Access Level problem

This topic is locked

Access Level problem	3/13/2007 12:03:49 PM
PHPRunner General questions
D drh author Hi forum. I have a application written in PHPR 3.0 which has been live for several months. We decided to retire the webserver it was running on in favor of a faster server. I migrated my application and mysql database over to the new server. Now when I access the application, I get the following "Notice" on every page of the application: Notice: Undefined index: AccessLevel in /var/www/vhosts/mydomain.com/httpsdocs/phprunner/include/mos_pcmacct_functions.php on line 1136 Has anyone seen this error? I have searched the forum, to no avail. The OS is the same as on the old server Linux CentOS 4.3. Mysql was 3.23 and is now 4.1. Old server running php-4.3.2 new server is php-4.3.9. Those are the only differences. Any help would be greatly appreciated. Thanks, Dave

Mark as Solved Mark as not solved

7 replies


	Sergey Kornilov admin 3/13/2007
	What is the line 1136 in mos_pcmacct_functions.php file?


D	drh author 3/14/2007
	Sorry about that admin. I know better. Here is a snippet of the code. Line 1136 is below in red. function CheckSecurity($strValue, $strAction) { global $cAdvSecurityMethod;^M ==ACCESS_LEVEL_ADMIN) <--- Line 1136 return true; if(($cAdvSecurityMethod == ADVSECURITY_EDIT_OWN \|\| $cAdvSecurityMethod == ADVSECURITY_VIEW_OWN) && ( $strAction=="Edit" \|\| $strAction=="Delete") && !((string)$_SESSION["OwnerID"]===(string)$strValue)) return false; // check user group permissions $strPerm = GetUserPermissions(); if($strAction=="Add" && !(strpos($strPerm, "A")===false) \|\| $strAction=="Edit" && !(strpos($strPerm, "E")===false) \|\| $strAction=="Delete" && !(strpos($strPerm, "D")===false) \|\| $strAction=="Search" && !(strpos($strPerm, "S")===false) \|\| $strAction=="Export" && !(strpos($strPerm, "P")===false) ) return true; else return false; Thanks, Dave


D	Dale 3/14/2007
	Just a quick thought. Does the ^M have any meaning. If you remove it does the error go away> global $cAdvSecurityMethod;^M ==ACCESS_LEVEL_ADMIN) <--- Line 1136 return true;


D	drh author 3/14/2007
	Hey thanks Dale. I have had that problem before when copying a line of code out of a windows application into an application on a linux box. Of course the ^M is a hard carriage return and is displayed when I use vi as my editor in linux. that is why it shows up in the code snippet. I did however remove it. Still no luck. Thanks again, it was definitely worth a shot. Dave


	Sergey Kornilov admin 3/14/2007
	According to what I found error reporting level needs to be ajusted in order to skip this warning: A couple of links that can help: http://www.webmasterworld.com/forum88/10200.htm http://www.sixapart.com/movabletype/kb/dyn...e_undefine.html


	Alexey admin 3/15/2007
	Dave, add this line in the beginning of include\dbcommon.php file: error_reporting(E_ALL ^ E_NOTICE); Put it just after <?php line. Please let me know if this helps.


D	drh author 3/16/2007
	Hi forum, Thanks Sergey and Alexey. I actually read the links Sergey pointed me to and edited my /etc/php.ini accordingly. I looked for this line in the file: error_reporting = E_ALL and changed it to: error_reporting = E_ALL & ~E_NOTICE This changes php globally, so depending on what you need, maybe Alexey's advice would be better. I haven't tried Alexey's suggestion, but I don't see why it would not work. My only concern is security. Obviously the code has a purpose. I just don't know what it does exactly. In my case, apparently nothing. I have set up my application so that users can see and edit only what they have entered. The admininistrator can view and edit all records. The security is still working as expected. Thanks, Dave

7 replies

Mark as Solved Reply