search

nilsteampassnet / TeamPass

Collaborative Passwords Manager
https://www.teampass.net
1.65k stars 537 forks source link

TeamPass v2.1.27.11 - Page error and upgrade failures (database corruption?) #2943

Open sticks221 opened 3 years ago

sticks221 commented 3 years ago

Steps to reproduce

  1. Login as admin
  2. Click the utilities tab
  3. Click the Database Icon
  4. Click "Item being edited"

Expected behaviour

A list of currently locked items should be displayed with the option to clear the locks (the option "Exclusive editing lock expires after XX minutes" doesn't retain the value, despite showing a green tick and always reverts back to 0)

Actual behaviour

Error message appears "DataTables warning: table id=t_items_edited - Invalid JSON response. For more information about this error, please see http://datatables.net/tn/1"

I fear that we may have some database corruption/inconsistency as we are also seeing a number of other issues;

Server configuration

Operating system: Linux rxytp01 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 00:07:12 UTC 2016 x86_64

Web server: Apache/2.4.18 (Ubuntu)

Database: 5.7.33-0ubuntu0.16.04.1

PHP version: 7.0.33-0ubuntu0.16.04.16

Teampass version: 2.1.27.11

Teampass configuration file:

'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '0',
'log_connections' => '1',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '0',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => '/var/www/html/teampass',
'cpassman_url' => 'https://<anonym_url>
'favicon' => 'https://<anonym_url>/favicon.ico',
'path_to_upload_folder' => '/var/www/html/teampass/upload',
'url_to_upload_folder' => 'https://<anonym_url>/upload',
'path_to_files_folder' => '/var/www/html/teampass/files',
'url_to_files_folder' => 'https://<anonym_url>/files',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '0',
'encryptClientServer' => '1',
'cpassman_version' => '2.1.27',
'ldap_mode' => '1',
'ldap_type' => 'windows',
'ldap_suffix' => '@*****',
'ldap_domain_dn' => 'dc=*****,dc=uk',
'ldap_domain_controler' => '*****',
'ldap_user_attribute' => '0',
'ldap_ssl' => '0',
'ldap_tls' => '0',
'ldap_elusers' => '0',
'ldap_search_base' => '0',
'ldap_port' => '389',
'richtext' => '0',
'allow_print' => '0',
'roles_allowed_to_print' => '6',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '1',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '0',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '0',
'custom_logo' => '',
'custom_login_text' => '',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
'send_stats_time' => '1518013659',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => '*****',
'email_smtp_auth' => '',
'email_auth_username' => '',
'email_auth_pwd' => '',
'email_port' => '25',
'email_security' => '',
'email_server_url' => '',
'email_from' => '*****',
'email_from_name' => 'TeamPass Server',
'pwd_maximum_length' => '40',
'google_authentication' => '0',
'delay_item_edition' => '0',
'allow_import' => '0',
'proxy_ip' => '*****',
'proxy_port' => '3128',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'TeamPass for ChangeMe',
'api' => '0',
'subfolder_rights_as_parent' => '1',
'show_only_accessible_folders' => '1',
'enable_suggestion' => '1',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '15',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => '0',
'bck_script_path' => '/var/www/html/teampass/backups',
'bck_script_filename' => 'bck_teampass',
'syslog_enable' => '1',
'syslog_host' => '*****',
'syslog_port' => '514',
'manager_move_item' => '0',
'create_item_without_password' => '0',
'otv_is_enabled' => '0',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '0',
'saltkey_ante_2127' => 'none',
'migration_to_2127' => 'done',
'files_with_defuse' => 'done',
'timezone' => 'UTC',
'enable_attachment_encryption' => '1',
'personal_saltkey_security_level' => '50',
'ldap_new_user_is_administrated_by' => '6',
'disable_show_forgot_pwd_link' => '0',
'offline_key_level' => '60',
'enable_http_request_login' => '0',
'ldap_and_local_authentication' => '0',
'ldap_allowed_usergroup' => 'UG_ICT_TeamPass',
'ldap_new_user_role' => '',
'copy_to_clipboard_small_icons' => '1',
'settings_offline_mode' => '1',
'enable_massive_move_delete' => '0',
'tree_counters' => '0',
'teampass_version' => '2.1.27',
);

Updated from an older Teampass or fresh install: I honestly cannot remember, I think it was upgraded but several years ago.

Client configuration

Browser: Chrome - 91.0.4472.124

Operating system: Windows - 64bits

Logs

Web server error log

Undefined index: path - /var/www/html/teampass/sources/main.queries.php (1270)

Teampass 10 last system errors

 * 05/01/2021 13:04:17 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 22/12/2020 07:12:53 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 04/12/2020 14:35:28 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 25/11/2020 08:07:34 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 24/11/2020 10:24:22 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 24/11/2020 10:02:44 - Query: SELECT folder_id, type
                FROM teampass_roles_values
                WHERE role_id IN ()
                ORDER BY folder_id ASC<br />Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
                ORDER BY folder_id ASC' at line 3<br />@ /sources/users.queries.php
 * 19/08/2019 13:44:58 - Query: UPDATE `teampass_users` SET `login`='Cameron.*****.adm', `name`='Cameron', `lastname`='*****', `email`='*****', `disabled`=0, `isAdministratedByRole`='3', `groupes_interdits`='0', `groupes_visibles`='0', `fonction_id`='3' WHERE id = 10000036<br />Error: Duplicate entry 'Cameron.*****.adm' for key 'login'<br />@ /sources/users.queries.php
 * 19/08/2019 13:42:15 - Query: UPDATE `teampass_users` SET `login`='Cameron.*****.adm', `name`='Cameron', `lastname`='*****', `email`='*****', `disabled`=0, `isAdministratedByRole`='3', `groupes_interdits`='0', `groupes_visibles`='0', `fonction_id`='3' WHERE id = 10000036<br />Error: Duplicate entry 'Cameron.*****.adm' for key 'login'<br />@ /sources/users.queries.php
 * 19/08/2019 13:38:25 - Query: UPDATE `teampass_users` SET `login`='Cameron.*****.adm', `name`='Cameron', `lastname`='*****', `email`='*****', `disabled`=0, `isAdministratedByRole`='3', `groupes_interdits`='0', `groupes_visibles`='0', `fonction_id`='3' WHERE id = 10000036<br />Error: Duplicate entry 'Cameron.*****.adm' for key 'login'<br />@ /sources/users.queries.php
 * 18/05/2018 09:17:44 - Query: INSERT INTO `teampass_log_items` (`id_item`,`date`,`id_user`,`action`) VALUES ('', 1526631464, '10000000', 'at_password_copied')<br />Error: Incorrect integer value: '' for column 'id_item' at row 1<br />@ /sources/items.logs.php

Log from the web-browser developer console (CTRL + SHIFT + i)

{"iTotalRecords": 168, "iTotalDisplayRecords": 168, "aaData": [ ["<span onClick=\"killEntry('items_edited', 1309)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12472h 23m", "Chris Merrell [chris..adm]", "Ethelbert1.EOBS"], ["<span onClick=\"killEntry('items_edited', 1310)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12472h 22m", "Chris Merrell [chris..adm]", "Ethelbert2.EOBS"], ["<span onClick=\"killEntry('items_edited', 254)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12448h 27m", "Gary ** [gary..admin]", "Avocent Merge Point 2035 (KVM) - ERC"], ["<span onClick=\"killEntry('items_edited', 1314)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12333h 12m", "James [james..adm]", "Bluebell1.eobs"], ["<span onClick=\"killEntry('items_edited', 1315)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12333h 10m", "James ** [james..adm]", "Bluebell2.EOBS"], ["<span onClick=\"killEntry('items_edited', 1328)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12187h 10m", "Shawn O&#39; [shawn.o.adm]", " EPMA Service Account "], ["<span onClick=\"killEntry('items_edited', 1329)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12187h 9m", "Shawn O&#39; [shawn.o.adm]", "EPMA IIS Live Service Account"], ["<span onClick=\"killEntry('items_edited', 1330)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12187h 7m", "Shawn O&#39; [shawn.o.adm]", "EPMA Training IIS Service Account"], ["<span onClick=\"killEntry('items_edited', 57)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12119h 12m", "Gary [gary..admin]", "VMware Template Local Administrator Passwords"], ["<span onClick=\"killEntry('items_edited', 1065)\" style=\"cursor:pointer; font-size:16px;\" /><i class=\"fa fa-trash mi-red\">", "12091h 45m", "Dean [dean..adm]", "Albion Place Net2 Paxton"]] }

Insert the log here and especially the answer of the query that failed. 05/01/2021 13:04:17 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php 22/12/2020 07:12:53 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php 04/12/2020 14:35:28 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php 25/11/2020 08:07:34 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php 24/11/2020 10:24:22 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php admin 24/11/2020 10:02:44 Query: SELECT folder_id, type FROM teampass_roles_values WHERE role_id IN () ORDER BY folder_id ASC
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') ORDER BY folder_id ASC' at line 3
@ /sources/users.queries.php admin 19/08/2019 13:44:58 Query: UPDATE teampass_users SET login='Cameron..adm', name='Cameron', lastname='', email='cameron.@', disabled=0, isAdministratedByRole='3', groupes_interdits='0', groupes_visibles='0', fonction_id='3' WHERE id = 10000036
Error: Duplicate entry 'Cameron..adm' for key 'login'
@ /sources/users.queries.php 19/08/2019 13:42:15 Query: UPDATE teampass_users SET login='Cameron..adm', name='Cameron', lastname='', email='cameron.@', disabled=0, isAdministratedByRole='3', groupes_interdits='0', groupes_visibles='0', fonction_id='3' WHERE id = 10000036
Error: Duplicate entry 'Cameron..adm' for key 'login'
@ /sources/users.queries.php

sticks221 commented 3 years ago

UPDATE - Not sure what I did differently but, I managed to get the box upgraded to 2.1.27.36 (In the hope that the upgrade process might fix the issues). I still get the same issue with locked records but it does now appear to be retaining the "Exclusive editing lock expires after XX minutes" value and I appear to have downloaded a backup. I am hopeful that the lock expiration might fix the issue.

I also forgot to mention a search issue - when clicking the binoculars icon, we get this error "DataTables warning: table id=t_items - Invalid JSON response. For more information about this error, please see http://datatables.net/tn/1". The developer page response is;

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

Teampass
Welcome Dean Stickells [dean.stickells.adm] - Manager account
Search     
Label Login Description Tags URL Folder
CSRF Protection
Lucifersgirl commented 2 years ago

Hi, I have a problem with login when I switched teampass from adm mode to user mode. I don`t have form to login, have some errors from apache:

Got error 'PHP message: PHP Fatal error: Uncaught Error: Function name must be a string in /var/www/TeamPass/includes/core/login.php:77\nStack trace:\n#0 /var/www/TeamPass/index.php(1083): include()\n#1 {main}\n thrown in /var/www/TeamPass/includes/core/login.php on line 77'

and from chrome console

GET https://teampass.neovinci.pl/ 500 (Internal Server Error) csrfprotector.js:152 TypeError: Cannot read properties of null (reading 'value') at Object._init (csrfprotector.js:150:86) at csrfprotector_init (csrfprotector.js:174:11) at csrfprotector.js:336:5 _init @ csrfprotector.js:152 csrfprotector_init @ csrfprotector.js:174 (anonimowa) @ csrfprotector.js:336 csrfprotector.js:153 [ERROR] [CSRF Protector] unable to parse blacklisted url fields. _init @ csrfprotector.js:153 csrfprotector_init @ csrfprotector.js:174 (anonimowa) @ csrfprotector.js:336 VM30 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM30 content_script.js:1:1) VM31 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM31 content_script.js:1:1) VM32 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM32 content_script.js:1:1) VM33 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM33 content_script.js:1:1) VM34 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM34 content_script.js:1:1) VM35 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM35 content_script.js:1:1) VM36 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM36 content_script.js:1:1) VM37 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM37 content_script.js:1:1) VM38 content_script.js:1 Uncaught SyntaxError: Identifier 'WBSAutoFillFormTypeUndetermined' has already been declared (at VM38 content_script.js:1:1)

got error 500 - from console tab network - response

This site attempts to protect users against [Cross-Site Request Forgeries ](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29)attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you. See details of your web browser for how to enable JavaScript. Teampass Logo Teampass