Project

General

Profile

Feature #3265

solution report, "Sorry, you are not allowed to access "admin setting page

Added by mic yu over 8 years ago. Updated over 8 years ago.

Status:
Feature implemented
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
15/04/2011
Due date:
% Done:

100%

Estimated time:
Complexity:
Normal
SCRUM pts - complexity:
?

Description

report solution of common problem

1.Problem description ========================
After new installed 1.8.x but when I log on as Admin and try to access 'Configuration Settings', I get the message 'Sorry, you are not allowed to access this page.'.

The link it is trying to open is /chamilo/main/admin/settings.php =========================
the problem affected all version 1.8.7.1,1.8.8.x
it should affect all operation system, I am using windows 2008

2.Troubleshoot process
after tracing with xdebug till code in main\inc\local.inc.php
code as below =========
if ($_configuration['tracking_enabled']) {
$sql = "SELECT user.*, a.user_id is_admin, UNIX_TIMESTAMP(login.login_date) login_date =========
The $result return 0; which cause no user data is retrieved, so no access right

FROM $user_table
LEFT JOIN $admin_table a
ON user.user_id = a.user_id
LEFT JOIN ".$_configuration['statistics_database'].".track_e_login login
ON user.user_id = login.login_user_id
WHERE user.user_id = '".$_user['user_id']."'
ORDER BY login.login_date DESC LIMIT 1";
} else {
$sql = "SELECT user.*, a.user_id is_admin
FROM $user_table
LEFT JOIN $admin_table a
ON user.user_id = a.user_id
WHERE user.user_id = '".$_user['user_id']."'";
}
$result = Database::query($sql);

3.Compare my working system and non-working system, noticed difference in sql ============
1)non-working system: return zero result,run sql in phpmyadmin also generate error
sql is:
SELECT user.*, a.user_id is_admin, UNIX_TIMESTAMP(login.login_date) login_date
FROM `eq-cham`.`user`
LEFT JOIN `eq-cham`.`admin` a
ON user.user_id = a.user_id
LEFT JOIN eq-cham.track_e_login login
ON user.user_id = login.login_user_id
WHERE user.user_id = '1'
ORDER BY login.login_date DESC LIMIT 1

2)working system, sql is:
SELECT user.*, a.user_id is_admin, UNIX_TIMESTAMP(login.login_date) login_date
FROM `eqsg`.`user`
LEFT JOIN `eqsg`.`admin` a
ON user.user_id = a.user_id
LEFT JOIN eqsg.track_e_login login
ON user.user_id = login.login_user_id
WHERE user.user_id = '1'
ORDER BY login.login_date DESC LIMIT 1 ==========
The only difference is the hyphen in database name (eq-cham)

3.regarding using hyphen, read from mysql site ==========
An identifier may be quoted or unquoted. If an identifier contains special characters or is a reserved word, you must quote it whenever you refer to it. The set of alphanumeric characters from the current character set, “_”, and “$” are not special. ==========
hyphen should classified as special characters, so it generate problem.

4.Conclusion and suggestion
Many developer today still use hyphen in db name and column name, because it does not show obvious problem when using. even some 3-5 years developer still meet such mistake.

it is suggested to put in installation page a warning, that table name should not contain hypen or other special char to prevent future problem with other people.

Thanks
Michael Yu

Associated revisions

Revision 490de2ff (diff)
Added by Julio Montoya over 8 years ago

Using function Database::get_statistic_table instead of $_configuration['statistics_database'] to avoid problems in queries see #3265

History

#1

Updated by Julio Montoya over 8 years ago

  • Status changed from New to Assigned
  • Assignee set to Julio Montoya
  • Target version set to 1.8.8.4
  • % Done changed from 0 to 20

Hello Mic Yu!

Thanks for reporting!!
The problem here is that we should not use this variable directly $_configuration['statistics_database']

we should use the Database::get_statistic_table()
this function adds the ` that is missing

I'm going to send a commit with a fix

#2

Updated by Julio Montoya over 8 years ago

  • Status changed from Assigned to Needs more info
  • Assignee deleted (Julio Montoya)
  • % Done changed from 20 to 80

I sent a commit the implements the fixes in order to avoid that problem :
http://code.google.com/p/chamilo/source/detail?r=768ca4eb53ea2bd99be8900a87400a761262bc80&repo=classic

#3

Updated by Yannick Warnier over 8 years ago

  • Target version changed from 1.8.8.4 to 1.8.8.2
#4

Updated by Julio Montoya over 8 years ago

  • Status changed from Needs more info to Feature implemented
  • % Done changed from 80 to 100

Also available in: Atom PDF