"Access denied for user" on MariaDB 10 on Synology NAS

[totoro]

There seems to be this:

2021-08-08T22:13:33+03:00 storage [Sun Aug 08 22:13:33 2021] [error] [client 10.1.1.105] FastCGI: server "/vhost-php-0bceb648-3fd3-47e4-a984-6f0cbbde4ed8" stderr: PHP message: PHP Parse error: syntax error, unexpected ':', expecting '{' in /volume1/web/film_db/core/nucommon.php on line 1976, referer:

The line it refers to appears to be this one:

Code: Select all

function nuStringContains($needle, $haystack): bool {

Perhaps I should try changing PHP to 7, although it have always worked with 5.6 or something.

[totoro]

Well, what do you know, I've changed to PHP 7.3 and succeeded in logging in as the admin!

Now, a new problem: although another user (with restricted permissions) is shown as defined in the Users table, I get "Invalid login" when trying to login as one. I even changed its password from the admin, to no effect. Where should I look to determine the cause of this?

[kev1n]

The line it refers to appears to be this one:

Code: Select all

function nuStringContains($needle, $haystack): bool {

Return type declarations are only supported as of PHP 7.0. By removing ": bool" the error should be gone. But it's better to use a more up to date version.

If you create just another additional user, will the login fail too?

[totoro]

Yes, it also fails.

[kev1n]

Can you verify that the user record exists in the table zzzzsys_user?
If you set test as password, its MD5 hash is 098f6bcd4621d373cade4e832627b4f6 in the column sus_login_password.

[totoro]

Yes, it is indeed present in that table with that hash. But still says "Invalid login".

[kev1n]

Are you using nginx? There coud be a configuration issue.
See https://laracasts.com/discuss/channels/ ... ot-working or google for similar pages.

[totoro]

No, I'm using Apache HTTP Server 2.2.

[kev1n]

To narrow down the issue I'd add some nuLog() calls that helps you debug and inspect variables/values.

E.g by replacing the function nuCheckUserLoginRequest() in nuprocesslogins.php, the username + password are logged in a nulog.txt file in nubuilder's root directory.

Code: Select all

//Check for Standlone User login
function nuCheckUserLoginRequest() {

	$sql = "
				SELECT IF (sus_expires_on < CURDATE() AND NOT sus_expires_on IS NULL, 1, 0) AS expired, 
				zzzzsys_user_id AS user_id, sus_login_name AS login_name, sus_name AS user_name
				FROM zzzzsys_user JOIN zzzzsys_access ON zzzzsys_access_id = sus_zzzzsys_access_id 
				WHERE sus_login_name = ? AND sus_login_password = ?
			";

	$rs = nuRunQuery($sql, array(
		$_POST['nuSTATE']['username'],
		md5($_POST['nuSTATE']['password'])
	));

	nuLog('nuCheckUserLoginRequest: username '. $_POST['nuSTATE']['username']);
	nuLog('nuCheckUserLoginRequest: password '. $_POST['nuSTATE']['password']);
	
	$oneRow = db_num_rows($rs) == 1;

	if ($oneRow) {
		$r = db_fetch_object($rs);
		$result = $r->expired == "1" ? "-1" : "1";
	} else {
		$result = "0";
	}

	return array('result' => $result, 'user_id' => ($oneRow ? $r->user_id : ''), 'login_name' => ($oneRow ? $r->login_name : ''), 'user_name' => ($oneRow ? $r->user_name : ''));

}

[totoro]

Well, here what the log says:

2021-08-09 08:56:12 - nuCheckUserLoginRequest: username test - -
2021-08-09 08:56:12 - nuCheckUserLoginRequest: password test - -

Looks like both username and password are correct.

By the way, the log actually appeared in the same "core" subdirectory with the name "..\nulog.txt"