Discussion about: Upgrade to Joomla! 1.0.10 Security Release

[vbonzai]

"You are not authorized to view this resource" after upgrading to the latest version ? 

I just drag and drop to my ftp and now can't log back....

[Tonie]

@yannisc

There are no changes in the language file, so you don't have to change anything here. As a non core coder, I can't tell you why it was included.

[Tony Reid]

"You are not authorized to view this resource" after upgrading to the latest version ? 

Im getting this too

[stingrey]

"You are not authorized to view this resource" after upgrading to the latest version ? 

Please provide more information as to when and how you see this error.

This isnt very much information to attempt to diagnose and debug an issue.

[stingrey]

Could we have the language file changes so we can upgrade existing translation files?

There are no changes to the language file that will impact on language packs.

One or two changes were made only to the english.php file to correct typographical errors, so this will not impact on non-english users.

[vbonzai]

I can log to backend, it's just the front end that cause the issue.

I did a updgrade from 1.0.9 to 1.0.10  > upload to my ftp (as usual)

I am using Community builder "version  1.0 RC 1" for the login to my site.

[Tony Reid]

Well if you go here : [red]domain address removed by poster[/red]

And click on any content items in the 'Latest get togethers' block - you will see what I mean.

Or if you click on any of the news links at the bottom of the page

Any thoughts appreciated.

Tony

[Mohammed]

Could we have the language file changes so we can upgrade existing translation files?

Nothing changed in language files since 1.0.9

Rey was faster , didn't see 2nd page !! 

[Tony Reid]

Not sure if this is to do with the problem I am having above - but in the permissions tab of system info - my Session Directory is set to :

Session Directory /      unwriteable

Where I can I configure this? and should I change it to /tmp?

thanks in advance,
Tony

[stingrey]

Where I can I configure this? and should I change it to /tmp?

By default it is set to /tmp by php.ini - depending on your server host it could something different.

If you are on shared server, you probably dont have access to /tmp as it is a root folder - so you may need to contact your webhost for assistance.

[kachete]

I was running a site using 1.0.9 and upgrade to 1.0.10

After upgrading i can install any module or component

Code: Select all

Fatal error: Cannot instantiate non-existent class: ftphostaccnt in /home/eldiario/public_html/administrator/components/com_installer/admin.installer.php on line 46

this is the error

i also see that if we have mor than 50 items in the trash folder we can not see any items in the second number in the breadcumb navigation in the bottom not in the menu items or the conten items

so we have to wait for a solution or hope we can fix this issues

Best regards to the team you are working real hard to make it world for everyone

God bless you all

Alexis Valera
Venezuela

[Tony Reid]

Where I can I configure this? and should I change it to /tmp?

By default it is set to /tmp by php.ini - depending on your server host it could something different.

If you are on shared server, you probably dont have access to /tmp as it is a root folder - so you may need to contact your webhost for assistance.

It my own colocated box - I'll change it and see if that fixes the problem. not sure that it will though.

[Wizzie]

"You are not authorized to view this resource" after upgrading to the latest version ? 

I had that problem when trying to log into the frontend.

I had the extended user login module active and the standard one disabled. As soon as I switched to the standard login module the problem disappeared and I could login. But now I have a problem with not being able to use the extended user component/module.

[Heart]

Yes... same here... core/standard joomla-login module works finde....

@stingrey
I tried to add the

$validate = josSpoofValue(1); + hidden input field

in the CBE-login module but it seems that this is not the whole changes... Can you explain what else (files...) are involved in the login process?

[Tony Reid]

Ive noticed that all links thowing out the error dont have a second parameter

http://www.mydomain.com/content/view/381/

as opposed to a working version......

http://www.mydomain.com/content/view/381/1

Well if you go here : [red]domain address removed by poster[/red]

And click on any content items in the 'Latest get togethers' block - you will see what I mean.

Or if you click on any of the news links at the bottom of the page

Any thoughts appreciated.

Tony

[stingrey]

Yes... same here... core/standard joomla-login module works finde....

@stingrey
I tried to add the

$validate = josSpoofValue(1); + hidden input field

in the CBE-login module but it seems that this is not the whole changes... Can you explain what else (files...) are involved in the login process?

It is likely that additional hardening added to login functionality may have broken the CB login module.

We had passed on 1.0.10 beta to CB testing team, but due to teh time constraints of getting 1.0.10 out, they did not have the full time to examine this issue.

Will await further reports from the CB team to try identify the issue

[stingrey]

Ive noticed that all links thowing out the error dont have a second parameter

http://www.mydomain.com/content/view/381/

as opposed to a working version......

http://www.mydomain.com/content/view/381/1

The second parameter is the $Itemid value and is very important for Joomla! to work correctly.
In 1.0.9 for security purposes stricter checks were made for the existance of Itemid values, which would have been ignored in the past.

You may have to utilize this solution:
http://forum.joomla.org/index.php/topic ... #msg354238

More on this topic here:
http://forum.joomla.org/index.php/topic ... l#msg34432

[per]

It is likely that additional hardening added to login functionality may have broken the CB login module.

We had passed on 1.0.10 beta to CB testing team, but due to teh time constraints of getting 1.0.10 out, they did not have the full time to examine this issue.

Will await further reports from the CB team to try identify the issue

I'm running a site with CB 1.0 stable and login still works after upgrade Joomla to 1.0.10

[Heart]

I'm running a site with CB 1.0 stable and login still works after upgrade Joomla to 1.0.10

CBE here....

[per]

I'm running a site with CB 1.0 stable and login still works after upgrade Joomla to 1.0.10

CBE here....

Is it based on CB 1.0 stable or 1.0 RC ?

[Tony Reid]

Thanks - thats got around the problem.

Hopefully this will be fixed in 1.5? as 1.0.10 is still creating news items without the itemid.

Thanks again,
Tony

Ive noticed that all links thowing out the error dont have a second parameter

http://www.mydomain.com/content/view/381/

as opposed to a working version......

http://www.mydomain.com/content/view/381/1

The second parameter is the $Itemid value and is very important for Joomla! to work correctly.
In 1.0.9 for security purposes stricter checks were made for the existance of Itemid values, which would have been ignored in the past.

You may have to utilize this solution:
http://forum.joomla.org/index.php/topic ... #msg354238

More on this topic here:
http://forum.joomla.org/index.php/topic ... l#msg34432

[horus_68]

3 sites updated. Still running!!

A long life to this version! 

[Wizzie]

It is likely that additional hardening added to login functionality may have broken the CB login module.

We had passed on 1.0.10 beta to CB testing team, but due to teh time constraints of getting 1.0.10 out, they did not have the full time to examine this issue.

Will await further reports from the CB team to try identify the issue

CB login works fine, it is the login module associated with the User Extended Component that is causing grief.

[Heart]

...for CBE have a look at this 

[bob23]

After updating, my section description have disapeared from the front end. They are still in the backend but I can't get them to show up in the front. 

[AmyStephen]

Bob - Can you do a screen print of the menu item that presents that section? Or, look on the right side of the menu item and make certain that the section description is actually enabled? Plus - your address? Thanks!

[bishal]

Hi,

I did a fresh install of Joomla 1.10 and when i log in to admin cpanel i noticed the user icon, message icons and etc are displayed twice. I have attached a snap shot.

thansk,
Bishal

[bob23]

Bob - Can you do a screen print of the menu item that presents that section? Or, look on the right side of the menu item and make certain that the section description is actually enabled? Plus - your address? Thanks!

http://hylianhd.rpgplanet.gamespy.com/area_51/joomla_problem.PNG Is that what your looking for?

My sites at hylianhelpdesk.com/zelda  I'm working on converting my normal HTML site to Joomla.

[Manoxtra]

Error after upgrading >>> After I login in the backend this message appeares in the top of my screen:

Code: Select all

Warning: Missing argument 2 for initsessionadmin() in /home/manonet/public_html/aob/includes/joomla.php on line 742

Code: Select all

Database Version:       4.1.19-standard
PHP Version:    4.4.2
Web Server:    Apache/1.3.33 (Unix) mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7g

[bob23]

Bob - Can you do a screen print of the menu item that presents that section? Or, look on the right side of the menu item and make certain that the section description is actually enabled? Plus - your address? Thanks!

http://hylianhd.rpgplanet.gamespy.com/area_51/joomla_problem.PNG Is that what your looking for?

My sites at hylianhelpdesk.com/zelda  I'm working on converting my normal HTML site to Joomla.

I just fixed the problem. It seems you need to turn off showing the description then save it and turn it back on.