Forbidden after update from 4.2 -> 4.3.2

The following warnings occurred:

Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)

File	Line	Function
/global.php(961) : eval()'d code	26	errorHandler->error
/global.php	961	eval
/printthread.php	16	require_once

Warning [2] Undefined property: MyLanguage::$archive_pages - Line: 2 - File: printthread.php(287) : eval()'d code PHP 8.2.25 (Linux)

File	Line	Function
/printthread.php(287) : eval()'d code	2	errorHandler->error
/printthread.php	287	eval
/printthread.php	117	printthread_multipage

Forbidden after update from 4.2 -> 4.3.2 - Printable Version

+- UserSpice (https://userspice.com/forums)
+-- Forum: Support Center (https://userspice.com/forums/forumdisplay.php?fid=23)
+--- Forum: UserSpice 4.3 and Below (https://userspice.com/forums/forumdisplay.php?fid=26)
+--- Thread: Forbidden after update from 4.2 -> 4.3.2 (/showthread.php?tid=898)

Pages: 1 2

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-01-2018

Hi,

After I updated userspice I get:
Forbidden

You don't have permission to access /ota/dev/am/users/admin_verify.php?actual_link=http://mysite/ota/dev/am/users/admin_permissions.php&page=users/admin_permissions.php on this server.

Because I use SSL I altered the url into https, but it results in the same issue.

Does anyone have an idea what is wrong?

Kind regards,
nessinits

Forbidden after update from 4.2 -> 4.3.2 - Brandin - 01-01-2018

Just to confirm you are getting 403 Forbidden Codes?

You'll need to check your file permissions. I run mine as 644 I think.

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-01-2018

That doesn't seem the issue. All my files are 644.

Forbidden after update from 4.2 -> 4.3.2 - Brandin - 01-01-2018

Are all of your files giving you 403 Errors?

Is there anything in the error logs? I wonder if one specific file that is required (init or a helper or something) has bad permissions and it is causing the error.

It could also be a file ownership problem although that should produce a 500 error instead.

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-02-2018

The issue is with all admin pages. All my regular projectpages are accessible.

I think it's an admin-rights issue, but I don't know where to start looking ...

Forbidden after update from 4.2 -> 4.3.2 - Brandin - 01-02-2018

Backup your DB and then run this query:
UPDATE pages SET re_auth = 0 WHERE re_auth=1;

Let me know if that fixes the issue.

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-02-2018

That solved it. What's wrong? What should I do now?

Forbidden after update from 4.2 -> 4.3.2 - Brandin - 01-02-2018

That to me would indicate an issue with admin_verify.php. Check the permissions on this file. Also make sure it is in your DB (pages), users/admin_verify.php, should be private with a re_auth value of 0, and then have a corresponding page_permission_matches. Let me know.

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-02-2018

Permissions are correct. DB-pages users/admin_verify.php is private and re_auth is 0.

I've added manually users/admin_verify.php to pages and given permission to my admin group. The result stays the same.

Forbidden after update from 4.2 -> 4.3.2 - nessinits - 01-02-2018

As an addition ... When I make the actual link blank it returns the admin_verify.php page.