Related Topics


[Video CMS v4]Error Page not Found 404 3.3 RC2  (Read 1104 times) Print

1 B


carlitos90cu  January 07, 2014, 04:33:13 PM

Hi everyone
I have the following errors:
Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: The IV parameter must be as long as the blocksize in /home/carb/public_html/lib/functions.user.php on line 88

Notice: Undefined offset: 1 in /home/carb/public_html/lib/functions.user.php on line 222

And sometimes when I try to open my website I get the 404 Page not Found, the only solution what I found is cleaning the cache on my browser.

I need you helps guys, because I don't want to lose any visitors.

My website:
Warning NSFW newbielink:http://www.wikixvideos.com [nonactive]

Logged


carlitos90cu  January 07, 2014, 05:10:08 PM

This is the line (88) From 86 to 92:

if ( function_exists('mcrypt_encrypt') ) {
list($iv, $data) = explode('@@', $text);
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, $data, MCRYPT_MODE_CFB, strrev($iv)));
} else {
return $text;
}
}

This is the line (222) From 221 to 223:

if($full && !empty($full)){
list($id, $pass) = explode(COOKIESPLIT, user::decrypt($full, SECRETSALT));
$id = intval($id);

Logged


Alexander  January 07, 2014, 05:20:02 PM

Can you check if under login settings / Cookies security data none of the 3 fields are blank? they all should have values.

Logged

carlitos90cu  January 07, 2014, 06:11:40 PM

hi alex, I'm working right now. Can you explain me a little bit more because I don't know nothing about that.

Logged


Alexander  January 07, 2014, 08:31:07 PM

Those values should be random and secret, not much to explain. Just read there under each fields.
But if they are not set, they cause issues with cookies encryption.

Logged

carlitos90cu  January 08, 2014, 05:04:38 AM

It is like teaching a child the alphabet  :(
My main problem is page 404,the lines what mentioned is the first time that happens. But page 404 happens to me every day and I do not think that has to do with the lines that I mentioned.

Logged


Alexander  January 08, 2014, 02:49:47 PM

It is like teaching a child the alphabet  :(
My main problem is page 404,the lines what mentioned is the first time that happens. But page 404 happens to me every day and I do not think that has to do with the lines that I mentioned.

The error 404 if it's coding related (or .htaccess) would be permanent, when it happens periodically, but not every time it is most probably DNS related or by a smaller chance mod_security related.
I can help with coding, not with server/ hosting account setup. You can search the forum and convince yourself it's not a PHPVibe issue.

Logged

ampstar  January 15, 2014, 01:56:04 AM

I have the same issue. It only ever happens on my phpvibe site. So i dont think its a server issue. I thought it was only happening to me but some other users have said they are getting it too so i need to fix this. Ive checked the cookie info you sugested alex and they are both filled in. the problem once it happens stays untill the browser history / cache is cleared.

Logged


Alexander  January 15, 2014, 03:16:42 PM

Do you have mod_security enabled?

Logged

ampstar  January 15, 2014, 11:00:43 PM

Im just checking this with my hosting provider now as im unsure but i believe that it may be enabled. Does this need to be disabled?

Logged


Alexander  January 15, 2014, 11:04:40 PM

It's the only thing I can imagine making such an issue.

Logged

ampstar  January 15, 2014, 11:09:23 PM

It's the only thing I can imagine making such an issue.

Ok ill get back to you when i know for sure. what options would i have if it was enabled?

Logged


Alexander  January 15, 2014, 11:11:20 PM

It's a firewall, but it's primitive and sometimes causes issues on inputs, cookies, or other data transfers as it sees them as hacking attempts.

Logged

ampstar  January 15, 2014, 11:40:18 PM

can confirm now that mod_security is enabled. They said its a problem with the script not being compliant with mod_security. They cant whitelist as its being blocked at phase 1 before the whitelist stage. So what options do i have now?

Logged


ampstar  January 15, 2014, 11:43:17 PM

Also i forgot to mention that when this happens to me its always immediatly after logging in.

Logged


Max  January 15, 2014, 11:45:43 PM

I've had the same issue with encrypted cookies and I've moved to a mod_security free account.

Logged


Alexander  January 15, 2014, 11:48:50 PM

can confirm now that mod_security is enabled. They said its a problem with the script not being compliant with mod_security. They cant whitelist as its being blocked at phase 1 before the whitelist stage. So what options do i have now?

Globally it's being used by many with mod_security, not the Apache component is the problem, it's the way you configure it (like any antivirus/firewall on your pc). Something there it's blocking you access under session/cookie login and that's just wrong.

Logged

ampstar  January 16, 2014, 12:09:04 AM

Ill speak to the hosting company again. Max did you move to a different company or did the same hosting company have a server without mod_security enabled.

Logged


ampstar  January 16, 2014, 12:11:12 AM

Im just asking because i know they will probably pass blame again to phpvibe so ill just have to move if thats the case.

Logged


Alexander  January 16, 2014, 12:20:27 AM

No worries, all hosting companies blame script providers ;) We're used to it.
The question is not what Max did, the question is "are they able to provide you an account with mod_security disabled".

Logged