the message that the header can not be changed.
For example:

PHP Formatted Code
Cannot modify header information - headers already sent by (output started at /html/index_02.php:2) in /html/index_02.php on line 77

Line 77:         header("Location:./public_html/index.php");


I have no explanation.

Thank you in advance for your support!

Greetings
André

Edit:
It makes no difference:
www. or without (default)

Forum Chatty
Chatty

Group Comfort
Level:
: +2

Registered: 03/30/11
Posts: 49
Location: Germany /
Deutschland

Profile Email    
  Quote
By: lgarner (offline)  May 20 2011 09:53 am  
lgarner

"Headers already sent" indicates that something sent data before the header() function was called. Often it's a leading or trailing blank line in a PHP file. Make sure your own files don't have a carriage return or line feed after the last "?>" mark.

Forum Admin
Admin

Group Comfort
Level:
: +52

Registered: 06/10/08
Posts: 1912

Profile Email Website  
  Quote
By: troy14 (offline)  May 23 2011 12:26 pm  
troy14

I may be way off, so please ignore my ignorance, but my biggest problem with Bad Behaviour came from the fact that I often log into our website from a shared machine, and so I tend to browse in FF's Private Browsing mode, and I don't let it keep any history or cache for my profile.

Depending on your browser and settings, could this be a part of the issue? I got to the point that I just turned Bad Behaviour off.

Definitely interested in learning more about the plugin and what it can do for my site, however.

Forum Junior
Junior

Group Comfort
Level:
: 0

Registered: 07/14/09
Posts: 34
Location: Louisville, KY

Profile Email Website  
  Quote
By: lgarner (offline)  May 23 2011 13:12 pm  
lgarner

I don't think it would cause the issue with your "headers already sent" error, but you can have a look at http://bad-behavior.ioerror.us/documentation/ to get more information. The latest version bundled with glFusion is 2.0.43, I think.

Private browsing might be interfering with BB2's cookies or user-agent checking, or something along those lines.

Lee.

Forum Admin
Admin

Group Comfort
Level:
: +52

Registered: 06/10/08
Posts: 1912

Profile Email Website  
  Quote
By: André (offline)  May 24 2011 04:47 am  
André

Sorry that I reply so late in this thread.

@troy14:
For the systematic troubleshooting, it is helpful to disable the plugins separately.
The error disappears. Check the appropriate plugin.
It can also cause a third party program errors, such as counters or other tools.
I think the general problem for the user to adapt and use of program snippets that are used in glFusion is.

I think @Lee is right here that "headers already sent" error has nothing to do with bad-behavior.

I have employed with the possible sources of error in header().
Header is a very sensitive command!

Possible errors as described by @Lee already

  • messy php code
  • html-code is listed before Header()
  • space/blank lines before <php
  • space/blank lines after ?>
  • similarly echo "text" before header()



As a replacement of Header in own scripts, the HTML feature of forwarding can be used.

PHP Formatted Code

$display = '<head>';
$display = '<meta http-equiv="refresh" content="0; URL=http://de.selfhtml.org/">';
// <!-- ... other information in the file header ... -->';
$display = '</head>';

echo $display;
 


I think that the Theme header is to be completed.

What concerns me is still the 403 error.
Can this be caused by suppressing cookies?

PHP Formatted Code
[HTTP_CACHE_CONTROL]   no-cache
[HTTP_COOKIE]          is empty!



Greetings
André

Forum Chatty
Chatty

Group Comfort
Level:
: +2

Registered: 03/30/11
Posts: 49
Location: Germany /
Deutschland

Profile Email    
  Quote
New Topic Post Reply


 All times are CDT. The time is now 01:02 pm.
Normal Topic Normal Topic
Locked Topic Locked Topic
Sticky Topic Sticky Topic
New Post New Post
Sticky Topic w/ New Post Sticky Topic w/ New Post
Locked Topic w/ New Post Locked Topic w/ New Post
View Anonymous Posts 
Able to Post 
HTML Allowed 
Censored Content