Advertisement:

Author Topic: SSI Login.  (Read 7012 times)

Offline Axodious

  • Semi-Newbie
  • *
  • Posts: 88
    • Aftermath WoW Guild Website
SSI Login.
« on: January 04, 2009, 03:54:47 PM »
I'm using the SMF login DB to maintain accounts on my index page. Here is the code I'm having issues with:

Code: [Select]
<?php
$url 
'http://' $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
if (
$context['user']['is_guest'] == 1) {
echo(
'                          <form action="'$scripturl .'?action=login2" method="post" accept-charset="UTF-8">
                                <div id="loginbox">
                                        <div id="loginbutton">
                                                <input type="submit" alt="Login" value="">
                                        </div>
                                        <img id="loginuser" src="' 
$settings['images_url'] . '/login-user.jpg" alt="User">
                                        <INPUT id="editboxuser" TYPE="text" NAME="user">
                                        <img id="loginpass" src="' 
$settings['images_url'] . '/login-pass.jpg" alt="Pass">
                                        <INPUT id="editboxpass" TYPE="password" NAME="passwrd">
                                        <input type="hidden" name="cookielength" value="-1">
                                </div>
                                </form>' 
"\n");
}
else {
echo(
'                          <div id="loginbox">
                                        <div id="logoutbutton">' 
"\n");
$_SESSION['logout_url'] = $url;
echo
'<a href="'$scripturl'?action=logout;sesc='$context['session_id'], '"><span>'$txt[108], '</span></a>';
echo(
'                                  </div>
                                        <div id="welcometext">' 
"\n");
echo 
$txt['hello_member'], ' <b>'$context['user']['name'], '</b>'allowedTo('pm_read') ? ', ' $txt[152] . ' <a href="' $scripturl '?action=pm">' $context['user']['messages'] . ' ' . ($context['user']['messages'] == '1' $txt[471] : $txt[153]) . '</a>' $txt['newmessages4'] . ' ' $context['user']['unread_messages'] . ' ' . ($context['user']['unread_messages'] == '1' $txt['newmessages0'] : $txt['newmessages1']) : '''.';
echo(
'                                  </div>
                                </div>' 
"\n");
}
?>


I haven't been able to quite nail down a reproduction of the bug, but what happens is a user will log in and (so far randomly) at some point when they go back to the index page $context['user']['is_guest'] returns 1 even though they are logged into the forum. I am using the EXACT same line in a theme on the forum and it never has the issue.
"You make my heart pound; my mouth water. Yeah, there’s nothing like a chili dog." Sonic the Hedgehog

Offline SlowPaddle

  • Semi-Newbie
  • *
  • Posts: 34
Re: SSI Login.
« Reply #1 on: January 13, 2009, 04:48:18 PM »
SMF uses cookies to store login information on the client computer. Cookies can be stored globally (myserver.com) or locally (myserver.com/path/to/forum).

Check this option if you're experiencing problems with users getting logged out automatically. Globally stored cookies are less secure when used on a shared webserver (like Tripod).

Local cookies don't work outside the forum folder so, if your forum is stored at www.myserver.com/forum, pages like www.myserver.com/index.php cannot access the account information. Especially when using SSI.php, global cookies are recommended.

You can change this setting under Server Settings > Feature Configuration.

Hope this helps.

Orstio

  • Guest
Re: SSI Login.
« Reply #2 on: January 14, 2009, 07:13:00 AM »
Quote
SMF uses cookies to store login information on the client computer. Cookies can be stored globally (myserver.com) or locally (myserver.com/path/to/forum).

Check this option if you're experiencing problems with users getting logged out automatically. Globally stored cookies are less secure when used on a shared webserver (like Tripod).

Local cookies don't work outside the forum folder so, if your forum is stored at www.myserver.com/forum, pages like www.myserver.com/index.php cannot access the account information. Especially when using SSI.php, global cookies are recommended.

You can change this setting under Server Settings > Feature Configuration.

Hope this helps.

Your information isn't quite rght.

SMF has two main settings to control the storage of cookies.

Local storage of cookies in SMF stores the cookies on the server, rather than on the user's computer.

Subdomain independent cookies will do what you are talking about when you refer to "global" cookies.