After updating i am unable to add a user - i have checked all admin permissions for user admin and still receive an error the gibbons have escaped
Hi @Alyssha I’ve tested v28 and haven’t been able to reproduce any error when adding a user. If you’re seeing the Gibbons Escaped message, this is the front-end error message. Can you check your PHP error log on the server to see what the full error message text is, and share it here, as it will give more information about the cause of the error you’re seeing.
@sandra i am also unable to comment on help desk issues either? Super weird as i could previously
[21-Nov-2024 12:35:36 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:35:51 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:36:35 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:37:30 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:38:45 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:43:11 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 12:47:07 America/New_York] Uncaught Exception: ParseError - syntax error, unexpected ‘SELECT’ (T_STRING) in /home2/seeingl4/public_html/website_40b6fa1e/modules/User Admin/user_manage_add.php on line 365
[21-Nov-2024 23:33:14 America/New_York] Uncaught Exception: Error - Object of class Gibbon\Core could not be converted to string in /home2/seeingl4/public_html/website_40b6fa1e/modules/Timetable Admin/courseEnrolment_manage_byPerson_edit.php on line 66
line 365 of user manage add >
$sql = “SELECT gibbonHouseID as value, name FROM gibbonHouse ORDER BY name”;
$row = $form->addRow();
$row->addLabel(‘gibbonHouseID’, __(‘House’));
$row->addSelect(‘gibbonHouseID’)->fromQuery($pdo, $sql)->placeholder();
Hi @Alyssha This is very odd, as these lines of code are basic queries and shouldn’t cause the errors you’re seeing. Are you able to check your server and share which version of PHP and MySQL you’re using? Have you made any upgrades to your server software aside from Gibbon?
@sandra i figured out that i updated gibbon but i did not replace the folders. I do have another issue if you could help me please. I am unable as an admin delete anything on the site at all. When i click the delete button nothing happens. I used inspect on google and found this error. Could this be the reason? and if so how could i fix it?
-
Content Security Policy of your site blocks the use of ‘eval’ in JavaScript`
-
The Content Security Policy (CSP) prevents the evaluation of arbitrary strings as JavaScript to make it more difficult for an attacker to inject unauthorized code on your site.
To solve this issue, avoid using eval(), new Function(), setTimeout([string], ...) and setInterval([string], ...) for evaluating strings.
If you absolutely must: you can enable string evaluation by adding unsafe-eval as an allowed source in a script-src directive.
Allowing string evaluation comes at the risk of inline script injection.
- Affected Resources
1. 1 directive
1. |Source location|Directive|Status|
| — | — | — |
||script-src|blocked|
-
- Learn more: Content Security Policy - Eval
Hi @Alyssha This is interesting, and I’ve not encountered it in the servers I run. Can you share more about what the Content Security Policy is for your server and if this is something you’ve set or is set by default? It looks like, with this CSP enabled, then a lot more that just the delete action might be affected.
i didnt add it and its new. Since the update. it does affect a lot of functioning within the site like clicking add comment on help desk, clicking the module menu different things i just seen there is a 28.01 version now maybe the update could help?
the update has fixed the delete issue and module menu. I am still unable to comment or respond via help desk. Thank You.
Hi @Alyssha Great to hear the update has helped resolve the issues. There is an updated version of Help Desk for v28 compatibility, please check the Extend page and update your module, which should resolve the comment issue.
