The most Grevious Forum Install I've had to date.

[WebDevandPhoto]

Hi, I'm setting up a site for giving options to view my themes on many open source forums and softwares.
I've installed MyBB, phpBB, Vanilla, SMF, FluxBB, OSclass, Wordpress.. all without much hassle, the OSclass was a short lived pain to setup.. but out of all of these... Simple Machines Forum is giving me the biggest head ache at the moment.

I am on a shared linux hosting server, Server API CGI/FastCGI,
PHP Version 5.3.13 with these configure commands:

Code Select Expand

'./configure' '--prefix=/usr/local/php53' '--datadir=/usr/local/php53/share' '--localstatedir=/usr/local/php53/var' '--without-pear' '--with-config-file-path=/etc/php53' '--with-config-file-scan-dir=/etc/php53/conf.d' '--enable-force-cgi-redirect' '--enable-trans-sid' '--with-zend-vm=GOTO' '--enable-cgi' '--enable-libxml=shared' '--enable-bcmath=shared' '--enable-calendar=shared' '--enable-ctype=shared' '--enable-dom=shared' '--enable-exif=shared' '--enable-fileinfo=shared' '--enable-filter=shared' '--enable-ftp=shared' '--enable-hash=shared' '--enable-intl=shared' '--enable-json=shared' '--enable-mbstring' '--enable-mbregex' '--enable-mbregex-backtrack' '--enable-pcntl=shared' '--enable-pdo' '--enable-phar=shared' '--enable-posix=shared' '--enable-session=shared' '--enable-shmop=shared' '--enable-simplexml=shared' '--enable-soap=shared' '--enable-sockets=shared' '--enable-sysvmsg=shared' '--enable-sysvsem=shared' '--enable-sysvshm=shared' '--enable-tokenizer=shared' '--enable-wddx=shared' '--enable-xml=shared' '--enable-xmlreader=shared' '--enable-xmlwriter=shared' '--enable-zip=shared' '--with-openssl=shared' '--with-kerberos' '--with-pcre-regex' '--with-sqlite3' '--with-zlib=shared' '--with-bz2=shared' '--with-curl=shared' '--with-gd=shared' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-zlib-dir=/usr' '--with-xpm-dir=/usr' '--with-freetype-dir=/usr' '--with-gettext=shared' '--with-gmp=shared' '--with-mhash=shared' '--with-iconv=shared' '--with-imap=shared' '--with-imap-ssl' '--with-ldap=shared' '--with-mcrypt=shared' '--with-msql=shared' '--with-mysql=shared' '--with-mysql-sock=/No-MySQL-hostname-was-specified' '--with-mysqli=shared' '--with-pdo-mysql=shared' '--with-pdo-pgsql=shared' '--with-pdo-sqlite' '--with-pgsql=shared' '--with-pspell=shared' '--with-readline=shared' '--with-sqlite=shared' '--with-tidy=shared' '--with-xmlrpc=shared' '--with-xsl=shared'

I've given SMF it's own database.

I am using Cloudflare free edition.

I have denied access for all except me with the SMF root dir .htaccess
Note: this does cause load issues as Cloudflare doesn't cache CSS properly when only allowing my own IP in .htaccess
incase anyone needs that apache code:

Code Select Expand

Order deny,allow
Deny from all
Allow from [IP goes here without brackets]




THE PROBLEM:
After a successful install of SMF 2.0.2 I can login with the admin account on index.php fine; HOWEVER, if I try to logout OR go to any of the 4 admin sections (Features and Options, Package Manager, Error Log, Permissions) I get this error, "Session verification failed. Please try logging out and back in again, and then try again."

I've tried:
Renaming cookie
All major browsers (Firefox,Chrome,Opera,IE,Safari)
Used the repair_settings.php
Searched Google and this forum for hours for a solution unsuccessfully

Note:
This issue has been in effect for me since the moment completing SMF installation as I could not "log out" via the forum and I was given there, "Session verification failed. Please try logging out and back in again, and then try again" error message.

[Kays]

Hi, welcome to SMF.

I don't know if this is the solution but it's something to check. Go into the Admin CP> Server Settings > Cookies and Sessions and verify the following:

Enable local storage of cookies - unchecked
Use subdomain independent cookies - checked
Use database driven sessions - checked

You might need to log out and then back in again.

[WebDevandPhoto]

Since this error pops up when trying to access Admin cp, I'll have to change those setting manually via editing php? I suppose I could do a source search and find it.. I'll give it a try. thank you for the suggestion.

Edit:
I looked through the source for everything that called for the language variables for the options you listed above, the first being "localCookies" and did not find any variables that I could declare in php.. are these options stored in the database? and if so which table?

[Kays]

They're kept in the settings table. Look for localCookies, globalCookies, and databaseSession_enable. The recommended values are 0, 1 , 1.

Also try clearing your coookies and sessions if you haven't done so already.

[WebDevandPhoto]

in smf_settings table in the MySQL database there's:
smfVersion    2.0.2
   Edit    Delete    news    SMF - Just Installed!
   Edit    Delete    compactTopicPagesContiguous    
   Edit    Delete    compactTopicPagesEnable    
   Edit    Delete    enableStickyTopics
   Edit    Delete    todayMod    
   Edit    Delete    karmaMode    
   Edit    Delete    karmaTimeRestrictAdmins    
   Edit    Delete    enablePreviousNext    
   Edit    Delete    pollMode    
   Edit    Delete    enableVBStyleLogin    
   Edit    Delete    enableCompressedOutput    
   Edit    Delete    karmaWaitTime    
   Edit    Delete    karmaMinPosts    
   Edit    Delete    karmaLabel    Karma:
   Edit    Delete    karmaSmiteLabel    [smite]
   Edit    Delete    karmaApplaudLabel    [applaud]
   Edit    Delete    attachmentSizeLimit
   Edit    Delete    attachmentPostLimit    
   Edit    Delete    attachmentNumPerPostLimit    
   Edit    Delete    attachmentDirSizeLimit    
   Edit    Delete    attachmentUploadDir    
   Edit    Delete    attachmentExtensions    
   Edit    Delete    attachmentCheckExtensions    
   Edit    Delete    attachmentShowImages    
   Edit    Delete    attachmentEnable    
   Edit    Delete    attachmentEncryptFilenames    
   Edit    Delete    attachmentThumbnails    
   Edit    Delete    attachmentThumbWidth    
   Edit    Delete    attachmentThumbHeight    

I nulled the values in this post for a little bit of privacy, but I don't see the settings you said.
Maybe I'm missing something?

Edit:
AH, my phpadmin didn't show there was multiple pages, even so.. for variables starting with "L" such as localCookies:
   Edit    Delete    lastActive    
   Edit    Delete    last_mod_report_action    
   Edit    Delete    latestMember    
   Edit    Delete    latestRealName
Above is all there is for anything starting with "L'... are you sure you gave me the right table to look into?

EDIT 2:
I FIXED IT!!
Deleting my old "Forever" Session in the smf_sessions table in the database fixed the session error and allowed me to adjust server settings! YAY!

[Kays]

Yes, there's more than a few pages. Best thing to do is a search for the settings I mentioned. There should be a button on the top for that.

[WebDevandPhoto]

Now (session error is fixed) that I am able to get into admin settings for registrations (to disable registrations) I get a 403 error on index.php.. lol XD

I tried removing .htaccess, temporarily chmod 777 on directories and index.php, all no bueno for avoiding this 403. think it may have something to do with my domain using Cloudflare??

I'll search the db for the variables like you suggested anyway to make those changes.

Edit,
I found databaseSession_enable which has a value of 1.. but no go on localCookies or globalCookies... searching the entire database for those two OR even "Cookies" returns zero results from all tables.

Edit 2:
This is ridiculous, there's a real issue here with my SMF 2.0.2 installation's login/logout process.. maybe even this installation package. I shouldn't have to delete the entries from the sessions table on every logout just to have full access to admin settings once re-logged in. Out of all the different open source forum softwares I've installed.. this one is still the largest PITA. :/

[texaswc]

This is the issue I am seeing with the login/logout functions...

Login with default time (60 minutes) and get the password incorrect message. Click the button again and get logged in. Log out gives no problem.

Login with "forever" checked, logs in fine, but gives "Session verification failed" on logout.

Seems to me that the software is not reading the database properly depending on what you select at login.

Version 2.0.2 is the biggest piece of whatever you want to call it that I have used. Considering the incorrect password problem has been an issue for over 6 years, and now this logout issue, I am seriously considering changing to another forum software. No other software has these issues which tells me it is a problem with the software alone, not servers, not browsers, as many have tried to claim...

This problem is getting old and the authors really need to fix the real problem or they'll continue to lose users...More and more websites, almost every one I go to with forums, are using phpBB .. I've used that and this and aside from customizing pains with phpBB, I have never once had an issue with the security or use...

Not to mention, AJAX chat is no longer truly compatible with SMF, and the 2 so-called fixes are still not compatible .. I do use AJAX chat due to it's ease of customizing for the look of the website...

If ANYONE has a REAL solution, I'd be happy to use that and keep SMF, but I don't see that happening anytime soon, IF ever...

[dixer]

I've had the same problem -- can't post, can't admin, can't logout, can't login.

The thing about SMF is you end up editting the source occasionally.  The next release is supposed to eliminate that need... after all the mod developers update their mods!   

Here's what I did.  In forum/Sources/LogInOut.php, about line 579 (for SMF 2.0.2) look for

Code Select Expand

  setLoginCookie(-3600, 0);

and add

Code Select Expand

  setLoginCookie(-3600, $user_info['id']);

None of my members have experienced that situation since.  YMMV but I hope not.
If anyone knows a better or "official" method, please do share it.

Cheers