Unable to view Signup tab

[tusharjambhekar]

Hi, I have installed DB and try to access the website but I am unable to see Signup tab. When I have run signup.php "Signup is not allowed." error.

Please let me know where I am doing mistake.

Thanks, Tushar

[zeruniverse]

The error is raised from reg.php#L17

Make sure in your function/config.php, you have the line $ALLOW_SIGN_UP = true;, which should be included by default. (first, you should try not to edit the optional parts, only config the required parts)

[tusharjambhekar]

Hi, Yes I have checked the $ALLOW_SIGN_UP = true; is there by default in function/config.php file. But then also I am unable to see sign up tab and I can able to see just password recovery tab which also not working.

I am following all installation steps from : https://github.com/zeruniverse/Password-Manager/wiki/Installation Let me know what changes I need to do.

Thanks,

[zeruniverse]

Could you confirm the following?

• You installed 9.15 instead of master branch
• You have PHP 5.5+ or 7
• You have newest mariadb

If yes, then things turn out to be weird because I personally never had this bug. It appears your rest/info.php does not return correct information. Could you use Chrome developer tool to capture the return json string of rest/info.php? When you open the index page, rest/info.php will be visited automatically.

[tusharjambhekar]

Hi,

You installed 9.15 instead of master branch ?

https://github.com/zeruniverse/Password-Manager/archive/9.15.zip

You have PHP 5.5+ or 7 ?

--PHP Version 5.4.16

You have newest mariadb?

--- 5.5.56-MariaDB

[zeruniverse]

I see the problem, server side pbkdf2, introduced in 9.15, is only supported by PHP 5.5+.

You shouldn't use PHP 5.4.16 anyway. The life cycle for this more-than-5-year-old PHP has already ended. It's not a safe PHP version to use

[tusharjambhekar]

Hi, Ohh... okay. I will update my PHP and check it once.

Thank you for the prompt reply. 👍

[tusharjambhekar]

Hi, I have installed : PHP 7.0.26 (cli) (built: Nov 27 2017 11:26:34) ( NTS ) But then also I am unable to view Sign up tab and when I open signup.php it shows as Signup is not allowed.

Thanks,

[zeruniverse]

Could you confirm you are really using php 7.0 instead of 5.4? To see which version you are currently using, you can create a PHP file, and put:

<?php phpinfo(); ?>

Then, visit this page

On Tue, Dec 19, 2017 at 9:19 PM tusharjambhekar notifications@github.com wrote:

Hi, I have installed : PHP 7.0.26 (cli) (built: Nov 27 2017 11:26:34) ( NTS ) But then also I am unable to view Sign up tab and when I open signup.php it shows as Signup is not allowed.

Thanks,

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-352746378, or mute the thread https://github.com/notifications/unsubscribe-auth/AEbvNDri3qmgnH1VHywXpjWxpWW_9ni_ks5tB7fngaJpZM4RGzEq .

[tusharjambhekar]

Hi, I have updated PHP Version 5.4.16 to PHP 7.0.26.

Thanks,

[zeruniverse]

I meant, even if you now installed 7.0, your current running version might still be 5.4 if you didn’t uninstall that, depending on your system. So I would like you to test it with phpinfo() function.

I tested 9.15 with php myself and had no such issues

On Tue, Dec 19, 2017 at 9:33 PM tusharjambhekar notifications@github.com wrote:

Hi, I have updated PHP Version 5.4.16 to PHP 7.0.26.

Thanks,

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-352750283, or mute the thread https://github.com/notifications/unsubscribe-auth/AEbvNHJ9xCdAlv9TtHwfjJ28uMpNdeMrks5tB7s_gaJpZM4RGzEq .

[BenjaminHae]

Please also check the ouput of rest/info.php in your browsers developer tools (look in the network tab and reload the page).

[tusharjambhekar]

Hi , I have able to installed on "CentOS Linux 7 now. I can able to signup with new user but when it stuck at this error PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD...

Unable to move on from this error.

Kindly let me know how can I troubleshoot this.

Thanks,

[tusharjambhekar]

Hi, After PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD... going to fallback at Login failed: AUTHENTICATION ERROR, PLEASE RELOGIN At chrome console it shows error : jquery.min.js:4 Refused to load the font 'data:font/woff;base64,d09GRgABAAAAAIw4ABEAAAABQcAAAQABAAAAAAAAAAAAAAAAAAAAAAAAAABHUE9TAAABgAAACU8AABMOD1XXMEdTVUIAAArQAAAAUwAAAHCOOI56T1MvMgAACyQAAABbAAAAYNrnrZBjbWFwAAALgAAAAIEAAAC0jBiQAGN2dCAAAAwEAAAAKgAAAC4HyBmgZnBnbQAADDAAAAOBAAAG5XJackBnYXNwAAAPtAAAAAwAAAAMAA0AGGdseWYAAA/AAABViQAAvQzAr6AGaGVhZAAAZUwAAAA2AAAANvzd8kdoaGVhAABlhAAAAB8AAAAkD/YHpGhtdHgAAGWkAAACFAAAA26BW0HVa2VybgAAZ7gAAB/3AABeRKoEucNsb2NhAACHsAAAAb4AAAG+1eip6m1heHAAAIlwAAAAIAAAACAByAf2bmFtZQAAiZAAAADEAAABYBoFNRJwb3N0AACKVAAAAZYAAAJBVvgNXnByZ...KKKqa4EkoqpbQyyiqnvAoqqqSyKqqqproaaqqltjrqqqe+BhpqpLEmmmqmuRZaaqW1Ntpqp70OOuqksy66BhE2m2Gms1Z5Z5ZF5ltrpy1BpHlemm65H35aaLU5Lnvru3V2+e2XPzbZ66br9ummuyV6uK2nG26574677nmvl0ceeGi/3r5Z6qnHnujjo8/m6qev/gYaYJANBhtqiGGGG2mEUUb7YIxxxhpvoglO2GiySaaY6pMvTnnmgIOee+OFQw475rgrjjjqqtnOOe9MEOWrCy4G0UFMEBvEBfFB+N9Y/EJ9fNhL8zINDBwNoLQLi2tpUT5XelFiWapecmJxKm9KZmpRanFmMZjHlZhcWgKR4E/OLEouzU3LSa0A8zmLMvPSIYpKMnNSIIoAYXqDQQAAuQgACABjILABI0QgsAMjcLAURSAgsChgZiCKVViwAiVhsAFFYyNisAIjRLMJCgMCK7MLEAMCK7MRFgMCK1myBCgGRVJEswsQBAIrAA==' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback.

Thanks, Tushar

[BenjaminHae]

The error doesn't look like a symptom of your problem. Is this instance installed on a public server?

Have you tried clearing cookies and browser cache?

[zeruniverse]

Could you give us the url of your instance? We could look into that

On Thu, Dec 21, 2017 at 5:32 AM Benjamin Häublein notifications@github.com wrote:

The error doesn't look like a symptom of your problem. Is this instance installed on a public server?

Have you tried clearing cookies and browser cache?

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-353188263, or mute the thread https://github.com/notifications/unsubscribe-auth/AEbvNAIpNGhqeIZt_vLyQ4HEjoa9xCtdks5tCXzpgaJpZM4RGzEq .

[tusharjambhekar]

Hi Jeffery, I have installed this at local VM on my laptop.I want to try this in in my small office environment. I don't know what is the issue. Can you help me how can I troubleshoot this?

Thanks,

[BenjaminHae]

Did you try clearing cookies and cache? Are the any errors logged in your webserver? Can you look into your browsers developer options in the network tab and tell us what gets loaded after reloading the page? Especially interesting is the content of Rest/password.php.

On 21 Dec 2017 8:12 a.m., "tusharjambhekar" notifications@github.com wrote:

Hi Jeffery, I have installed this at local VM on my laptop.I want to try this in in my small office environment. I don't know what is the issue. Can you help me how can I troubleshoot this?

Thanks,

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-353275663, or mute the thread https://github.com/notifications/unsubscribe-auth/AHCzsRBQABAYv9QcKbfmYbdlIoj00tFbks5tCgTLgaJpZM4RGzEq .

[tusharjambhekar]

I have installed new VM with Ubuntu 16.04 server. Now I saw error as Request URL:http://172.31.25.31/src/rest/reg.php Request Method:POST Status Code:500 Internal Server Error Remote Address:172.31.25.31:80 Referrer Policy:no-referrer-when-downgrade

Now sign up stalled

Thanks,

[BenjaminHae]

What's in the Servers Error Log?

On 21 Dec 2017 8:35 a.m., "tusharjambhekar" notifications@github.com wrote:

I have installed new VM with Ubuntu 16.04 server. Now I saw error as Request URL:http://172.31.25.31/src/rest/reg.php Request Method:POST Status Code:500 Internal Server Error Remote Address:172.31.25.31:80 Referrer Policy:no-referrer-when-downgrade

Now sign up stalled

Thanks,

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-353279548, or mute the thread https://github.com/notifications/unsubscribe-auth/AHCzsZpuw7k3Va3lkLJGPE6u_Sv7Z4uNks5tCgpegaJpZM4RGzEq .

[BenjaminHae]

I think the problem is you are not using https. This prevents the cookies from being transferred.

[tusharjambhekar]

Hi, I am getting following error at /var/log/apache2/error.log

PHP Fatal error: Uncaught PDOException: SQLSTATE[HY000] [2002] Connection refused in /var/www/html/src/function/sqllink.php:21\nStack trace:\n#0 /var/www/html/src/function/sqllink.php(21): PDO->__construct('mysql:host=172....', 'admin', 'WelC@me@123', Array)\n#1 /var/www/html/src/rest/reg.php(22): sqllink()\n#2 {main}\n thrown in /var/www/html/src/function/sqllink.php on line 21, referer: http://172.31.25.31/src/signup.php

[tusharjambhekar]

Hi I have resolved the issue by changing https:// to http:// in config.php. I can able to sign-up but now after login my page stuck at "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD..." It's not moving from 3min.

Thanks,

[zeruniverse]

Please note we are no longer supporting http. It must be https://. I guess you may not have the trusted certificate, which prevents the browser from asynchronously pulling the stored encrypted passwords. If you issue your own certificate, please let your system trust it

On Thu, Dec 21, 2017 at 4:00 PM tusharjambhekar notifications@github.com wrote:

Hi I have resolved the issue by changing https:// to http:// in config.php. I can able to sign-up but now after login my page stuck at "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD..." It's not moving from 3min.

Thanks,

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-353283831, or mute the thread https://github.com/notifications/unsubscribe-auth/AEbvNMXpuNU0YevhfODH1oDcCz_Rbywjks5tChAVgaJpZM4RGzEq .

[tusharjambhekar]

Hi, Okay.. I will enable ssl for my web server, update you soon.

Thanks,

[tusharjambhekar]

Hi, I have enabled ssl for my web server then also I am unable to login with the newly created user id. I am getting the same error "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD..."

The apache2/access.log is : 172.31.25.45 - - [21/Dec/2017:01:59:18 -0800] "GET /phpmyadmin/index.php?ajax_request=1&recent_table=1&token=4e05df5f2db4bedec9315fdaee87cff8&no_debug=true&_nocache=1513850358439891233 HTTP/1.1" 200 2476 "https://172.31.26.6/phpmyadmin/sql.php?db=passmanager&table=password&token=4e05df5f2db4bedec9315fdaee87cff8&pos=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.31.25.45 - - [21/Dec/2017:01:59:20 -0800] "GET /phpmyadmin/db_structure.php?db=passmanager&token=4e05df5f2db4bedec9315fdaee87cff8&ajax_request=true&ajax_page_request=true&_nocache=151385036099484998 HTTP/1.1" 200 6414 "https://172.31.26.6/phpmyadmin/sql.php?db=passmanager&table=password&token=4e05df5f2db4bedec9315fdaee87cff8&pos=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"

Let me know where I can troubleshoot this more?

Thanks,

[tusharjambhekar]

Hi, I have enabled ssl for my web server then also I am unable to login with the newly created user id. I am getting the same error "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD..."

The apache2/access.log is : 172.31.25.45 - - [21/Dec/2017:01:59:18 -0800] "GET /phpmyadmin/index.php?ajax_request=1&recent_table=1&token=4e05df5f2db4bedec9315fdaee87cff8&no_debug=true&_nocache=1513850358439891233 HTTP/1.1" 200 2476 "https://172.31.26.6/phpmyadmin/sql.php?db=passmanager&table=password&token=4e05df5f2db4bedec9315fdaee87cff8&pos=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.31.25.45 - - [21/Dec/2017:01:59:20 -0800] "GET /phpmyadmin/db_structure.php?db=passmanager&token=4e05df5f2db4bedec9315fdaee87cff8&ajax_request=true&ajax_page_request=true&_nocache=151385036099484998 HTTP/1.1" 200 6414 "https://172.31.26.6/phpmyadmin/sql.php?db=passmanager&table=password&token=4e05df5f2db4bedec9315fdaee87cff8&pos=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"

Let me know where I can troubleshoot this more?

Thanks,

[tusharjambhekar]

Let me know where I can troubleshoot this more?

Thanks

[tusharjambhekar]

Hi Jeffery, can you help me to troubleshoot this issue, i would like to configure this at my startup firm where I am working as sysadmin.

thanks,

[zeruniverse]

As aforementioned, you could open a Chrome, press F12, you will see developer tool. If you stuck at "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD...", you should be able to see the error under Console tab. (see image below as an example)

Please also check the Network tab and look at the response of rest/password.php. There might be error info.

A possible problem I can think of is #184 If you use localhost as the dbname, make sure you specify localhost in /etc/hosts

[zeruniverse]

By the way, could you check your database (with tools like phpmyadmin) to see whether everything looks correct now? Since you mentioned you had PDO issue:

PHP Fatal error: Uncaught PDOException: SQLSTATE[HY000] [2002] Connection refused in /var/www/html/src/function/sqllink.php:21\nStack trace:
#0 /var/www/html/src/function/sqllink.php(21): PDO->__construct('mysql:host=172....', 'admin', 'WelC@me@123', Array)
#1 /var/www/html/src/rest/reg.php(22): sqllink()
#2 {main}
thrown in /var/www/html/src/function/sqllink.php on line 21, referer: http://172.31.25.31/src/signup.php

You pasted your access_log, however, to help us locate your problem, you should paste error_log

[tusharjambhekar]

HI Jeffery,

Now I am getting following error messages.

Thanks,[image: Inline image 2][image: Inline image 1]

On Thu, Dec 21, 2017 at 7:25 PM, Jeffery Zhao notifications@github.com wrote:

As aforementioned, you could open a Chrome, press F12, you will see developer tool. If you stuck at "PLEASE WAIT WHILE WE ARE DECRYPTING YOUR PASSWORD...", you should be able to see the error under Console tab. (see image below as an example)

[image: capture] https://user-images.githubusercontent.com/4648756/34258482-1b61b6a4-e699-11e7-9687-4b8452c70aa6.PNG

Please also check the Network tab and look at the response of rest/password.php. There might be error info.

A possible problem I can think of is #184 https://github.com/zeruniverse/Password-Manager/issues/184 If you use localhost as the dbname, make sure you specify localhost in /etc/hosts

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/zeruniverse/Password-Manager/issues/186#issuecomment-353356555, or mute the thread https://github.com/notifications/unsubscribe-auth/AX78FWPreoi5BRTfpXzE1QckVxTR3ftzks5tCmNhgaJpZM4RGzEq .

[zeruniverse]

@tusharjambhekar Could you log into GitHub and attach image with GitHub text box? I can't see your image...

[tusharjambhekar]

Hi Jeffery,

Now I am getting following error messages.

Thanks,

[BenjaminHae]

Can you please show us what the result of check.PHP and password.php is during log in?

[tusharjambhekar]

Hi Jeffery, Can u pls help me remotely to troubleshoot this issue where is the exact error. I can provide u access for this.

Thanks,

[zeruniverse]

My email address is zzy8200#gmail#com

[tusharjambhekar]

Hi Jeffery, Thank you for ur support. I have done the silly mistake that in config.php, I have put the fqdn ( hostname) which was not resolving.

//Host Domain - Only Allow Visits to This Domain //Note: please specify whether it's HTTP or HTTPS. Use HTTPS if possible $HOSTDOMAIN = 'https://172.31.26.6/'; <------" when i have edited ip address it's working fine now"

Thanks, Tushar

[zeruniverse]

@tusharjambhekar I made a further note above the $HOSTDOMAIN variable,

//This is to prevent cross-site attacks. If $HOSTDOMAIN is not the prefix of HTTP_REFERER string, an exception will be raised.

Does it looks clear enough to you? Or you think there should be more explanation?

I want to make sure people understand that this string must be the prefix of the address that will be inputed in the browser.

[tusharjambhekar]

Hi Jeffery, This is clear now to understand.

Thanks,