SSI, return to the page after login (not the board index)

Started by MultiformeIngegno, March 28, 2010, 07:00:10 PM

Previous topic - Next topic

Arantor


Orstio

Try adding this after your SSI include:

$sc = &$context['session_id'];
$_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];


It won't fix your redirect, but will fix your session loss.

MultiformeIngegno

Quote from: Arantor on March 30, 2010, 07:04:26 AM
So what mods do you have installed?
Aeva Media    1.1b
Stop Spammer    2.3.7
SimplePortal    2.3.1
Sitemap    2.1.2
Images On Board    2.2
Foxy! for Aeva Media    1.26
Online Only Groups in the Group Key    1.0

@Orstio: Also with that code is the same... at every refresh the session value changes..
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

MultiformeIngegno

I've created a test user for you (maybe is useful, I've set also english language to it....):
username: demo
password: demopassword

http://forum.rockciclopedia.com/index.php?action=profile;u=174
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

MultiformeIngegno

Quote from: MultiformeIngegno on March 29, 2010, 01:43:12 PM
For example if I'm writing a post and I wait.. don't know... 5 minutes.. then I can't post because the session is expired!  ???
This means that it's not something related to the ssi code for the pages, but it's something that affects smf "per se"...
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

MultiformeIngegno

RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!


MultiformeIngegno

RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

Orstio

Hmm...

Well, I've taken a look at the code in RC3, and it looks like it may need to be tweaked with $context['session_var'] as well, but I'm not sure how exactly you'd pass that as reference.

Thanks for pointing this out before I upgraded.  I don't know that any off-page integration can work reliably like this....

MultiformeIngegno

#29
In fact I've noticed this just after the upgrade....
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

MultiformeIngegno

Have someone tested this behavior with the demo user I've created..?
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!


MultiformeIngegno

Orstio, thanks for your report! ;)
What is the code changed in RC3 that causes this behavior? So while waiting a fix I can temporary revert it to the RC2 version....
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

Orstio

This isn't a solution, but might get you up and running temporarily:

In Load.php, Line 2326, find this:

$sc = $_SESSION['session_value'];

Immediately after that, insert this:

     $_SESSION['session_var']='sesc';

In SSI.php, find this:

// Start the session... known to scramble SSI includes in cases...
if (!headers_sent())
loadSession();
else
{
if (isset($_COOKIE[session_name()]) || isset($_REQUEST[session_name()]))
{
// Make a stab at it, but ignore the E_WARNINGs generted because we can't send headers.
$temp = error_reporting(error_reporting() & !E_WARNING);
loadSession();
error_reporting($temp);
}

if (!isset($_SESSION['session_value']))
{
$_SESSION['session_var'] = substr(md5(mt_rand() . session_id() . mt_rand()), 0, rand(7, 12));
$_SESSION['session_value'] = md5(session_id() . mt_rand());
}
$sc = $_SESSION['session_value'];
}


And replace it with this:

loadSession();

Let me know how that goes.

ETA - You'll also need to add this immediately after your SSI include statement:

$sc = &$context['session_id'];
$_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
$context['session_var']='sesc';

MultiformeIngegno

Thanks Orstio!!!
I'll try it tomorrow when I come back home.. :)
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

MultiformeIngegno

I've done all of these edits but the behavior doesn't change at all.
It's the same....

I've cleared the forum/browser cache, tried with other browsers/systems.. I always get a "password wrong" error if I try to login from an ssi page in a subdomain..
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

Orstio


MultiformeIngegno

RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

Orstio

Well, that's better, but still no dice.

What if you change this line:

$sc = &$context['session_id'];

To this:

$sc = &$_SESSION['session_value'];


MultiformeIngegno

Quote from: Orstio on April 11, 2010, 09:34:54 AM
Well, that's better, but still no dice.

What if you change this line:
Still the same behavior, logout urls change at every refresh... :(
RockCiclopedia (wiki - forum), Tutta la storia del rock, scritta da voi ...
Rimanere aggiornati sul mondo della musica grazie al nuovo feed "RockCiclopedia Music News"!

Advertisement: