Gossamer Forum: Products: DBMan: Customization: Can't delete records

May 7, 2000, 5:54 PM

David Meade

Novice (22 posts)

May 7, 2000, 5:54 PM

Post #1 of 17

Shortcut

Can't delete records

When I log in as an ADMIN, and then search the database for deletion and click list all records - I check the records I want to delete and click the delete button. Then it gives me the following error:

Code:
Oops, there was a problem logging into the system: invalid/expired user session. 
Please try logging in again, or contact the system administrator.

Does anyone know why it might be doing this?

Thanks,
David

May 7, 2000, 8:33 PM

JPDeni

Veteran / Moderator (8669 posts)

May 7, 2000, 8:33 PM

Post #2 of 17

Shortcut

Re: Can't delete records In reply to

This only happens when you are deleting records? This doesn't happen when you add or search?

Who is your server provider? Is it 9netave? (Or something like that. I know it starts with a "9.")

------------------
JPD

May 8, 2000, 5:19 PM

David Meade

Novice (22 posts)

May 8, 2000, 5:19 PM

Post #3 of 17

Shortcut

Re: Can't delete records In reply to

Only when I delete. I could delete in this manor before, but now I can not. I've changed something I guess - I just can't imagine what.

The fact that this used to work, combined with the fact that I get this error whether connecting from home or work makes me believe it's not my ISP...but for the skae of completeness...my ISP is "21st Century" (a cable modem provider in Chicago).

May 9, 2000, 4:18 AM

JPDeni

Veteran / Moderator (8669 posts)

May 9, 2000, 4:18 AM

Post #4 of 17

Shortcut

Re: Can't delete records In reply to

The reason I asked about your ISP is that 9netave has their clocks set differently than others do and causes the session files to be deleted almost immediately after login.

Using FTP, go into the auth directory and delete any files that might be there.

Log in to your database.

Immediately go back to FTP and see if there is a file in the auth directory. (You may need to reload the directory in order to see anything.)

Go back to DBMan. Try to delete a record. If you get the "invalid/expired user session," got back to FTP again and see if the file is still in the auth directory. (Again, you may need to reload.)

What this will do is tell me if the problem is due to the session file being deleted when it ought not to be or due to the script not reading it correctly.

If the file is still there, take a look at the source code for the delete form. Make sure there is a hidden field

Code:
<input type="hidden" name="uid" value="your current session id">

The session id is your login name plus a very log number. You should see it in the URL when you go to the delete search page.

I'm thinking now that you may have inadvertantly deleted or changed the hidden field in sub html_delete_form.

------------------
JPD

May 9, 2000, 11:14 AM

David Meade

Novice (22 posts)

May 9, 2000, 11:14 AM

Post #5 of 17

Shortcut

Re: Can't delete records In reply to

Ok here’s what’s happened:

* via FTP I deleted the only file in the auth directory. (index.html)
* then I logged into my dbman
* then via FTP I refreshed the directory and saw the file: DavidMeade.9579063044850
* then in the database I clicked: “Delete”
* and then “list all”
* and then checked all but one record
* and then clicked the delete (submit) button.
* I received the following error:

Code:
Oops, there was a problem logging into the system: invalid/expired user session. 

Please try logging in again, or contact the system administrator.

* Then via FTP I refreshed the directory and the file DavidMeade….. still existed.

The follwing is a complete listing of my delete_form.

Code:
sub html_delete_form { 
# -------------------------------------------------------- 
# The user has searched the database for deletion and must now 
# pick which records to delete from the records returned. This page 
# should produce a checkbox with name=ID value=delete for each record. 
# We have to do a little work to convert the array @hits that contains 
# the search results to a hash for printing. 

	my ($status, @hits) = &query("mod");	 
	my ($numhits) = ($#hits+1) / ($#db_cols+1); 
	my ($maxhits); $in{'mh'} ? ($maxhits = $in{'mh'}) : ($maxhits = $db_max_hits); 
	my (%tmp); 

    $page_title = "Delete Record(s)"; 
    &html_page_top; 

    $submit_button = "Delete Checked Record(s)"; 
    $reset_button = "Reset Form"; 

   if ($status ne "ok") {	# There was an error searching! 
		print qq|<P><FONT COLOR="red">Error: $status</FONT>|; 
        &html_footer; 
        &html_page_bottom; 
	} 

    else { 
# < -- Start page text -- > 
      print qq| 
	    <p> 
		Check which records you wish to delete and then press "Delete Records":<br> 
		  |; 
# < -- End page text --> 

	  if ($db_next_hits) { print "<br><$font>Pages: $db_next_hits</font>"; } 

      print qq| 
	    <form action="$db_script_url" METHOD="POST"> 
	    <input type=hidden name="db" value="$db_setup"> 
	    <input type=hidden name="uid" value="$db_uid"> 
      |; 

# Go through each hit and convert the array to hash and send to  
# html_record for printing. Also add a checkbox with name=key and value=delete. 

 print qq| 
	<DIV CLASS="ac"> 
	<TABLE BORDER="1" CELLPADDING="3"> 
	<TR> 
			<TH COLSPAN="6">David Meade's</TH> 
	</TR> 
	<TR> 
			<TD CLASS="sub1" ALIGN="CENTER">Select</TD> 
			<TD CLASS="sub1" ALIGN="CENTER">Middle Name</TD> 
			<TD CLASS="sub1" ALIGN="CENTER">Location</TD> 
			<TD CLASS="sub1" ALIGN="CENTER">Age</TD> 
			<TD CLASS="sub1" ALIGN="CENTER">Email</TD> 
			<TD CLASS="sub1" ALIGN="CENTER">URL</TD> 
	</TR>	 
	<TR> 
	|; 
	  for (0 .. $numhits - 1) { 
		%tmp = &array_to_hash($_, @hits); 
		print qq|<TD><INPUT TYPE=CHECKBOX NAME="$tmp{$db_key}" VALUE="delete"></TD>|; 
		&html_record (%tmp); 
		print qq|</TR>\n|;			 
	  } 
	  print qq| 
		</TABLE> 
		  <INPUT TYPE="SUBMIT" name="delete_records" VALUE="$submit_button">  
	    <INPUT TYPE="RESET" VALUE="$reset_button"> 
    </DIV> 
    </form> 
	  |; 

	  if ($db_next_hits) { print "<br>Pages: $db_next_hits"; } 

      &html_footer; 
      &html_page_bottom;  
    } 
}

May 9, 2000, 11:30 AM

JPDeni

Veteran / Moderator (8669 posts)

May 9, 2000, 11:30 AM

Post #6 of 17

Shortcut

Re: Can't delete records In reply to

Things look okay. Did you look at the source code for the delete form to make sure the hidden field was there and that your session id was okay?

------------------
JPD

May 9, 2000, 11:37 AM

David Meade

Novice (22 posts)

May 9, 2000, 11:37 AM

Post #7 of 17

Shortcut

Re: Can't delete records In reply to

The complete source to sub html_delete_form is above.

The only hidden fields I could find in it are:

Code:
<input type=hidden name="db" value="$db_setup"> 
<input type=hidden name="uid" value="$db_uid">

May 9, 2000, 12:22 PM

David Meade

Novice (22 posts)

May 9, 2000, 12:22 PM

Post #8 of 17

Shortcut

Re: Can't delete records In reply to

Another thought...

I'm using the 1 record per user MOD (option#4)

If the user that created the record has been deleted...would that cause an ADMIN to get the error mentioned above?

- Dave

May 9, 2000, 12:49 PM

JPDeni

Veteran / Moderator (8669 posts)

May 9, 2000, 12:49 PM

Post #9 of 17

Shortcut

Re: Can't delete records In reply to

I realize that you have the code there, but sometimes having the code does not mean it's actually on the page. That's why I need you to look at the source code of the page in order to find out if it's really there.

Go to the delete form and right-click on the browser page. Select "View Source" from the menu that comes up. Look for the beginning of the form and make sure the tags are there and correct. (I would do it myself, but I don't know where your database is and I don't know if you want to give me admin permission to your database.)

Whether or not the userid is in your database shouldn't make a difference with your userid.

------------------
JPD

May 9, 2000, 1:18 PM

David Meade

Novice (22 posts)

May 9, 2000, 1:18 PM

Post #10 of 17

Shortcut

Re: Can't delete records In reply to

I see, sorry.
Yes it is in the HTML source.

Quote:

Also, the file DavidMeade.95791324961106 does exist.
The content of this file apears to be a single ":" (no quotes)

Now, here's something interesting:
I went and created a new ADMIN user (which I was going to use to allow you to log in).

When signing up, the new user was required to create a record.

I then logged in as my self and gave that user ADMIN rights.

I then used that user to try and delete the recrds - I got the same error.

HOWEVER, the new ADMIN user was able to delete the record that it was required to create at sign up.

Does that help?

If you'd like to see the Database:

The database is at http://www.davidmeade.com

The link is a hidden one on the toolbar.

To go to the database, click on the blue toolbar on the left side of the page and hit ctrl-a to select all (so that you can see the hidden text)

Click on the link name "Test Link 1"

There is a user/password you can use with ADMIN rights JPD/JPD.

The records associated w/ this user has been deleted, but you can use this user to grant ADMIN rights to any you wish to make.

Thanks for all the help!

May 9, 2000, 2:15 PM

JPDeni

Veteran / Moderator (8669 posts)

May 9, 2000, 2:15 PM

Post #11 of 17

Shortcut

Re: Can't delete records In reply to

Very odd. I didn't have any trouble at all.

I logged on and deleted one of your test records. No problem.

Then I signed up for a new account with a different username. I was able to delete that record without any problem.

Then I signed up again for a new account. This time I left it there and logged back in with the JPD/JPD username/password. I deleted my test record without a problem.

I know that sometimes these problems are intermittent, which can be a real hard thing to figure out. I'm not sure what to say right now, though.

The only time the "invalid/expired user session" message comes up is when the script can't find the session file that matches the uid. (That's the only place in all of the scripts where that phrase is used.)

This is a real puzzlement. Maybe if I sleep on it tonight I can come up with something.

------------------
JPD

May 9, 2000, 2:32 PM

David Meade

Novice (22 posts)

May 9, 2000, 2:32 PM

Post #12 of 17

Shortcut

Re: Can't delete records In reply to

Really!?.....?......that is odd! :-)

I just tried again...and still get the same error.

I did notice however that in the auth directory...there are serveral files named "DavidMeade.x" (where x is a unique number for each file name)

However, there is no file relating to any users which you might have logged into.

Why would my session files be kept, and not yours?

Also these files each contain a single character - the colon. Is this to be expected?

Thanks again for the help, I really appriciate it.

- Dave

May 9, 2000, 3:20 PM

JPDeni

Veteran / Moderator (8669 posts)

May 9, 2000, 3:20 PM

Post #13 of 17

Shortcut

Re: Can't delete records In reply to

I agree. It certainly is odd.

I don't know any reason that my session files should have been deleted already, especially if yours are still there. Doesn't make any sense at all.

The session files are supposed to have the userid.x (long number) plus the "Remote Host." These are the lines in auth.pl that write to the file:

Code:
print AUTH "$uid: $ENV{'REMOTE_HOST'}\n";

I think it should be

Code:
print AUTH "$db_uid: $ENV{'REMOTE_HOST'}\n";

I don't know about the REMOTE_HOST thing. I did look this up on the web and got the following:

Quote:

REMOTE_HOST: This is the machine and domain name of the client browser used to access your CGI. For example, if I were to access one of your CGI programs, I would show up as "intergalact.com". Note that this is machine and domain only, and that this domain may be that of an ISP, rather than of an individual. There is currently no way to tell
what person (or account) accessed your CGI.

You might try changing it to $ENV{'REMOTE_ADDR'}, but I don't know if that would do you much better either. Hmmmm. I think there's something in the new TopTen/Counter mod about this if you're interested in pursuing it.

Anyway, the only thing I can think to do about your other problem is to sleep on it.

Have you made any changes to the auth.pl file?

------------------
JPD

May 10, 2000, 6:15 AM

David Meade

Novice (22 posts)

May 10, 2000, 6:15 AM

Post #14 of 17

Shortcut

Re: Can't delete records In reply to

man...this is crazy....

It's still not working, but I managed to delete a few records last night. I have no idea why it worked (for a moment).

It has since gone back to it's odd behavior of:

Quote:

Oops, there was a problem logging into the system: invalid/expired user session. Please try logging in again, or contact the system administrator.

It seems to me, that the User Session files are not being written correctly, as these files only have a ":" in them. According to the code there should be something resembling:
DavidMeade.#########:somewhere.com

Also, JPD, I did find some of your user files (my directory must not have refreshed
after all). They too only had a ":"

I checked the code that actually writes the file...and it seemed correct (to me - a novice).

If you'd like to see them, I have posted my database files to:
http://davidmeade.com/OtherDMs/troubleshoot/

Also - for the sake of completeness:
Last night, I went into my Firewall software and disabled all WWW privacy blocks (allows/disallows web sites to read "referrer" and "user agent" and "from" fields). Then I logged in. I was able to delete a few records. I was ecstatic as I thought I'd figured it out...but that wasn't the problem. It was mere coincidence that it worked that time. It almost immediately went back to it's odd behavior. Now (as usual) I can not delete users (despite any settings in my Firewall). Also, I could delete before (the firewall was never a problem). Also, I still can not delete from my office. (no relevant Firewall issues - I know this because I'm a network security Engineer and have good knowledge of the network).

There is one other change to my setup lately. I have recently set up a small home network. Now, my source address (at home) is NAT'd. My computer has an IP of 10.10.10.x and when I connect to things on the internet my router (between me and the cable modem) NATs this address w/ the routable IP my ISP gives me.

This shouldn't be a problem, as anything on the net will simply see my address as the one it's always been. Further my address is not NAT'd on the office network - where I get the same error. I REALLY don’t think this is relevant…but I thought I’d mention it just in case.

So, although I can't find it...it's looking more and more like I've somehow screwed the perl code somewhere.

I would be very willing to simply replace a few sub routines with fresh copies - do you think this would help? What all should I replace?

Thanks for all the help! Feel free to view the DBMAN files at:
http://davidmeade.com/OtherDMs/troubleshoot/

- Dave

May 10, 2000, 6:56 AM

JPDeni

Veteran / Moderator (8669 posts)

May 10, 2000, 6:56 AM

Post #15 of 17

Shortcut

Re: Can't delete records In reply to

The content of the session files is unimportant. There could be absolutely nothing in them and it wouldn't matter.

However, if you want to work on this, you can change the auth.pl file like I mentioned earlier. At least the session id would be written in if you change $uid to $db_uid. I just checked some session files for something I was working on with a server on my home computer. The session id isn't there, but the "Remote Host" is.

There is nothing harder to debug than an intermittent problem. (Sleeping on it didn't help. Smile

)

Do you notice any difference with the time of day or amount of traffic on your server? That's the only thing I can think of.

------------------
JPD

May 12, 2000, 8:18 AM

David Meade

Novice (22 posts)

May 12, 2000, 8:18 AM

Post #16 of 17

Shortcut

Re: Can't delete records In reply to

Well, I figured it out. Aparently when you use the every user must have one and only one record MOD - if the user is deleted, the record can not be deleted.

I went into the .db file a manually deleted the record.

Then I created a user (at which point the fictional user was forced to create a record)

Then I loged in as me (an ADMIN) and deleted that record. Then the user. No problem.

The I created a new user (at which point the fictional user was forced to create a record)

Then I loged in as me and deleted that that user. When I then went to delete his associated record I got the exact error as described above in this thread.

Not sure why this is so...but it is. Anyhow, thanks for all the time/thought put into this one. I guess I've got it nailed down...I just wont ever delete a user until the record is deleted.

Perhaps there is a MOD that (when the one-one user-record MOD is in place) when a user is deleted it will also (first) delete the record? This might not be all that difficult as the UserID is the dbkey. Does this sound logical/do-able ?

Thanks,
David

[This message has been edited by David Meade (edited May 12, 2000).]

May 12, 2000, 8:40 AM

JPDeni

Veteran / Moderator (8669 posts)

May 12, 2000, 8:40 AM

Post #17 of 17

Shortcut

Re: Can't delete records In reply to

That still doesn't make any sense to me. The only way that would happen is if the &auth_check_password subroutine was being executed during the delete routine. In my mod, the only extra time it is executed is when a record is added.

BTW, I think I did write a mod that deleted the associated record at the time the user was deleted from the .pass file by an admin. It is somewhere in the forum, probably during the past coupld of weeks, so it wouldn't be available from the search.

------------------
JPD