Security Violation The action you attempted is not permitted. Back to the Gallery

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Thu, 2012-08-30 23:06

I see this topd posted but did nto see an answer that would work for us. when a non admin account is logged in they can not click a link ( http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_view=core.ItemAdmin&g2_subView=core.ItemAdd&g2_itemId=29 ) and upload their image..... the get the message ...............

Security Violation

The action you attempted is not permitted.

Back to the Gallery ( hyper linked)

any suggestions?

Error Detail -
Error (ERROR_REQUEST_FORGED)

in modules/core/classes/GalleryController.class at line 239 (GalleryCoreApi::error)
in main.php at line 243 (GalleryController::assertIsGenuineRequest)
in main.php at line 104
in modules/core/classes/GalleryEmbed.class at line 189
in /home/mcr/public_html/my-chemical-romance/photos.php at line 66 (GalleryEmbed::handleRequest)

System Information
Gallery version 2.3.2
PHP version 5.3.2-1ubuntu4.17 apache2handler
Webserver Apache
Database mysql 5.1.63-0ubuntu0.10.04.1
Toolkits SquareThumb, ImageMagick, Thumbnail, Gd
Operating system Linux freedomhill.he.net 2.6.32-36-generic-pae #79-Ubuntu SMP Tue Nov 8 23:25:26 UTC 2011 i686
Browser Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0

thanks

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Fri, 2012-08-31 01:32

in photos.php look for this line:

Quote:

/* Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED */

oops, looks like I did not include them in your file.
Add:

/* Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED */
$session = &$gallery->getSession();
GalleryUtilities::putRequestVariable('authToken', $session->getAuthToken());

around line 64 above $g2data = GalleryEmbed::handleRequest();

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Fri, 2012-08-31 19:42

Ok so we are even now as I gave you the wrong location of my own file in the other thread ...ooppsss all is good here....

I added those line of code you gave me..... but still the same.... I am not well versed in PHP ( yet) can you give me more of an understanding what you mean when you say "uncomment the following lines"

i obviously did something wrong... I mean if i am supposed to tell the browser to ignore these lines wouldn't that be the same as not having them in there in the first place?

thanks

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Fri, 2012-08-31 19:48

/* Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED */
$session = &$gallery->getSession();
GalleryUtilities::putRequestVariable('authToken', $session->getAuthToken());

is already uncommented

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Fri, 2012-08-31 20:30

OK thanks... but i still have the same issue... see attached

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Fri, 2012-08-31 21:50

thanks for taking the time to sing up to see what is happening...

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Fri, 2012-08-31 22:12

try playing w/ the permissions a bit. I'm wondering if you need at least some view privis to even interact w/ that album.
and make sure 29 is the correct ID. Its pretty low a number. When you edit the album, or visit the album the ID will be in the url.

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Fri, 2012-08-31 22:54

There is no permission that says "upload new photo" or anythign like that... is there a webpage that defines what each of these permissions are so i know what each one does... the ones that say "print" i figured out ...but some of the others ones i just dont know what they mean

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Fri, 2012-08-31 22:59

core.add sub-item
but there may be need to have at least basic view privis to be able to add. in which case we'd need to do something a little different.
You're trying something I've never done/cared to do

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Fri, 2012-08-31 23:08

this is the URL to the gallery.
http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_itemId=29

29 seems to be the number...

I had a picture post years ago... PORNO spammers put up images and ruined my dog clothes website.... I used the gallery for a cute dog contest... it was fun until XXX images showed up... I want to make sure I avoid that this time.... and if i get h it by spammers, that those adult images are hidden... hope we can do it.... sorry for the trouble

So how do i do something different? or do the members have to be able to view the images in the gallery?

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Sat, 2012-09-01 03:23

Quote:

this is the URL to the gallery.

I know

Quote:

So how do i do something different?

I'm thinking a dedicated upload page, or maybe like I described in the beginning of the other thread, or hopefully something simpler.

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Sat, 2012-09-01 21:10

Where can i find this dedicated upload page in the admin section?

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Sat, 2012-09-01 21:31

try linking to this file instead

rename it to mcrmy-uploads.php and upload it next to photos.php

and test it.

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Sun, 2012-09-02 13:56

Add items button does not seem to work... it is coded as follows

The webcam option is gone on this new page... or will that not work on this page? it is on the other page located at http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_view=core.ItemAdmin&g2_subView=core.ItemAdd&g2_itemId=29

not sure where the error is..

everything else looks great!!!

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Sun, 2012-09-02 14:57

You really want users to be able to add from webcam?

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Sun, 2012-09-02 15:04

not sure... thought it may be fun for them.... I could always un-check that option from the admin section to stop those types of photos..right... thought I may try it since it was offered in the software..... but why was it not in the page you set up? I mean I have that option selected in the admin section

thanks

dave

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Sun, 2012-09-02 15:10

You want to give them minimal options, which is why I created a barebones page

I just updated it, rename it to uploads.php and upload it next to photos.php

and test it.

-s
All New jQuery Minislideshow for G2/G3

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Sun, 2012-09-02 17:20

no file arttached

dave111111

Joined: 2012-05-17
Posts: 62

Posted: Sun, 2012-09-02 17:28

images dont upload but seem to try to do so........Thank you

suprsidr

Joined: 2005-04-17
Posts: 8339

Posted: Mon, 2012-09-03 14:47

Ok, I think I have it now.

rename it to uploads.php and upload it next to photos.php

and test it.

then we can hide the album so the general public cannot see it.

-s
All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Thu, 2012-08-30 23:06
	I see this topd posted but did nto see an answer that would work for us. when a non admin account is logged in they can not click a link ( http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_view=core.ItemAdmin&g2_subView=core.ItemAdd&g2_itemId=29 ) and upload their image..... the get the message ............... Security Violation The action you attempted is not permitted. Back to the Gallery ( hyper linked) any suggestions? Error Detail - Error (ERROR_REQUEST_FORGED) in modules/core/classes/GalleryController.class at line 239 (GalleryCoreApi::error) in main.php at line 243 (GalleryController::assertIsGenuineRequest) in main.php at line 104 in modules/core/classes/GalleryEmbed.class at line 189 in /home/mcr/public_html/my-chemical-romance/photos.php at line 66 (GalleryEmbed::handleRequest) System Information Gallery version 2.3.2 PHP version 5.3.2-1ubuntu4.17 apache2handler Webserver Apache Database mysql 5.1.63-0ubuntu0.10.04.1 Toolkits SquareThumb, ImageMagick, Thumbnail, Gd Operating system Linux freedomhill.he.net 2.6.32-36-generic-pae #79-Ubuntu SMP Tue Nov 8 23:25:26 UTC 2011 i686 Browser Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0 thanks dave
	XUser login Username: * Password: * Create new account Request new password
suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Fri, 2012-08-31 01:32
	in photos.php look for this line: Quote: /* Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED / oops, looks like I did not include them in your file. Add: / Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED */ $session = &$gallery->getSession(); GalleryUtilities::putRequestVariable('authToken', $session->getAuthToken()); around line 64 above $g2data = GalleryEmbed::handleRequest(); -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Fri, 2012-08-31 19:42
	Ok so we are even now as I gave you the wrong location of my own file in the other thread ...ooppsss all is good here.... I added those line of code you gave me..... but still the same.... I am not well versed in PHP ( yet) can you give me more of an understanding what you mean when you say "uncomment the following lines" i obviously did something wrong... I mean if i am supposed to tell the browser to ignore these lines wouldn't that be the same as not having them in there in the first place? thanks dave

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Fri, 2012-08-31 19:48
	/* Uncomment the following 2 lines if you experience ERROR_REQUEST_FORGED */ $session = &$gallery->getSession(); GalleryUtilities::putRequestVariable('authToken', $session->getAuthToken()); is already uncommented -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Fri, 2012-08-31 20:30
	OK thanks... but i still have the same issue... see attached

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Fri, 2012-08-31 21:50
	thanks for taking the time to sing up to see what is happening... dave

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Fri, 2012-08-31 22:12
	try playing w/ the permissions a bit. I'm wondering if you need at least some view privis to even interact w/ that album. and make sure 29 is the correct ID. Its pretty low a number. When you edit the album, or visit the album the ID will be in the url. -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Fri, 2012-08-31 22:54
	There is no permission that says "upload new photo" or anythign like that... is there a webpage that defines what each of these permissions are so i know what each one does... the ones that say "print" i figured out ...but some of the others ones i just dont know what they mean dave

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Fri, 2012-08-31 22:59
	core.add sub-item but there may be need to have at least basic view privis to be able to add. in which case we'd need to do something a little different. You're trying something I've never done/cared to do -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Fri, 2012-08-31 23:08
	this is the URL to the gallery. http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_itemId=29 29 seems to be the number... I had a picture post years ago... PORNO spammers put up images and ruined my dog clothes website.... I used the gallery for a cute dog contest... it was fun until XXX images showed up... I want to make sure I avoid that this time.... and if i get h it by spammers, that those adult images are hidden... hope we can do it.... sorry for the trouble So how do i do something different? or do the members have to be able to view the images in the gallery? dave

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Sat, 2012-09-01 03:23
	Quote: this is the URL to the gallery. I know Quote: So how do i do something different? I'm thinking a dedicated upload page, or maybe like I described in the beginning of the other thread, or hopefully something simpler. -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Sat, 2012-09-01 21:10
	Where can i find this dedicated upload page in the admin section?

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Sat, 2012-09-01 21:31
	try linking to this file instead rename it to mcrmy-uploads.php and upload it next to photos.php and test it. -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Sun, 2012-09-02 13:56
	Add items button does not seem to work... it is coded as follows <input type="submit" value="Add Items" name="g2_form[action][addFromBrowser]" class="inputTypeSubmit"> The webcam option is gone on this new page... or will that not work on this page? it is on the other page located at http://www.mcrmysoldiers.com/my-chemical-romance/photos.php?g2_view=core.ItemAdmin&g2_subView=core.ItemAdd&g2_itemId=29 not sure where the error is.. everything else looks great!!!

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Sun, 2012-09-02 14:57
	You really want users to be able to add from webcam? -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Sun, 2012-09-02 15:04
	not sure... thought it may be fun for them.... I could always un-check that option from the admin section to stop those types of photos..right... thought I may try it since it was offered in the software..... but why was it not in the page you set up? I mean I have that option selected in the admin section thanks dave

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Sun, 2012-09-02 15:10
	You want to give them minimal options, which is why I created a barebones page I just updated it, rename it to uploads.php and upload it next to photos.php and test it. -s All New jQuery Minislideshow for G2/G3

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Sun, 2012-09-02 17:20
	no file arttached

dave111111 Joined: 2012-05-17 Posts: 62	Posted: Sun, 2012-09-02 17:28
	images dont upload but seem to try to do so........Thank you

suprsidr Joined: 2005-04-17 Posts: 8339	Posted: Mon, 2012-09-03 14:47
	Ok, I think I have it now. rename it to uploads.php and upload it next to photos.php and test it. then we can hide the album so the general public cannot see it. -s All New jQuery Minislideshow for G2/G3

Security Violation The action you attempted is not permitted. Back to the Gallery

XUser login