Registration fail - Githubissues

diasdmhub commented 11 months ago

Environment: Fedora 39

I was trying to install Wallos on baremetal, but the initial registration fails.

Dependencies installed:

dnf install nginx \
    php \
    php-curl \
    php-gd \
    php-imagick \
    php-openssl \
    php-pdo

Cloned this repository to /var/www/html/ and adjusted the crontab to /var/www/html/Wallos/endpoints/cronjobs/.
Set the default Nginx root to /var/www/html/Wallos/ and restarted it.

The registration page opens, but whatever value I entre in the form fails.

Can you help me with this?

ellite commented 11 months ago

Hi, have you checked if www-data has write permissions to /var/www/html/Wallos/db ?

You can look into the startup.sh on the root folder lines 17 to 23 on how the docker image sets the permissions.

diasdmhub commented 10 months ago

I've copied the commands from the startup.sh script.

chmod -R 755 /var/www/html/Wallos/db/
chown -R nginx:nginx /var/www/html/Wallos/db/
chmod -R 755 /var/www/html/Wallos/images/uploads/logos
chown -R nginx:nginx /var/www/html/Wallos/images/uploads/logos

With that, the Wallos DB has write permission.

# ls -lah /var/www/html/Wallos/db/wallos.db
-rwxr-xr-x 1 nginx nginx 56K Nov 12 20:14 /var/www/html/Wallos/db/wallos.db

But the issue remains.

ellite commented 10 months ago

I'm sorry. I couldn't replicate it yet. Permissions is the only thing that makes sense to me. Do you still have the issue?

diasdmhub commented 10 months ago

Checking PHP logs, I found this error

# tail /var/log/php-fpm/www-error.log
[15-Nov-2023 23:29:29 UTC] PHP Warning:  SQLite3Stmt::execute(): Unable to execute statement: attempt to write a readonly database in /var/www/html/Wallos/registration.php on line 44

Even when I give full write access to the file, the error persists.

# chmod 777 /var/www/html/Wallos/db/wallos.db
# ll /var/www/html/Wallos/db/wallos.db
-rwxrwxrwx 1 nginx nginx 56K Nov 12 20:14 /var/www/html/Wallos/db/wallos.db

The registration.php file excerpt.

(...)
$passwordMismatch = false;
$registrationFailed = false;
if (isset($_POST['username'])) {
    $username = $_POST['username'];
    $email = $_POST['email'];
    $password = $_POST['password'];
    $confirm_password = $_POST['confirm_password'];
    $main_currency = $_POST['main_currency'];
    $avatar = "0";

    if ($password != $confirm_password) {
        $passwordMismatch = true;
    } else {
        $query = "INSERT INTO user (username, email, password, main_currency, avatar) VALUES (:username, :email, :password, :main_currency, :avatar)";
        $stmt = $db->prepare($query);
        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
        $stmt->bindValue(':username', $username, SQLITE3_TEXT);
        $stmt->bindValue(':email', $email, SQLITE3_TEXT);
        $stmt->bindValue(':password', $hashedPassword, SQLITE3_TEXT);
        $stmt->bindValue(':main_currency', $main_currency, SQLITE3_TEXT);
        $stmt->bindValue(':avatar', $avatar, SQLITE3_TEXT);
        $result = $stmt->execute();

        if ($result) {
            $deleteQuery = "DELETE FROM household";
            $stmtDelete = $db->prepare($deleteQuery);
            $stmtDelete->execute();

            $deleteQuery = "DELETE FROM subscriptions";
            $stmtDelete = $db->prepare($deleteQuery);
            $stmtDelete->execute();

            $deleteQuery = "DELETE FROM fixer";
            $stmtDelete = $db->prepare($deleteQuery);
            $stmtDelete->execute();

            $query = "INSERT INTO household (name) VALUES (:name)";
            $stmt = $db->prepare($query);
            $stmt->bindValue(':name', $username, SQLITE3_TEXT);
            $stmt->execute();
            $db->close();
            header("Location: login.php");
            exit();
        } else {
           $registrationFailed = true;
        }
    }
}
(...)

I'm not sure why, but the cloned database is read-only.

sqlite> .databases
main: /var/www/html/Wallos/db/wallos.db r/o

So, I deleted the wallos.db and executed the createdatabase.php script. But it shoots me an error on line 9.

[root@wallos Wallos]# php /var/www/html/Wallos/endpoints/cronjobs/createdatabase.php
Database does not exist. Creating it...
PHP Fatal error:  Uncaught Exception: Unable to open database: unable to open database file in /var/www/html/Wallos/endpoints/cronjobs/createdatabase.php:9
Stack trace:
#0 /var/www/html/Wallos/endpoints/cronjobs/createdatabase.php(9): SQLite3->__construct()
#1 {main}
  thrown in /var/www/html/Wallos/endpoints/cronjobs/createdatabase.php on line 9

<?php
require_once 'conf.php';
$databaseFile = $webPath . 'db/wallos.db';
if (!file_exists($databaseFile)) {
    echo "Database does not exist. Creating it...\n";
    $db = new SQLite3($databaseFile, SQLITE3_OPEN_CREATE | SQLITE3_OPEN_READWRITE);
    $db->busyTimeout(5000);
(...)

devzwf commented 10 months ago

can you tell me which user run "php-fpm" ? ps -auxww | php-fpm i dont think it is nginx ..... but www-data

so the whole /var/www/html/Wallos should be owned by www-data give me the result of
ls -al /var/www/html/Wallos please Let me know

diasdmhub commented 9 months ago

@devzwf, did you mean ps -auxww | grep php-fpm?

$ ps -auxww | grep php-fpm
root        1460  0.0  1.5 441060 33152 ?        Ss   17:46   0:00 php-fpm: master process (/etc/php-fpm.conf)
apache      1470  0.0  1.0 441604 22180 ?        S    17:46   0:00 php-fpm: pool www
apache      1471  0.0  0.9 441604 19620 ?        S    17:46   0:00 php-fpm: pool www
apache      1472  0.0  1.0 441448 22052 ?        S    17:46   0:00 php-fpm: pool www
apache      1473  0.0  1.0 441448 21668 ?        S    17:46   0:00 php-fpm: pool www
apache      1474  0.0  1.0 441448 21796 ?        S    17:46   0:00 php-fpm: pool www

It seems there's an apache user for PHP after all. I've set the ownership of the Wallos directory to it and now I can log in.

$ sudo chown -R apache:apache Wallos/

Thank you.

devzwf commented 9 months ago

good stuff thanks for the update

ellite / Wallos

Registration fail #35