[RC5] SSI - Session Verification Failure / ssi_login() & ssi_logout() problems

Started by Substance, March 25, 2011, 01:07:40 AM

Previous topic - Next topic

Substance

Greetings SMF, I seem to be having issues integrating SMF into my website. I'm not using any CMS system, just my own site, here are the problems so far:

Answers to questions you will ask me:
- Enable local storage of cookies is OFF
- Use subdomain independent cookies is ON
- I have tried turning subdomain independent cookies off and turning it back on, no change

Location of problem:

Site Homepage - http://www.monolithgaming.com
Forum Location - http://www.monolithgaming.com/forum

Problem details:

ssi_login()

When using ssi_login(), after information is entered and submitted, it will not redirect to the sites homepage (http://www.monolithgaming.com), it instead sends the browser to the forum index.

Current usage code:

$_SESSION['login_url'] = 'http://www.monolithgaming.com/index.php';
ssi_login('http://www.monolithgaming.com');


That $_SESSION[] was from a suggestion I found on this forum, it doesn't appear to have done anything.

ssi_logout()

When using the ssi_logout() function it directs the browser to the forum index and gives the following error: Session verification failed. Please try logging out and back in again, and then try again.

Current usage code:

ssi_logout('http://www.monolithgaming.com/index.php')


When hovering over the link to view the link address the session appears to be exactly the same on both the front page ssi_logout() generated link, and the standard forum index logout link (which functions properly).

Additional Information:

I have created an account for you to test the problem in case I wasn't clear, the login information is as follows:
Username: test
Password: test

Any help is appreciated, if you need any more information please reply here, and I will provide it to you.

Arantor


Substance

Quote from: Arantor on March 25, 2011, 04:21:58 AM
You don't have a session_start() in your page by any chance?

Let me try adding that

EDIT:

There seems to be no change

EDIT 2:

Upon further testing, it seems the logout function will properly function as long as the forum index is not accessed. If I direct the browser to another page (such as google.com), then go to my front page again, the logout will work, but once I access the forum index is returns the same session error.

These are the very first lines of my main site index.php:

<?php 
require_once(
"/XXX/XXX/domains/monolithgaming.com/public_html/forum/SSI.php"); 
$_SESSION['login_url'] = 'http://www.monolithgaming.com' $_SERVER['PHP_SELF'];
$_SESSION['logout_url'] = 'http://www.monolithgaming.com' $_SERVER['PHP_SELF'];
?>


Arantor

QuoteLet me try adding that

No, the whole point was to make sure you DIDN'T have that.

Out of interest, double check what $_SERVER['PHP_SELF'] contains...

Substance

Quote from: Arantor on March 25, 2011, 05:09:11 AM
QuoteLet me try adding that

No, the whole point was to make sure you DIDN'T have that.

Out of interest, double check what $_SERVER['PHP_SELF'] contains...
I figured since SMF perfoms its own session handling, but at this point I figured it worth a shot.

It returns index.php, I already noticed that though, and I had changed it, the beginning of my main site's index.php is as follows right now:

<?php 
require_once(
"/XXX/XXX/domains/monolithgaming.com/public_html/forum/SSI.php"); 
$_SESSION['login_url'] = 'http://www.monolithgaming.com/index.php';
$_SESSION['logout_url'] = 'http://www.monolithgaming.com/index.php';
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
...
..
.


EDIT: Well I changed nothing, other than turning subdomain cookies, and local cookies on and off over and over about 3 times, and it seems to function properly now. Will do more testing.

Perhaps there was something stuck in my browsers cookies? That's extremely random... will you please test it?

http://www.monolithgaming.com
U/N: test
P/W: test

If it works for you, please mark this thread as solved, and thanks for your help and suggestions.

Arantor

Well, local cookies breaks it, subdomain independent cookies needs to be on, but it's possible that after all the logging in and out that it cleared the outstanding cookies you had that were perhaps incorrect.

Works for me, so I guess this is probably solved :)

Substance

Quote from: Arantor on March 25, 2011, 05:31:00 AM
Well, local cookies breaks it, subdomain independent cookies needs to be on, but it's possible that after all the logging in and out that it cleared the outstanding cookies you had that were perhaps incorrect.

Works for me, so I guess this is probably solved :)

That's all I can possibly think, seems so. Thanks again, loving 2.0 btw, vast improvement from 1.X.X, glad I went through with the upgrade...

Advertisement: