So the way that Geeklog works is since the user does not have access to the topic the article is in, then they loose access to the article.
When they visit the topic they get a 404 error (Note: this is correct as you do not want to leak the url of private topics)
When they visit the article directly they get an access denied message: (Note this should probably return a 404 error)
Access Denied
You do not have access to view this article. This could be because you aren't a member of Geeklog. Please [become a member] to receive access.
Anyways the error probably deals with the comment edit form having problems dealing with the topic and article permissions. It should not error out but return a 404 error page since the user doesn't have access.
Found a number of errors in the error log from bots:
First Error
E_WARNING(2) - Undefined array key "HTTP_HOST" @ /usr/home/geeklog/geeklog/system/classes/url.class.php line 365Corresponding record from the web log looks like this (minus the IP address)
ip_address_here - - [30/Dec/2022:16:14:47 -0500] "GET / HTTP/1.0" 500 6073 "-" "'Cloud mapping experiment. Contact research@pdrlabs.net'"So something with this has created an issue in the url class that needs to be fixed.
Second Error
E_SYNTAX(0) - stripslashes(): Argument #1 ($string) must be of type string, array given @ /usr/home/geeklog/geeklog/system/lib-comment.php line 149Corresponding record from the web log looks like this (minus the IP address)
ip_address_here - - [07/Jan/2023:01:10:50 -0500] "GET /comment.php?sid=summer-of-code-2009-ends&pid=0&type=article HTTP/1.1" 301 603 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"This link is to show the comment post page. It doesn't happen with Admin users but with anonymous users. It looks like it deals with permissions.
Link that generates the error
https://www.geeklog.net/comment.php?sid=summer-of-code-2009-ends&pid=0&type=article
Anonymous users permissions have access to the article:
https://www.geeklog.net/article.php/summer-of-code-2009-ends
but not the Topic:
https://www.geeklog.net/index.php/topic/GSoC
So the way that Geeklog works is since the user does not have access to the topic the article is in, then they loose access to the article.
When they visit the topic they get a 404 error (Note: this is correct as you do not want to leak the url of private topics)
When they visit the article directly they get an access denied message: (Note this should probably return a 404 error)
Access Denied
You do not have access to view this article. This could be because you aren't a member of Geeklog. Please [become a member] to receive access.
Anyways the error probably deals with the comment edit form having problems dealing with the topic and article permissions. It should not error out but return a 404 error page since the user doesn't have access.