|AlexC||Can't login on new (old) site||20110329 10:23|
|Not sure any moderator will read this but just in case I'm not the only one I thought I should mention that I can't login on the www. version of the site.
I put my credentials in the boxes and it confirms "login you in AlexC" but then it shows the home page again with the login section and I'm effectively not logged in as I can't reply to any post nor see my profile.
I'm using IBrowse 2.4 on OS4.1 and I've tried with both JS enabled and disabled.
|orgin||Re: Can't login on new (old) site||20110329 14:32 #3205|
I've forwarded this.
|orgin||Re: Can't login on new (old) site||20110329 20:22 #3206|
Could you try to click on the "Remember me" checkbox under the login form? For me it worked just fine. It seems that if someone doesn't click on that the IBrowse doesn't save the cookie.
As I haven't still made the necessary changes to support all the browsers, there might be some problems that will get ironed.
|AlexC||Re: Can't login on new (old) site||20110330 13:21 #3207|
Thanks. Here is the message I tried to send as a PM to Walkero because the new site doesn't seem to send PMs from IBrowse either...
Cookie domain mismatch is what causes login problems with IBrowse
After whatching what happens with the cookies in IBrowse when I can't login I found that the problem comes from a conflict between a cookie with the domain set to .amigans.net and one set to www.amigans.net
If I remove all the cookies and try to login without the "remember me" option enabled. I'm unable to login, and both a session cookie from www.amigans.net gets set and another session cookie from .amigans.net gets set with the value xoops_user=0
Again if I remove all the cookies and try to login but this time I enable the "remember me" option, I'm able to login, but this time the .amigans.net cookie is set to expire 1 year later and contains the proper xoops_user=671-... value.
Now if I logout, the .amigans.net cookie becomes a session cookie with the xoops_user=0 value, and a new session cookie appears with the domain www.amigans.net and the xoops_user=0 value too.
Once both the .amigans.net and the www.amigans.net cookies exist, if I try to login, if I do enable the "remember me" option, it sets the .amigans.net cookie to the correct value but because the www.amigans.net session cookie still exists, after the "Thank you for logging in" page, it takes me right back to the "Guest" mode.
So it appears that the www.amigans.net cookie is read first if it exists, otherwise it reads the .amigans.net cookie.
I think the above explaination should suffice to help you correct the problem.
What I don't understand though, is why does the session cookie get set to user 0 when leaving "remember me" disabled? I take it that the only difference in the code should be that in one case it sets a session cookie and in the other it sets an expiration date on it, but that shouldn't have any effect on the value it contains.
I did all the testing using the index.php page, it shouldn't make any difference but I'll mention it just in case.
I also tried to send you a couple of PMs but I'm not sure they actually were sent because the one I set to be saved in my outbox didn't appear.