• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Unable to login to admin account

Status
Not open for further replies.
Website URL
<private>

Chevereto version
3.9.5

Description of the issue
Hi,

I had chevereto installed on my site this morning (thanks!), but the admin credentials don't seem to allow me to login.

I get an error which says; Request denied. You either don't have permission to access this page of the link has expired.

Is this something which you could help me figure out?

Thanks
 
What is happening here is that when you access any Chevereto based website, an auth_token is generated (you can check it by opening your browser console and entering this: PF.obj.config.auth_token). That auth token is a random string which "marks" that visit so all request must indicate that auth_token to validate that the request has been made / authorized by the system.

Problem is that in your server you get random tokens all the time so the system will always output that the token is invalid because is changing all the time. This system uses $_SESSION to handle the stock_token and what's going on here is that session is not being saved/read properly.

I added this at index.php and it works (so the problem is the session save path)
PHP:
// Session Hack here
ini_set('session.save_path', realpath('app/content/SESSIONS'));

The most relevant issue here is that sessions are not working properly and your server isn't aware of that. It doesn't throw any error on session_start.

At this time your website is working, but on every update you will have to add that hack unless your hosting company fixes the default session path permissions.

Hope it helps,
Rodolfo.
 
Thanks so much for your help Rodolfo - this is great! I'm hosting my site with TMD, who I thought would have everything configured for a smooth installation of Chevereto, so this is a little odd. But I'm very grateful for your help, I would never have been able to find the source of the problem myself.

I have one final question for you, when uploading an image if fails and I get an error message of 'missing temp folder'. I have a search through the forum for that phrase, but couldn't find anything. I assume that this requires some more tinkering through the cPanel - could you please advise?

Thanks,

Richard
 
I thought would have everything configured for a smooth installation of Chevereto

Remember that this stuff is all auto and servers can fail all the time. Most likely it will get fixed without your even noticing it.

I have one final question for you, when uploading an image if fails and I get an error message of 'missing temp folder'. I have a search through the forum for that phrase, but couldn't find anything. I assume that this requires some more tinkering through the cPanel - could you please advise?

Yesterday I uploaded some images without issues so the problem here is messed system permissions. You should refer these to your hosting company, just tell them that system permissions are wrong (temp folder, session path, etc.)

Issues like this affects any software and that includes Chevereto.

By the way, I have forwarded this to TMDHosting staff, hope that my feedback can help in this case.

Cheers,
Rodolfo.
 
Hi Rodolfo,

I flagged this up with TMD, supplied them with the credentials to try the upload themselves and they responded with this;

'We have managed to recreate this issue on our side, however, all of your permissions seem to be okay on first glance and we were unable to find a solution.

Therefore, we kindly ask you to contact Chevereto and ask them the exact folder and the exact permissions that need to be changed and we will gladly assist you with this.'
Would you be able to advise?

Thanks!
 
I already did. Sadly, at script layer there's no much left to do if the system is throwing false positives.
 
Status
Not open for further replies.
Back
Top