The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  [ 100 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
PostPosted: Fri Feb 22, 2008 9:02 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
Hi,

I've experienced the following when upgrading my site to 1.0.15, or when I do a fresh install.
After one of these I'm not able to login through the backend (administrator) of my site. This is also the case when I do a fresh installation. Error message is : Invalid Session. The location points to: /administrator/index.php?mosmsg=Invalid%20Session.

I've tried the session time fix, but this wouldn't work.

I have done the following to re-enable it again, but I don't think it is the correct procedure.
Take a look at the following lines. starting from line 770.
Code:
                        if ($session_id != session_id()) {
                        // session id does not correspond to required session format
                        echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";
                        exit();
                }


If you uncomment these lines, it will work. But like I said, I don't think it is correct do this this way.

Below you'll find my system information:

OpenBSD 4.0
Joomla: 1.0.15
PHP: php5-core-5.1.4p2-hardened
builtin Apache chrooted

Let me know if you need anything more

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Sat Feb 23, 2008 9:54 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
This is the output in my php tmp directory. If I try to log in this is the format of the session it will generate:
Code:
session_id|s:32:"de3184775abbc5549a57dabfff99b4b9";session_user_id|s:2:"62";session_username|s:5:"admin";session_usertype|s:19:"Super Administrator";session_gid|s:2:"25";session_logintime|i:1203760278;session_user_params|s:22:"expired=
expired_time=";session_userstate|a:0:{}

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Sat Feb 23, 2008 10:05 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
This is the output of the session in version 1.0.13 (which works)
Code:
session_id|s:32:"ccf7126e02b552abcbd804f320f37884";session_user_id|s:2:"62";sess
ion_username|s:4:"bart";session_usertype|s:19:"Super Administrator";session_gid|
s:2:"25";session_logintime|i:1203761031;session_user_params|s:33:"editor=jce
expired=
expired_time=";session_userstate|a:2:{s:13:"viewlistlimit";s:2:"30";s:13:"viewco
m_admin";i:0;}option|s:0:"";task|s:0:"";


The difference I see, is that it has no value at the time I view the backend. This file is only filled at the time I login (succesfully)

In case of version 1.0.15, this file is filled on forehand...

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Wed Feb 27, 2008 7:59 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sat Feb 24, 2007 5:43 pm
Posts: 6
I have the exact same problem!
Any thoughts?


Top
 Profile  
 
PostPosted: Thu Feb 28, 2008 7:32 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Jun 01, 2007 11:53 pm
Posts: 41
I am also having this problem, it started with a fresh install of 1.0.15.

wtf is wrong? This has buggered my afternoon's work.


Top
 Profile  
 
PostPosted: Thu Feb 28, 2008 11:55 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Thu Nov 29, 2007 10:11 am
Posts: 8
Also having this problem after upgrading .13. to .15, tried several fixes decribed in this and other threads but nothing helped ???
edit: GRRRRR, it started to work again but I don't know why :((((


Top
 Profile  
 
PostPosted: Mon Mar 03, 2008 4:25 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon Mar 03, 2008 4:18 pm
Posts: 4
I have had a real nightmare getting this one working, and Still nothing.

1.0.12 was the last version i tried about 6 months to a year ago and it was fine.

i've installed 1.0.15 about 8 times now and now I've got past my initial problem, Ii have this "administrator/index.php?mosmsg=Invalid%20Session" Every time i try to login in to the administrator panel. The login works fine on the Front end, its just the Super admin account that isn't working.

Incidentally, I deleted all the Tables everytime and everything joomla related Everytime i did a fresh installation.

it logs in, refreshes the page and does pretty much nothing, (Like everyone else.)

Any Support or Pointers would be absolutely Amazing.


Top
 Profile  
 
PostPosted: Mon Mar 03, 2008 9:57 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Oct 30, 2007 11:08 pm
Posts: 20
Hiya, the first poster's instructions to uncomment were backwards for me - I had to comment out the code in joomla.php lines 770-774:
Code:
/*if ($session_id != session_id()) {
         // session id does not correspond to required session format
         echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";
         exit();
      }*/


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 6:33 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Dec 21, 2007 1:17 am
Posts: 2
Cheers ericaweb,

worked for me and my .12 to .15 upgrade.


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 7:55 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon Mar 03, 2008 4:18 pm
Posts: 4
erickaweb wrote:
Hiya, the first poster's instructions to uncomment were backwards for me - I had to comment out the code in joomla.php lines 770-774:
Code:
/*if ($session_id != session_id()) {
         // session id does not correspond to required session format
         echo "<script>document.location.href='index.php?mosmsg=Invalid Session'</script>\n";
         exit();
      }*/



Worked for you lot, Well I can't apply this Fix your all doing,Because i Don't know what File or Where you are modifying. i dont care about Secruity, its going to be a top end relocator (yes im too lazy to make my own) I can Lock it down after Ive done th Back end Admin work.

joomla.php ? Cant find that im afraid ! Im using 1.0.15

All I need to know is what File to comment out the lines in !


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 12:10 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Mar 04, 2008 12:06 pm
Posts: 20
Hi,

After I upgraded form 13 to 15 I had a invalid session error as well.
When i copyed the patch files again (via ftp) the error was gone and i could login.
Has anyone tried to copy the files a second time to make sure there wasn't an error durring uploading.

For me this was a fix, maybe it can help others to.

_________________
What doesn't kill you makes you stronger!


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 4:13 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Oct 30, 2007 11:08 pm
Posts: 20
Quote:
Worked for you lot, Well I can't apply this Fix your all doing,Because i Don't know what File or Where you are modifying. i dont care about Secruity, its going to be a top end relocator (yes im too lazy to make my own) I can Lock it down after Ive done th Back end Admin work.

joomla.php ? Cant find that im afraid ! Im using 1.0.15

All I need to know is what File to comment out the lines in !


File is located: includes/joomla.php


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 5:42 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Mar 04, 2008 4:25 pm
Posts: 24
This is crazy that so many people are having the same issue. It's driving me nuts. First of all i can not find the file that needs to be edited to fix the login problem. Where is the exact location. I have looked in the administrator folder and can not find the file named index.php?mosmsg=Invalid%20Session. I am new to this and could use all the help I can get. Once I locate the file I think I can apply the fix.

Thanks in advance.

Vinny


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 5:51 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Oct 30, 2007 11:08 pm
Posts: 20
vv1500 wrote:
This is crazy that so many people are having the same issue. It's driving me nuts. First of all i can not find the file that needs to be edited to fix the login problem. Where is the exact location. I have looked in the administrator folder and can not find the file named index.php?mosmsg=Invalid%20Session. I am new to this and could use all the help I can get. Once I locate the file I think I can apply the fix.

Thanks in advance.

Vinny


The "joomla.php" file is located in the "includes" folder.


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 6:06 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Mar 04, 2008 4:25 pm
Posts: 24
Click on a name to view its properties.
/ public_html / administrator / includes / (Current Folder)
Create New Folder
Upload file(s)
Up one level
js 755
pcl 755
Create New File
admin.php 9 k 0644
auth.php 2 k 0644
index.html 0 k 0644
menubar.html.php 22 k 0644
pageNavigation.php 8 k 0644
toolbar.html.php

It doesn't seem to be in there.


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 6:29 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
it isn't in administrator.
It is in /includes in your joomla dir.

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 6:45 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
Another hack to my earlier desicribed hack is to change the following line in /includes/joomla.php
go to line 770
and change line
Code:
if ($session_id != session_id()) {

to
Code:
if ($session_id != $session_id) {

mind the $ and the () around session_id

This will do the "if" check on an "a" compare to "a" basis, which will work ofcourse :D

Like I said it's a hack and I will still hope the joomla guys will say something smart about this.

Cheers,
Bart

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Last edited by bambam82 on Wed Mar 05, 2008 10:58 am, edited 2 times in total.

Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 7:01 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Oct 30, 2007 11:08 pm
Posts: 20
Thanks bambam82 (for the fixes and for explaining that "includes" is not "administrator/includes"


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 7:48 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
erickaweb wrote:
Thanks bambam82 (for the fixes and for explaining that "includes" is not "administrator/includes"

It's not a fix, it's a hack. I don't know if this will jeopardize security... That's up to the joomla guru's...

I hope they will read this.

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Tue Mar 04, 2008 9:16 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Mar 04, 2008 4:25 pm
Posts: 24
thanks again for the help. I can not believe that this upgrade is so problematic.


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 10:48 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon Mar 03, 2008 4:18 pm
Posts: 4
Tried both the mods,

removing the Brackets and Commenting out the statement. And Still nothing.

This is not much fun :(


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 11:05 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
Furyv1xen wrote:
Tried both the mods,
removing the Brackets and Commenting out the statement. And Still nothing.
This is not much fun :(


I have clarified my earlier post. It is not only the bracket, but also the "$" sign.

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 1:27 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Sep 21, 2007 11:47 am
Posts: 3
Doesn't work for me (both solutions, indeed).
Now I get http://192.168.2.2/administrator/index. ... to%20login
mosmsg=You need to login

Any fix for this ?

BTW: On our Test-Server is a 1-to-1 copy of our internet server (which is running fine) - So I guess theres some settings in the php.ini involved.

Any input ?


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 1:38 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon Mar 03, 2008 4:18 pm
Posts: 4
Many apologies,
Yes, i added the the $ in as you said. Speaking with my Provider surely shouldn't be the fix, as It was working previously when i was on 1.0.12, Granted i will probably have to roll back, just a little peturbed as to why its not working. Ahwell. i guess I'll live with it.

Thanks for everyone s support so far, its certainly a very helpful community.


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 1:48 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Sep 21, 2007 11:47 am
Posts: 3
Found the solution on http://czropa.wz.cz/?src=doc/joomla_adm ... _login.php

Problem with login to administration interface of Joomla (Free Content Management System)after installation :
http://localhost/administrator/index.ph ... to%20login
I reinstall and on pre-installation check page was one warning:
Session save path: NOTWRITEABLE
E:\Temp\php\upload
I create these directory and all works fine!
If You have same warning create Session save directory or change parameter session.save_path in php.ini

That fixed it for me......
Try it !!


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 2:15 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Apr 16, 2007 10:49 am
Posts: 21
Location: Utrecht
mollahme wrote:
Found the solution on http://czropa.wz.cz/?src=doc/joomla_adm ... _login.php

Problem with login to administration interface of Joomla (Free Content Management System)after installation :
http://localhost/administrator/index.ph ... to%20login
I reinstall and on pre-installation check page was one warning:
Session save path: NOTWRITEABLE
E:\Temp\php\upload
I create these directory and all works fine!
If You have same warning create Session save directory or change parameter session.save_path in php.ini

That fixed it for me......
Try it !!

This is always the case! this has nothing to do with 1.0.15 in particular. In a default php.ini you would point this to /tmp (in linux). I use /var/www/tmp with www:www as owner:group with 777 as chmod in openbsd.
Nothing wrong here

_________________
http://www.bamweb.nl/ // custom OpenBSD solutions


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 7:05 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Jan 25, 2008 7:45 pm
Posts: 4
Hi folks

I too have struggled with the Invalid Session problem ... and I think I have finally found something that works for my site.

I think that if PHP_Register_Globals is OFF (which is the recommended safer way to run the system), then my service provider wasn't saving the session data in the default file (which /tmp). Even though "System Information | Permissions" showed that /tmp was WRITEABLE, I now suspect that something in my service provider's setup made this unreliable.

(Come to think of it ... /tmp is a public directory on my service provider. Anybody can write to it. I wonder if somebody else's Joomla installation was also set to save session data to the same public directory ... which would mean that sometimes the session data would be stable for a while, but at other times it could have been overwritten almost immediately. That would explain why my sessions would last variable amounts of time.)

When I created a "sessions" directory within my own installation of Joomla, and put instructions re this in my php.ini file FIRST (before the direction to turn off register_globals) I stopped having problems all together.

To be clear, here's my php.ini file now. I have a copy in my main directory, and another copy in my administrator directory:

session.save_path=/path/to/joomla/sessions
register_globals = OFF


Top
 Profile  
 
PostPosted: Wed Mar 05, 2008 11:52 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Wed Mar 05, 2008 8:21 pm
Posts: 2
I've changed the code as was suggested originally in this post and I now have upgraded from having an invalid session message to having a "you need to login" message. But I still cannot access the admin end of my site. :(

I also have tried to add a php.ini file to the main and administrator directories with your suggested code in it. But this doesn't seem to have made a difference.

Is there anything additional that I need to add, or should I have changed something for customization for my site?

thanks
B


Top
 Profile  
 
PostPosted: Thu Mar 06, 2008 12:37 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri Jan 25, 2008 7:45 pm
Posts: 4
Just realized from reading your reply that I skipped a step in my description. I've been struggling with this problem too long. :'(

As I understand it (and remember, I'm a newbie!!!) PHP needs some place to store the session data. The default place to do this in in the /tmp folder of your service provider.

If you want to store the session info somewhere else (like within your own installation) you need to create a directory to put it in. I called mine "sessions" which seems to be a fairly common thing to call it, judging from the various threads about this. CHMOD the directory you created to 755 so it's writeable.

When you create your custom PHP.INI file, you need to make sure that the path/to/your/Joomla installation is the "absolute path" used by your service provider. You'll find a copy of that in your CONFIGURATION.PHP file -- look for the line that reads

$mosConfig_absolute_path =

The absolute path is everything inside the quotation marks.

Careful of typos -- even one letter wrong means the thing won't work at all!

Hope that helps


Top
 Profile  
 
PostPosted: Thu Mar 06, 2008 9:29 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Thu Mar 06, 2008 9:21 am
Posts: 1
I have the same problem, but it is interesting that from the beginning all was working fine. I din't install any additional component, but when i tryed to login today, it doesn't work (Invalid Session). That's very strange, becouse it all worked fine a day before. I have same problem now on my local copy and on working site ?

- since site worked on my local computer and on live site i have excluded the service provider fault (webhosting), and i think it is something else that's not connected to apache server or PHP ??


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 100 posts ]  Go to page 1, 2, 3, 4  Next



Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group