By deancolmer on
Using: Mac with OS X Tiger
I followed the local server setup install using MAMP.
Drupal install seemed to go ok - I followed instructions to the letter, and set up a Database in mysql according to the instructions.
When I get to the Drupal website admin page [ at the top it says "Welcome to your new Drupal website!"], all of the links return a new page that says ACCESS DENIED - you are not authorised to access this page, and I can go no further.
I have uninstalled and re-installed MAMP and Drupal several times and still get the same thing.
Please can you advise how I get past this roadblock.
Thanks
Edited by: VeryMisunderstood; tagged thread with version of Drupal in use.
Comments
What are the url's on the
What are the url's on the links that direct you to a private set of pages?
Hi. Thanks for the
Hi. Thanks for the reply.
The URL for the Drupal "welcome" is http://localhost:8888/10cg/ where 10cg is the website name.
When I click on the "administration section" link it takes me to http://localhost:8888/10cg/?q=admin where access is denied.
Hope this makes sense!
You mentioned that ALL of
You mentioned that ALL of the links brings you do the access denied page. Do you see something similar to http://localhost:8888/10cg/?q=admin where q=node or other variables? Try to type in http://localhost:8888/10cg/index.php?q=admin into the url and see what happens.
Hi. Tried that. Same thing
Hi. Tried that. Same thing happens. Access denied.
=-=
is there a .htaccess file in your installation? often times users on a mac don't see this file because it is hidden.
yes - there is a .htaccess
yes - there is a .htaccess file in the 10cg directory
=-=
you failed to tag this thread with the version of drupal in use?
knowing that information may help narrow down researching for you.
it's the latest one - v6.9
it's the latest one - v6.9
Probably a dumb question but
Probably a dumb question but can you see if you're logged in as user1? Every so often something retarded happens and it installs and then (un)helpfully logs you out. Can you hit ?q=user and log in?
Stabbing around in the dark :)
works at bekandloz | plays at technonaturalist
q=user logs me in. All it
q=user logs me in.
All it shows is 2 option tabs:
"View" - which says "History" with nothing else except for the member for duration
and
"Edit" which allows me to change my user password and locale time.
After logging in at ?q=user
After logging in at ?q=user can you type in ?q=admin and get to the admin pages from there?
works at bekandloz | plays at technonaturalist
nope.
nope.
Which Type Of Access Is Restricted
Is it within drupal that there is restricted access or is it an apache, being 'you cannot access this given directory', that is assuming you are using apache for a server.
I am using apache, but the
I am using apache, but the restriction appears to be in drupal - it's a drupal page and refers to denied access to the page, not file or directory.
How would I know for sure?
To Ensure it
To Ensure that drupal is restricting your access and not apache go into /includes/ and open up common.inc. There is a function called drupal_access_denied(), put some echo in the beginning and if you see the echo on the screen its drupal, then you can go ahead and find out which function is calling drupal_access_denied(), there are about 8 references to this function. This may become exhaustive but if anyone knows a better way please state it. There may be another function that denies access, this is the only one that was obvious.
if (empty($return) ||
if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) {
drupal_set_title(t('Access denied'));
$return = t('You are not authorized to access this page.');
This is it! There seems to be only one entry for the text that is delivered.
So what does this mean?
Thanks for all your help so far, but I'm still clueless!
Check menu_execute_active_handler
Well the problem can be one of three things, from what I seen they are mutually exclusive. Do an echo on $return and see what it prints out. In menu.inc there is a function called menu_execute_active_handler. If the drupal access denied is getting called like we think it is, it is errant because of what that function is returning. So it basically returning MENU_ACCESS_DENIED which is an integer of 3, MENU_NOT_FOUND which is an int of 2, or an empty string. I do not know drupal's working very well is someone does and has seen this some insight would be great, but at least we are finding out where the problem is.
So take a look at menu_execute_active_handler($path) and find out what $result is being set to, to determine what the root cause is.
edit: When I say look to see what $return is, I mean before the if statement to see what it is evaluating to before drupal sets it to the Access Denied message
another edit: I am going through drupal's logic and there are two instances (of 8) that invoke the drupal_access_deined function which you may want to look at. The first file to look at is /modules/profile/profile.pages.inc . There is one spot where the function is called, try to see if that function is being called there. The second is /modules/user/user.pages.inc , let me know if either of those are calling the access denied.
Thanks Johnnywoo. Please
Thanks Johnnywoo. Please bear with me here - I don't understand the technical bits here at all (eg. I havent got a clue what an echo is)
Here are two sets of code from Menu.inc:
define('MENU_FOUND', 1);
define('MENU_NOT_FOUND', 2);
define('MENU_ACCESS_DENIED', 3);
define('MENU_SITE_OFFLINE', 4);
and...
function menu_execute_active_handler($path = NULL) {
if (_menu_site_is_offline()) {
return MENU_SITE_OFFLINE;
}
// Rebuild if we know it's needed, or if the menu masks are missing which
// occurs rarely, likely due to a race condition of multiple rebuilds.
if (variable_get('menu_rebuild_needed', FALSE) || !variable_get('menu_masks', array())) {
menu_rebuild();
}
if ($router_item = menu_get_item($path)) {
if ($router_item['access']) {
if ($router_item['file']) {
require_once($router_item['file']);
}
return call_user_func_array($router_item['page_callback'], $router_item['page_arguments']);
}
else {
return MENU_ACCESS_DENIED;
}
}
return MENU_NOT_FOUND;
}
Here is the code from profile.pages.inc:
// Do not allow browsing of private and hidden fields by non-admins.
if (!user_access('administer users') && ($field->visibility == PROFILE_PRIVATE || $field->visibility == PROFILE_HIDDEN)) {
drupal_access_denied();
return;
}
here is a big one from user.pages.inc, it's at the end:
function user_pass_submit($form, &$form_state) {
global $language;
$account = $form_state['values']['account'];
// Mail one time login URL and instructions using current language.
_user_mail_notify('password_reset', $account, $language);
watchdog('user', 'Password reset instructions mailed to %name at %email.', array('%name' => $account->name, '%email' => $account->mail));
drupal_set_message(t('Further instructions have been sent to your e-mail address.'));
$form_state['redirect'] = 'user';
return;
}
/**
* Menu callback; process one time login link and redirects to the user page on success.
*/
function user_pass_reset(&$form_state, $uid, $timestamp, $hashed_pass, $action = NULL) {
global $user;
// Check if the user is already logged in. The back button is often the culprit here.
if ($user->uid) {
drupal_set_message(t('You have already used this one-time login link. It is not necessary to use this link to login anymore. You are already logged in.'));
drupal_goto();
}
else {
// Time out, in seconds, until login URL expires. 24 hours = 86400 seconds.
$timeout = 86400;
$current = time();
// Some redundant checks for extra security ?
if ($timestamp < $current && $account = user_load(array('uid' => $uid, 'status' => 1)) ) {
// Deny one-time login to blocked accounts.
if (drupal_is_denied('user', $account->name) || drupal_is_denied('mail', $account->mail)) {
drupal_set_message(t('You have tried to use a one-time login for an account which has been blocked.'), 'error');
drupal_goto();
}
// No time out for first time login.
if ($account->login && $current - $timestamp > $timeout) {
drupal_set_message(t('You have tried to use a one-time login link that has expired. Please request a new one using the form below.'));
drupal_goto('user/password');
}
else if ($account->uid && $timestamp > $account->login && $timestamp < $current && $hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login)) {
// First stage is a confirmation form, then login
if ($action == 'login') {
watchdog('user', 'User %name used one-time login link at time %timestamp.', array('%name' => $account->name, '%timestamp' => $timestamp));
// Set the new user.
$user = $account;
// user_authenticate_finalize() also updates the login timestamp of the
// user, which invalidates further use of the one-time login link.
user_authenticate_finalize($form_state['values']);
drupal_set_message(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'));
drupal_goto('user/'. $user->uid .'/edit');
}
else {
$form['message'] = array('#value' => t('
This is a one-time login for %user_name and will expire on %expiration_date.
Click on this button to login to the site and change your password.
', array('%user_name' => $account->name, '%expiration_date' => format_date($timestamp + $timeout))));
$form['help'] = array('#value' => '
'. t('This login can be used only once.') .'
');
$form['submit'] = array('#type' => 'submit', '#value' => t('Log in'));
$form['#action'] = url("user/reset/$uid/$timestamp/$hashed_pass/login");
return $form;
}
}
else {
drupal_set_message(t('You have tried to use a one-time login link which has either been used or is no longer valid. Please request a new one using the form below.'));
drupal_goto('user/password');
}
}
else {
// Deny access, no more clues.
// Everything will be in the watchdog's URL for the administrator to check.
drupal_access_denied();
}
}
}
I hope all this makes sense - it doesn't to me! Thanks again.
Similar problem with Access Denied messages
Admin (user 1) was unable to view certain pages (access denied page displayed) and the following SQL error:
SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /modules/user/user.module on line 515.
Tracked the problem down to a custom module with incorrect 'access arguments':
this line was wrong:
'access arguments' can only have one argument. Line should be:
'access arguments' => array( 'view own results'),See: http://drupal.org/node/327967
'access