Gossamer Forum
(Advanced Search)
for
Home : Products : DBMan : Installation :

Password accepted but redirected back to logon screen

Jan 5, 2003, 11:18 AM
BradM
Novice (6 posts)
Jan 5, 2003, 11:18 AM
Post #1 of 6
Views: 4804
Shortcut
Quote Reply
Password accepted but redirected back to logon screen
I am having a problem with logon. I acess a logon screen to start the progam. The password appears to be accepted as I am able to get to the Main Menu. However, when I choose any option I am directed back to the logon screen. When permissions are set to to require logon. The program works flawlessly. Any ideas?

Thanks

Brad
Jan 5, 2003, 8:58 PM
LoisC
Veteran / Moderator (3034 posts)
LoisC's avatar
Jan 5, 2003, 8:58 PM
Post #2 of 6
Views: 4733
Shortcut
Quote Reply
Re: [BradM] Password accepted but redirected back to logon screen In reply to
Can you please make a txt copy of your .cfg file and provide the url to where it can be viewed.

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/
Jan 7, 2003, 3:35 AM
BradM
Novice (6 posts)
Jan 7, 2003, 3:35 AM
Post #3 of 6
Views: 4712
Shortcut
Quote Reply
Re: [LoisC] Password accepted but redirected back to logon screen In reply to
Lois,

Thanks in advance for your help.

the cfg file can be viewed at www.iarp-florida.netfirms.com/default.txt



Brad
Jan 7, 2003, 8:02 AM
LoisC
Veteran / Moderator (3034 posts)
LoisC's avatar
Jan 7, 2003, 8:02 AM
Post #4 of 6
Views: 4704
Shortcut
Quote Reply
Re: [BradM] Password accepted but redirected back to logon screen In reply to
Are you using autogenerate or did you manually modify your html_record_form and html_record?

If you created your own form and output display then you should turn off auto-generate:

$db_auto_generate = 1;

---------------

I also noticed you are giving admin permission to everyone :( This could cause major problems. Only you as the administrator should have those permissions.

$auth_allow_default = 1;
@auth_default_permissions = (1,1,1,1,0);

# Allow people to sign up for their own userid/passwords? They will recieve default permissions.
$auth_signup = 1;

# Permissions a new signup should get.
@auth_signup_permissions = (1,1,1,1,0);

This should only be yes or no
$auth_modify_own = (1,1,1,1,1);

change to:

$auth_modify_own = 1;

It doesn't make sense that you are allowing default users and then allowing people to only view their own records.
# Registered users: can view _only_ own records. For this to make sense you should turn off default permissions.

$auth_view_own = 1;

change to the followng or turn off default permissions as instructed:

$auth_view_own = 0;

I'm not sure why it is not finding the .cfg file which is the error you are now getting while trying to view your database. Did you change anything in the db.cgi file?

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/
Jan 7, 2003, 6:48 PM
BradM
Novice (6 posts)
Jan 7, 2003, 6:48 PM
Post #5 of 6
Views: 4714
Shortcut
Quote Reply
Re: [LoisC] Password accepted but redirected back to logon screen In reply to
Lois et al

Thanks for your assistance. To answer your questions. I have not developed my own form. (One thing at a time!)

I do not recall editing the cgi file. I have reset all the permissions with the same result. When the permission are set to not require sign on, the program works very well. I am getting an error when the sign on screen appears it is pasted below:

DBMan encountered an internal error.

CGI ERROR
==========================================
Error Message : Debug Information
Script Location : db.cgi
Perl Version : 5.006001
Setup File : default.cfg
User ID : admin
Session ID : admin.104199238194272

Form Variables
-------------------------------------------
db : default
login : Logon
pw : admin
uid :
userid : admin

Environment Variables
-------------------------------------------
CONTENT_LENGTH : 49
CONTENT_TYPE : application/x-www-form-urlencoded
DOCUMENT_ROOT : /mnt/web_a/d31/s05/a000jou9
GATEWAY_INTERFACE : CGI/1.1
HTTP_ACCEPT : image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/ms-bpc, application/vnd.ms-excel, */*
HTTP_ACCEPT_ENCODING: gzip, deflate
HTTP_ACCEPT_LANGUAGE: en-us
HTTP_CACHE_CONTROL : no-cache
HTTP_CONNECTION : close
HTTP_COOKIE : NFrequest=test; NFreferer=http%3A%2F%2Fwww.netfirms.com
HTTP_HOST : iarp-florida.netfirms.com
HTTP_NFUSERADDR : 209.4.43.117
HTTP_REFERER : http://iarp-florida.netfirms.com/cgi-bin/db.cgi?db=default&admin_display=1
HTTP_USER_AGENT : Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; H010818)
HTTP_VIA : 1.0 iarp-florida.netfirms.com
HTTP_X_FORWARDED_FOR: 209.4.43.117
HTTP_X_FORWARDED_HOST: iarp-florida.netfirms.com
HTTP_X_FORWARDED_SERVER: w2_2a
LD_LIBRARY_PATH : /usr/local/nf/lib/nfsflock
PATH : /usr/local/bin:/usr/bin:/bin
QUERY_STRING :
REMOTE_ADDR : 209.4.43.117
REMOTE_PORT : 1052
REQUEST_METHOD : POST
REQUEST_URI : /cgi-bin/db.cgi
SCRIPT_FILENAME : /mnt/web_a/d31/s05/a000jou9/cgi-bin/db.cgi
SCRIPT_NAME : /cgi-bin/db.cgi
SCRIPT_URI : http://iarp-florida.netfirms.com/cgi-bin/db.cgi
SCRIPT_URL : /cgi-bin/db.cgi
SERVER_ADMIN : support@netfirms.com
SERVER_NAME : iarp-florida.netfirms.com
SERVER_PORT : 80
SERVER_PROTOCOL : HTTP/1.1
SERVER_SOFTWARE : Apache/1.3.20 (Unix) mod_perl/1.26 mod_ssl/2.8.4 OpenSSL/0.9.6a
Jan 7, 2003, 9:29 PM
LoisC
Veteran / Moderator (3034 posts)
LoisC's avatar
Jan 7, 2003, 9:29 PM
Post #6 of 6
Views: 4690
Shortcut
Quote Reply
Re: [BradM] Password accepted but redirected back to logon screen In reply to
Okay, the problem seems to be within your sub html_footer

<A HREF=""http://iarp-florida.netfirms.com/cgi-bin/db.cgi">Home</A>

this link has an extra " which could be causing problems.


I'm not sure how it is generating the &pword in the following line:

<A HREF="http://iarp-florida.netfirms.com/cgi-bin/db.cgi?db=default&userid=&pword=&add_form=1">Add</A>

Try using the following which contains the permission levels and see if that solves your problem.

sub html_footer {
# --------------------------------------------------------
# Print the menu. We only print options that the user have permissions for.

print qq!<center><$font>!;
print qq!| <A HREF="$auth_logoff ">Home</A> ! if ($per_view);
print qq!| <A HREF="$db_script_link_url&view_records=1&$db_key=*">View All</A> ! if ($per_view);
print qq!| <A HREF="$db_script_link_url&view_search=1">Search</A> ! if ($per_admin);
if (!$per_admin && $auth_modify_own) {
print qq!| <A HREF="$db_script_link_url&delete_form=1&$db_key=*">Delete</A> ! if ($per_del);
print qq!| <A HREF="$db_script_link_url&modify_form=1&$db_key=*">Modify</A> ! if ($per_mod);
}
else {
print qq!| <A HREF="$db_script_link_url&delete_search=1">Delete</A> ! if ($per_del);
print qq!| <A HREF="$db_script_link_url&modify_search=1">Modify</A> ! if ($per_mod);
}
print qq!| <BR>| <A HREF="$db_script_link_url&add_form=1">Add</A> ! if ($per_add);
print qq!| <A HREF="$db_script_link_url&admin_display=1">Admin</A> ! if ($per_admin);
print qq!| <A HREF="greeting.cgi?db=greeting">Admin Login</A> !;
print qq!| <A HREF="$db_script_link_url&logoff=1">Log Off</A> |!;
print qq!|</FONT></CENTER><P>!;
}

If you go to JPDeni's site and within her tutorial there is a configuration which will help you to create your html_add_form and html_record subs. It will also create your .cfg file but you already have that. Just use your current fields and list them in the configurator and them you just have to adjust the html coding for your needs.

Hope this helps

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/