• Welcome to PHPVIBE Forums. Please log in.

[ Video Sharing CMS v4 ] Error Page not Found 404 3.3 RC2

Started by carlitos90cu,

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

carlitos90cuTopic starter

Hi everyone
I have the following errors:
Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: The IV parameter must be as long as the blocksize in /home/carb/public_html/lib/functions.user.php on line 88

Notice: Undefined offset: 1 in /home/carb/public_html/lib/functions.user.php on line 222

And sometimes when I try to open my website I get the 404 Page not Found, the only solution what I found is cleaning the cache on my browser.

I need you helps guys, because I don't want to lose any visitors.

My website:
Warning NSFW http://www.wikixvideos.com
  •  

carlitos90cuTopic starter

This is the line (88) From 86 to 92:

if ( function_exists('mcrypt_encrypt') ) {
list($iv, $data) = explode('@@', $text);
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, $data, MCRYPT_MODE_CFB, strrev($iv)));
} else {
return $text;
}
}

This is the line (222) From 221 to 223:

if($full && !empty($full)){
list($id, $pass) = explode(COOKIESPLIT, user::decrypt($full, SECRETSALT));
$id = intval($id);
  •  

PHPVibe A.

Can you check if under login settings / Cookies security data none of the 3 fields are blank? they all should have values.

carlitos90cuTopic starter

hi alex, I'm working right now. Can you explain me a little bit more because I don't know nothing about that.
  •  

PHPVibe A.

Those values should be random and secret, not much to explain. Just read there under each fields.
But if they are not set, they cause issues with cookies encryption.

carlitos90cuTopic starter

It is like teaching a child the alphabet  :(
My main problem is page 404,the lines what mentioned is the first time that happens. But page 404 happens to me every day and I do not think that has to do with the lines that I mentioned.
  •  

PHPVibe A.

Quote from: carlitos90cu on
It is like teaching a child the alphabet  :(
My main problem is page 404,the lines what mentioned is the first time that happens. But page 404 happens to me every day and I do not think that has to do with the lines that I mentioned.

The error 404 if it's coding related (or .htaccess) would be permanent, when it happens periodically, but not every time it is most probably DNS related or by a smaller chance mod_security related.
I can help with coding, not with server/ hosting account setup. You can search the forum and convince yourself it's not a PHPVibe issue.

ampstar

I have the same issue. It only ever happens on my phpvibe site. So i dont think its a server issue. I thought it was only happening to me but some other users have said they are getting it too so i need to fix this. Ive checked the cookie info you sugested alex and they are both filled in. the problem once it happens stays untill the browser history / cache is cleared.
  •  

PHPVibe A.


ampstar

Im just checking this with my hosting provider now as im unsure but i believe that it may be enabled. Does this need to be disabled?
  •  

PHPVibe A.

It's the only thing I can imagine making such an issue.

ampstar

Quote from: Alexander on
It's the only thing I can imagine making such an issue.

Ok ill get back to you when i know for sure. what options would i have if it was enabled?
  •  

PHPVibe A.

It's a firewall, but it's primitive and sometimes causes issues on inputs, cookies, or other data transfers as it sees them as hacking attempts.

ampstar

can confirm now that mod_security is enabled. They said its a problem with the script not being compliant with mod_security. They cant whitelist as its being blocked at phase 1 before the whitelist stage. So what options do i have now?
  •  

ampstar

Also i forgot to mention that when this happens to me its always immediatly after logging in.
  •  

Max

I've had the same issue with encrypted cookies and I've moved to a mod_security free account.
  •  

PHPVibe A.

Quote from: ampstar on
can confirm now that mod_security is enabled. They said its a problem with the script not being compliant with mod_security. They cant whitelist as its being blocked at phase 1 before the whitelist stage. So what options do i have now?

Globally it's being used by many with mod_security, not the Apache component is the problem, it's the way you configure it (like any antivirus/firewall on your pc). Something there it's blocking you access under session/cookie login and that's just wrong.

ampstar

Ill speak to the hosting company again. Max did you move to a different company or did the same hosting company have a server without mod_security enabled.
  •  

ampstar

Im just asking because i know they will probably pass blame again to phpvibe so ill just have to move if thats the case.
  •  

PHPVibe A.

No worries, all hosting companies blame script providers ;) We're used to it.
The question is not what Max did, the question is "are they able to provide you an account with mod_security disabled".

Similar topics (7)