TIGHAR

I just experienced the same problem Ric was having yesterday.

I was working on a post in the Forum and came over to the News 'n' Views area to look for Tom King's article.

I noticed that Ric had imported text straight from Facebook--with Facebook typography.

I edited Ric's article and got rid of the font tags--but then couldn't save the text in the article.  Moreover, my buttons disappeared, too!

I'm going to guess that there is some hidden tag in the Facebook HTML that our editors can't handle gracefully.  Exiting from the back end, clearing my cache, and logging back in got me this far.  Clearing the cache worked for Ric yesterday, too.  The buttons came back.

<div id="post_data54093" class="post_data clearfix">
  <div class="post_body">
    <div class="post_message">Lest anyone think that there   ain't nobody in here but us TIGHARS:<br />
      Michael Dessner, the Director   of Operation at the Waitt Institute for Discovery, has been kind enough   to point out a couple of errors in my post which I hasten to correct.<br />
      <br />
      The   institute was formed in May 2005, not 2007. I also got the length of   the 2009 expedition wrong. It was the 2006 trip with Nauticos that was   38 days.  The 2009 voyage was a whopping 90 days with 72 days of survey   time during which they covered 2200 square miles with high-resolution   side scan sonar. An amazing achievement.<br />
      <br />
    </div>
  </div>
  <ul class="actionspro">
    <a href="http://www.facebook.com/?filter=app_2361831622#" class="actionspro_a" onclick="return run_with(this, ['report'],   function()   {report_content_dialog('http:\/\/www.facebook.com\/ajax\/report.php?type=8&cid=54093&rid=1241527478&cid2=237802912317&h=de8857e4f6');   return false;});">Report</a>
  </ul>
</div>

Well, it's only half a solution.  I've got the editor working in the back end; trying to edit from the front end is still sick.  The fix (I think) for this was to close Firefox entirely and restart--I had left an editor window open in the background from the front end.

Which is it? Did she crash and sink, or did she die as a castaway?
Nobody yet knows for sure, but which case is stronger?

New information on a new website may make it easier to decide. The website is called "Search for Amelia" and it presents the findings of the Waitt Institute for Discovery. Mr. Ted Waitt is an extraordinarily wealthy individual and a devotee of the Crashed & Sank theory of Earhart's disappearance advanced by author and long-time Earhart researcher Elgen Long in his 1999 book "Amelia Earhart - The Mystery Solved." In 2006, Waitt secretly funded a deep sea search for the Earhart Electra by the underwater technology company Nauticos. That search of the ocean floor near Howland Island was unsuccessful.

About that time, Waitt decided to start a motion picture production company called Avalon Pictures. It's one film so far is the 2009 Hollywood biopic "Amelia" starring Hilary Swank. (For my two-part review of the film see http://tighar.org/news/) 

In 2007, Waitt formed a nonprofit organization called the "Waitt Institute for Discovery" and in early 2009 mounted another strictly secret deep sea search for the Earhart plane using sophisticated Autonomous Underwater Vehicle (UAV) technology from the Woods Hole Oceanographic Institute. That 38-day search of the waters near Howland Island was also unsuccessful.

The Waitt Institute for Discovery has recently decided to go public with a website that presents the results of its multi-million dollar searches and the research upon which they were based. See http://searchforamelia.org/

We applaud the Waitt Institute's decision to follow TIGHAR's long-standing example and share its research. We'll take a close look at their work (as we hope they do ours) and offer them our observations. We'll share those observations with you here on the Facebook Earhart Project Group and on the TIGHAR website.

Is it likely that Amelia Earhart went down at sea as the Waitt Institute contends, or is the TIGHAR Institute's hypothesis that she ended her days on Nikumaroro the stronger possibility? Now that both sides have laid their cards on the table we can, at last, make a fair comparison.

If I edit an article from the front end with the editor in a confused state, I trash the article.

I confuse the editor by editing one of Ric's articles that he dumps in from Facebook.

What a mess!

I'm writing this in the back end with the editor apparently in working order.

From the front end, I get nothing but "undefined" from the sick instance of the editor.

From the back end, I get an OK preview.  We'll see if this saves OK.

I spent a few hours working with Ric today getting the TBD photo gallery uploaded and sorted out.

Here are the steps we need to take for our next adventure with PhocaGallery (PG):

• PG/Images/Multiple Upload: make all of the folders (directories) where we want to upload the pictures.
• Use FTP to upload the right pictures to the right folders.
• PG/Categories: Make new categories for each set of pictures in PhocaGallery; assign ownership and rights to Administrator.
• PG/Images/Multiple Upload: enter each folder, pick all the pictures, and assign them to the related PhocaGallery category.
• PG/Images: view all the newly assigned pictures in the category--this kicks off the thumbnail creation.  If we don't get all the thumbnails created for all of the images, then they don't display in the front end.  (This was tricky and we found a few oddities about PhocaGallery 2.6.1).
• Menus/Menu Manager: create a menu for the photo gallery; give the module a good name.
• Menus/[newly created menu]: add an item for each category; hide the title of the category.
• Components/Module Manager: Find the module associated with the new menu.  Publish it, choose a location for it, and assign it to the menu items that should cause it to appear (select the "none" radio button first to clear the default of appearing everywhere, the select the "Select" radio button; make selections by using CTRL-click on a PC and CMD-click on a Mac).
• Teach the captioner how to make captions (edit the image and put the caption in the "Description" field).

There are, I'm sure, other methods that could be used.  We haven't really read the PhocaGallery documentation to find out.  Reading documentation is so ... unmanly.

We can use also Cooliris effects and can display Picasa photo albums through PhocaGallery.

The Problem

I'm having some serious troubles with access to the back end of the site!

Not only do I have trouble logging in as administrator, but I can't stay logged in all the time.

I've stumbled into a workaround by playing with the suggestions in this post. I inserted a die() command with some information in administrator/components/com_login/admin.login.php.  When the login fails (as it always does) I get my error message.  Then I hit "back" on my browser and I am in the admin area--all logged in!

I got the "invalid token" message once.  It was a strange sequence and I'm not sure I can reproduce it at will.

if (!JError::isError($result)) {
// MXM: trying to solve admin login problem.
 echo 'Login failed that time. 
administrator/components/com_login/admin.login.php';
 echo '
';
 die('No joy.');
 $mainframe->redirect('index.php');
 }

I upgraded from 1.5.14 to 1.5.15 early on the morning of Saturday, 12 Dec 2009.

I don't know whether the problem is because of the upgrade or because of other changes we've made in httpd.conf to raise the security of the site.  I can't roll back those changes because they are necessary for certification.

This is not an entirely uncommon symptom, but it can have a lot of different causes.

Pasta faggiole!

It has something to do with session cookies, I think.  I get a cookie from the login routine, but then some cookie-checking part of the admin component gets the cookies mixed up.  It seems to trash the good cookie and replace it with one that doesn't measure up--and I get kicked back out to the login screen.

This used to happen with Joomla 1.

I may need to tweak something in php.ini--but I haven't figured out what.

Not all administrator functions cause me to be kicked out.  Just some.  Editing this article and saving or applying it causes me to lose my logged-in status.  Things that haven't worked:

• Turned on the Joomla authentication plugin.
• Used the new htaccess.txt as .htaccess.
• Set var $live_site = 'http://tighar.org/news'; in configuration.php.
• Used different browsers.
• Neat error message redirector.  It's a big help in picking up some clues that may eventually prove helpful.
• Cleared cookies from Firefox.
• Cleared sessions from database.
• Cleared caches from Joomla.
• Logged in as a different user on a different machine (from Windows Vista to Macintosh).
• Enabed the authentication module for jos_plugins (Authentication - Joomla published = 1).
• Enabled the Joomla user module (published = 1).
• Enabled jfusion system--that locked me out of being able to edit this article from the front end!
• Commented out JRequest::checkToken('request') or jexit( 'Invalid Token' );
• session.auto_start = 0 in php.ini
• Checked access control maps in the database.
• Played with session lifetime variable in configuration.
• Reset administrator passwords.  The new password worked, but it didn't solve the kickout problem.
• Updated JFusion; followed all upgrade steps.  Login checker is all green.
• Disabled the JFusion plugins.
• Turned off all SEF/SEO in the back end
• Changed .htaccess by uncommenting "RewriteBase" and setting it to /news
• Renamed .htaccess to htaccess
• Changed "Force SSL" from "Administrator only" to "none"--then got "Username and Password do not match"!
  That was frightening!
• Installed all 1.5.15 files again--from fresh download.
• Enabled legacy mode.
• Verified that session.save_path is 777.
• Played with session.save_path mode.
• Inserted ini_set('session.save_path',"/path/to/php/session"); into configuration.php
• Changed session handler from database to Apc to none and back to database.
• Made admin cache unwriteable.

It may be an SEF/SEO/rewrite problem.  The buttons that invariably cause the problem in the back end:

• Save
• Apply
• Close

The links from those buttons all have the same form:

https://tighar.org/news/administrator/index.php?option=com_config#

Which then throws me back here:

https://tighar.org/news/administrator/index.php

Speculation: I think that the site is trying up to update the timer in my admin session, fails to find it, then expels me from the back end.  Meanwhile, another part of the system sees me as still logged in!

Diagnostic information

Relevant components

• Community Builder
• JFusion

Diagnostic Information
Joomla! Version: Joomla! 1.5.15 Stable [ Wojmamni Ama Mamni ] 05-November-2009 04:00 GMT
configuration.php: Writable (Mode: 775 ) | RG_EMULATION: N/A
Architecture/Platform: Linux 2.6.24-19-xen ( x86_64) | Web Server: Apache/2.2.9 (Fedora) ( tighar.org ) | PHP Version: 5.2.9
PHP Requirements: register_globals: Disabled | magic_quotes_gpc: Disabled | safe_mode: Disabled | MySQL Support: Yes | XML Support: Yes | zlib Support: Yes
mbstring Support (1.5): Yes | iconv Support (1.5): Yes | save.session_path: Writable | Max.Execution Time: 30 seconds | File Uploads: Enabled
MySQL Version: ( )

Extended Information:
SEF: Enabled (with ReWrite) | FTP Layer: Disabled | htaccess: Implemented
PHP/suExec: User and Web Server accounts are not the same. (PHP/suExec probably not installed)
PHP Environment: API: apache2handler | MySQLi: Yes | Max. Memory: 64M | Max. Upload Size: 6M | Max. Post Size: 8M | Max. Input Time: 60 | Zend Version: 2.2.0
Disabled Functions:
MySQL Client: 5.0.77 ( )

Not tried:

• Change database collation.
• Change database engine (seems to be for migrations; this was a clean install of 1.5).

Weird, interesting variation:

• In php.ini, I set session.cookie_domain = '.tighar.org' and restarted httpd.  This helped with getting thrown out of the back end--I could then use the save, apply, and cancel buttons while I was logged in through my kludge.  But when I logged out, there were two new errors: the kludge no longer worked and I got a cURL error in the front end (500--internal server error).  This shows that cookie tracking may be THE problem.

Half a solution is better than none

I have improved my kludge.  This allows me to go straight into the administration area without first stopping at my failure page.  The fact that a session cookie is issued and that this stupid thing works suggests that SEF/SEO may be at least part of the problem.

if (!JError::isError($result)) {
// added next line
$mainframe->redirect();
// MXM: The original kludge--trying to solve admin login problem.
echo 'Login failed that time. 
administrator/components/com_login/admin.login.php';
echo '
';
die('
There is no joy in Mudville...');
$mainframe->redirect('index.php');

It is not that my credentials are rejected

I turned on logging, tried a fake username and password, and got this message in the logs: "FAILURE: User does not exist."  But no errors are logged for the times that I use my correct credentials.  I am validated and have an active session even though the $result says that there has been an error in the login.

The Silver Bullet?

In Site/Global Configuration, I changed "Force SSL" from "Administrator only" to "whole site."  I was able Save, Apply, and Cancel in the back end.  But it didn't last! After going to another site to report success, I came back to return my admin module to its original form.  Before I could do so, I found out that THE BUG WAS BACK!

Somewhat tarnished!

• The html function doesn't work in TinyMCE!  Drat. It's broken both in the front end and in the back end.
• Joomla's time is waaaaaaaaaaaaaay off.  The error log for when I tried "Force SSL" seems to be operating on GMC, even though I have -5:00 set in the Global Configuration:

2009-12-14    01:53:42    -    138.92.15.142     FAILURE:     Invalid password
2009-12-14    01:54:40    -    138.92.15.142     FAILURE:     Invalid password

• I couldn't stay logged in in the front end!
• Started generating nag messages about sending insecure information to the website.

Gerry-rigging the JURI

Hacking a core component seems to be what I needed.  I'm editing this from the back end.  I've logged in and out.  The HTML button works in the editor.  So far, so good!

Links

• "Cannot login to Joomla backend as admin"

• "Admin Loop, cannot login."

• The great core hack.

Billable Hours

In the neighborhood of 20 hours from Saturday AM to Monday AM.  I didn't keep a strict log.  At my hourly rate of $0.00 per hour, it doesn't much matter.  But it was a long slog!

The test worked.

The video is now available on http://tighar.org.

Changes Made in Fall of 2009

Sometimes you can edit the URL by hand to get what you're looking for.

• Add /Research to reach Earhart Bulletins.

http://tighar.org/Projects/Earhart/Research/Bulletins/54_HistoryDetectives/  54_HDreport.html

Some of the Research Bulletins have been filed in a separate folder under a new filename.

Original URL: http://tighar.org/Projects/Earhart/Bulletins/52_ElectraRadios/52_ElectraRadios.htm

That page is now here:

http://tighar.org/Projects/Earhart/Research/ResearchPapers/ElectraRadios/ElectraRadios.htm

So if adding /Research/ does not work, go to the site map for the main website and search for a specific part of the URL (in this case, "ElectraRadios.htm").

• Add /Projects/Earhart to construct usable links to the old forum archive or Forum Highlights.

http://www.tighar.org/Projects/Earhart/forum/Highlights61_80/highlights79.html

• Add /Expeditions/NikuIIII to reach Earhart expedition pages.

http://www.tighar.org/Projects/Earhart/Expeditions/NikuIIII/NikuIIIIsumm.html

• Add /MapsandPhotos to get at maps and photos.

http://tighar.org/Projects/Earhart/MapsandPhotos/Photo_Gallery/photolist.html

• Add /TTracks to find a particular issue of TIGHAR Tracks.

http://tighar.org/TTracks/1985Vol_1/0101.pdf

Changes Made in Spring of 2011

Add "Archives/" after "../Projects/Earhart/"

../Projects/Earhart/Archives/Books
../Projects/Earhart/Archives/Documents
../Projects/Earhart/Archives/Expeditions
../Projects/Earhart/Archives/Forum
../Projects/Earhart/Archives/Help
../Projects/Earhart/Archives/MapsandPhotos
../Projects/Earhart/Archives/Research
../Projects/Earhart/Archives/Tinian

Change capitalization:

../Projects/Earhart/forum -->
../Projects/Earhart/Archives/Forum

../Projects/Earhart/help -->
../Projects/Earhart/Archives/Help

Change root folder:

../Projects/Earhart/Books/Books/FindingAmeliaNotes -->
../Publications/Books/FindingAmeliaNotes

 

1. Components / Banners / Clients / New: Company name and contact e-mail address.
2. Site / Media Manager / Upload: put 200-pixel logo in the Banners folder.
3. Components / Banners / Banners / New: Name the banner, select client, select image.  Default settings for other parameters are likely to be right for us.
4. Extensions / Module Manager: find and click on banners module.  Add one to the count.  Save.  Then select "right" position and put the module back where it was on the list (third, I think).

 

For quick work on some javascript--2009-09-06.

The Google search gadget is contained in a div in a custom HTML module (named Google Search in our setup).

It seems that the gadget itself sets a white background, so I made the background of the div white and used a 1-pixel solid border around it to match the input boxes for the login.