| Author |
 Topic  |
|
campinmom03
Junior Member
USA
190 Posts |
 Posted - 13 April 2008 : 13:59:38
|
quote:
oringinally posted by richfed: I don't find that line on my pop_profile
On a clean pop_profile find this on line 801:
'## Forum_SQL
Then go down to about line 975 you will see:
if rs("M_LEVEL") = 3 then
Just change the value to 4 and see if that helps with the trouble your having. Test it out. If it doesn't work, change it back to value of 3.
quote:
I was thinking of removing all the code for these two mods and going back to where I was before, but then it dawned on me that the passwords are now stored with salt and EVERYONE who has logged in since I installed it will be locked out. Myself included. Is this a correct assumption?
I'm not sure what will happen if you remove both mods. I don't know what other mods you have.
In my experience with removing mods, I've had no adverse affects from removing them. IMO as long as you are careful with what you are removing you should be fine.
Anyway, if you do decide to go forth with removing both of them. Do yourself a favor and do a back up first. Then only remove one mod at a time. Then test your changes. If all goes well, then you can proceed to taking the other mod of too. Of course, you should test that change too before assuming it was done correctly. (As with any mod you attempt to install or remove). That is what I do. It is work to search the code to take out, or put in, and frustrating to say the least. But well worth the trouble to prevent other problems in the end.
< |
Have a great day!
Terry |
 |
|
|
richfed
Average Member
United States
999 Posts |
Posted - 13 April 2008 : 16:16:47
|
OK - I finally found it [for some reason my search function wasn't locating it] - on line 1221 of a modded page. It didn't work in my case, though. I wasn't expecting it to. The salting thing changes the passwords in the database, but the pop_profile log-in doesn't seem to recognize that. I can log-in fine on the forum everyhere else that I've tried.
*sigh*< |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 13 April 2008 : 17:58:18
|
| richfed, if you can post a link to a txt copy of your pop_profile.asp or email it to me, I'll take a look and see if I can track down the place where the login is being processed incorrectly.< |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
campinmom03
Junior Member
USA
190 Posts |
Posted - 13 April 2008 : 19:58:38
|
Could this be the problem?
line 1365 of my pop_profile.asp shows this:
edited to say: I have fixed this.< |
Have a great day!
Terry |
Edited by - campinmom03 on 14 April 2008 08:50:28 |
|
|
|
richfed
Average Member
United States
999 Posts |
Posted - 14 April 2008 : 06:23:03
|
Here you go: POP PROFILE THANKS!!!!!!!
Campinmom03, no salting mod changes were to be made to pop_profile, correct? Or am I missing a file in my mod download?< |
|
|
|
campinmom03
Junior Member
USA
190 Posts |
Posted - 14 April 2008 : 08:56:51
|
quote:
originally posted by richfed
Campinmom03, no salting mod changes were to be made to pop_profile, correct? Or am I missing a file in my mod download?
I'm looking at both mods. I don't believe you are missing a file.
I had help with these mods originally... and found that on my pop_profile. I just thought maybe if it was causing a problem for me, maybe it was a problem you were having too. I was just trying to help out. Sorry if I caused any confusion. I'm sure Muzishun will help you with yours now that you have a copy of your pop_profile.txt up.< |
Have a great day!
Terry |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 14 April 2008 : 15:29:56
|
As I thought, you are having the same problem campinmom did. I seem to have forgotten pop_profile.asp in the instructions above. Until I have the chance to go through and update the zip file, here is what you need to do.
Line numbers are based on richfed's pop_profile.asp and may vary depending on the forum.
As always, please backup your file before making these changes. I believe these are all the changes needed, but I am not in a place where I can test it right now. This should be everything, though. Let me know here if you run into any issues with these changes.
Lines 1038-1042 make the code look like this:
Lines 1086-1088 make the code look like this:
Lines 1100-1102 make the code look like this:
Lines 1170-1177 make the code look like this:
Lines 1645-1651 make the code look like this:
< |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
richfed
Average Member
United States
999 Posts |
Posted - 14 April 2008 : 19:06:33
|
Getting closer ...
First, I get this error:
Microsoft VBScript compilation error '800a0401'
Expected end of statement
/messageboard/pop_profile.asp, line 1086
strSql = strSql & " AND (M_PASSWORD = '" & ChkString(strEncodedPassword,"SQLString") & "' OR M_PASSWORD = '" & ChkString(strEncodedPassword2,"SQLString") & "'")
end if
If I take off the parenthesis in red, I reach the pop_profile log in screen.
After inputing my credentials, I get this error:
Microsoft OLE DB Provider for SQL Server error '80040e14'
Line 1: Incorrect syntax near '8670cfecaa33c7b51ab816263b3c5d85262e36b5aac45113bd2157bbdbe6b1b6'.
/messageboard/pop_profile.asp, line 1089
What next?< |
|
|
|
phy1729
Average Member
USA
589 Posts |
Posted - 14 April 2008 : 19:18:57
|
| At the end try & "')" The ) closes a SQL statement not ASP.< |
|
|
|
richfed
Average Member
United States
999 Posts |
Posted - 14 April 2008 : 19:33:11
|
And that has done it!!! Success!
Thank you everyone!< |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 15 April 2008 : 01:03:00
|
Glad you were able to get it working.  < |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
richfed
Average Member
United States
999 Posts |
Posted - 26 April 2008 : 08:57:43
|
Encountered another problem:
I can no longer delete a member. I get a message that I have no permissions to delete a member. Apparently, the salt is not being recognized during this process?< |
|
|
|
richfed
Average Member
United States
999 Posts |
Posted - 03 May 2008 : 11:57:23
|
Here is a link to my pop_delete file: pop_delete.txt
If anyone can figure out what code to add, it would be greatly appreciated. Seems this is the last of my problems with this MOD. Everything else appears to be ok ...< |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 07 May 2008 : 10:45:04
|
There are several changes in pop_delete.asp. Here are the ones that I saw for your file:
Around lines 643-646:
strEncodedPassword = sha256("" & strPassword & strPasswordSalt)
strEncodedPassword2 = sha256("" & strPassword)
mLev = cLng(chkUser(strDBNTFUserName, strEncodedPassword,-1))
mLev2 = cLng(chkUser(strDBNTFUserName, strEncodedPassword2,-1))
if mLev > 0 or mLev2 > 0 then '## is Member
if mLev = 4 or mLev2 = 4 then
Next around lines 501-505:
strEncodedPassword = sha256("" & strPassword & strPasswordSalt)
strEncodedPassword2 = sha256("" & strPassword)
mLev = cLng(chkUser(strDBNTFUserName, strEncodedPassword,-1))
mLev2 = cLng(chkUser(strDBNTFUserName, strEncodedPassword2,-1))
if mLev > 0 or mLev2 > 0 then '## is Member
if mLev = 4 or mLev2 = 4 then
delAr = split(Cat_ID, ",")
Next, around lines 368-372:
strEncodedPassword = sha256("" & strPassword & strPasswordSalt)
strEncodedPassword2 = sha256("" & strPassword)
mLev = cLng(chkUser(strDBNTFUserName, strEncodedPassword,-1))
mLev2 = cLng(chkUser(strDBNTFUserName, strEncodedPassword2,-1))
if mLev > 0 or mLev2 > 0 then '## is Member
if mLev = 4 or mLev2 = 4 then
delAr = split(Forum_ID, ",")
Next, around lines 248-252:
strEncodedPassword = sha256("" & strPassword & strPasswordSalt)
strEncodedPassword2 = sha256("" & strPassword)
mLev = cLng(chkUser5(strDBNTFUserName, strEncodedPassword, Topic_ID))
mLev2 = cLng(chkUser5(strDBNTFUserName, strEncodedPassword2, Topic_ID))
if mLev > 0 or mLev2 > 0 then '## is Member
if (chkForumModerator(Forum_ID, strDBNTFUserName) = "1") or (mLev = 1) or (mLev = 4) or (mLev2 = 1) or (mLev2 = 4) then
delAr = split(Topic_ID, ",")
Next, around lines 107-110:
if (blnModerator = "1") or (mLev = 4) or (mLev2 = 4) then
'continue
elseif (((mLev = 1) or (mLev2 = 1)) and (intPostLockingTime > 0)) then
strPostTime = strToDate(Reply_Date)
Next, around lines 91-96:
strEncodedPassword = sha256("" & strPassword & strPasswordSalt)
strEncodedPasswordw = sha256("" & strPassword)
mLev = cLng(ChkUser3(strDBNTFUserName, strEncodedPassword, Reply_ID))
mLev2 = cLng(ChkUser3(strDBNTFUserName, strEncodedPassword2, Reply_ID))
if mLev > 0 or mLev2 > 0 then '## is Member
blnModerator = chkForumModerator(Forum_ID, strDBNTFUserName)
if (blnModerator = "1") or ((mLev = 1 or mLev2 = 1) and strAllowPostEditing = "1") or (mLev = 4 or mLev2 = 4) then '## is Allowed
strSql = "SELECT R_STATUS, R_DATE "
< |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
richfed
Average Member
United States
999 Posts |
|
|
Topic |
|
Topic Locked
