E-401 although password is correct

[rxdn]

I've triple checked my password and I'm still getting E-401. Here's my ShareX config:

And here's my config.php:

//   _
//  (_)    A self-hosted ShareX image serving solution.
//   _ _ __ ___   __ _  __ _  ___  ___  ___ _ ____   _____
//  | | '_ ` _ \ / _` |/ _` |/ _ \/ __|/ _ \ '__\ \ / / _ \
//  | | | | | | | (_| | (_| |  __/\__ \  __/ |   \ V /  __/
//  |_|_| |_| |_|\__,_|\__, |\___||___/\___|_|    \_/ \___|
//                      __/ |
//                     |___/   created by github.com/aerouk

/* More information on all these values can be found on the wiki page. */
/* https://github.com/aerouk/imageserve/wiki/Configuration */

define('RAW_IMAGE', false);
define('RAW_IMAGE_LINK', false);
define('IMAGE_EXTENSION', false);

define('TWITTER_CARDS', false);

// If you're using this, make sure to put a forward slash before.
// E.g. "/imageserve" not "imageserve"
define('IMAGESERVE_DIR', '/');
define('TWITTER_HANDLE', '');

define('APP_NAME', 'RYXN');
define('PASSKEY', "<REDACTED>");```

Any ideas?

[aerouk]

Is the traffic being proxied through a service such as Cloudflare? It might be messing with the parameters you're passing, although unlikely.

Try with a simple lowercase-only password and see if it has the same effect.

Get back to me with your findings and I'll sort a fix if I can.

[TUiZHD]

I seem to running into the same issue as @Dot-Rar , settings are the same i'm not proxying through Cloudfare or similar service. Not sure what the issue is.

[rxdn]

Not using cloudflare. I ended up writing my own script lol, works fine

[BigBrainAFK]

I just know that some special characters dont work. I then changed to a normal alphanumeric password with underscores and it worked for me ever since.

[aerouk]

May know the cause of this, I'll look at it soon.

On 20 Aug 2017, at 11:26 am, BigBrainAFK notifications@github.com wrote:

I just know that some special characters dont work. I then changed to a normal alphanumeric password with underscores and it worked for me ever since.

― You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[aerouk]

@BigBrainAFK Trying to get back on to fixing this. Any idea which special characters did not work in a password?

[BigBrainAFK]

I had _-/%?! in the password not sure which one exactly since i just went with an alphanumeric one after this didnt work

EDIT: might help if @Dot-Rar can somehow share his pw by changing it to smth new cause then we might have a clue what it could be. Or at least that he compares if he go those in there.

[Wist9063]

Did this get fixed yet?

[can1357]

Replace the password check in upload.php with

if ( ! isset($_POST['password']) || $_POST['password'] !== PASSKEY) {
    if ( ! isset($_GET['password']) || $_GET['password'] !== PASSKEY) {
        die('error,e-401');
    }
}

This is a bug on ShareX's side where it sends the parameters appended to the URL instead for some reason.

[aerouk]

This is a possible security issue so I will look into this tomorrow. Thanks for pointing it out.

On Thu, 10 Oct 2019, 01:17 Can Bölük, notifications@github.com wrote:

Replace the password check in upload.php with if ( ! isset($_POST['password']) || $_POST['password'] !== PASSKEY) { if ( ! isset($_GET['password']) || $_GET['password'] !== PASSKEY) { die('error,e-401'); } }

This is a bug on ShareX's side where it sends the parameters appended to the URL instead for some reason.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/aerouk/imageserve/issues/36?email_source=notifications&email_token=AAR7LZJO6DOML36XQ2KY7LDQNZYCZA5CNFSM4DTJMU42YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAZ337Q#issuecomment-540261886, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAR7LZMDZ5C45YSM6B5HHQ3QNZYCZANCNFSM4DTJMU4Q .

[can1357]

I'm on ShareX 13.0.1, which is the latest fyi.

[lerndmina]

Just a quick note, I have the same issue as those above. Mine's a little more complex. I have 2 websites hosted in different places, one of them works when I try the uploader, the other one gives me the 401 error even when the password is correct. I'm trying to identify what's different between these two locations so I can provide more information.

[BigBrainAFK]

@lerndmina personally have switched away from this imagehost solution to https://github.com/WeebDev/chibisafe around 2 years ago and had less problems since. This project looks abandoned to me with the last commit on master being almost 4 years old.

[aerouk]

It's weird there are issues with this since I use an essentially unmodified version of the code on my own server.

I hadn't planned to provide additional support since the issues are usually a fault of user setups but I'll have a look at this again when I have time. If there is an issue, it should be trivial to fix because the password handling is very basic. (probably too basic, but here we are)

[mobbdeep]

Seeing as this issue still isn't resolved and sometimes throws JSON errors most likely due to using PHP 8, I went ahead and switched to this simple PHP ShareX uploader script https://github.com/Inteliboi/ShareX-Custom-Upload which supports PHP 8 and works great.

[lerndmina]

Hey. I know it's been a while. I eventually solved this issue. I can't remember how (though I could probably dig up my code changes if needed) I have now moved to Zipline as it does file, image, text uploads and url shortening.

Here's a link for anyone if you're interested https://github.com/diced/zipline