SMF 2.0.17 - "Forever" logins expire after 24 hours after upgrade from 2.0.15

Started by wnff_chief, September 15, 2020, 07:28:04 PM

Previous topic - Next topic

drewactual

I would suggest your host did something, but a host still running php5.4 is likely doing..... nothing...

So... i ask you... are you using OPCache?  Perhaps some aged php files are hanging on and need to be refreshed?

wnff_chief

Quote from: Sir Osis of Liver on September 21, 2020, 12:14:23 PM
What happens if you revert to 2.0.15?

I'll give it a shot tonight.

Quote from: drewactual on September 21, 2020, 01:32:41 PM
I would suggest your host did something, but a host still running php5.4 is likely doing..... nothing...

So... i ask you... are you using OPCache?  Perhaps some aged php files are hanging on and need to be refreshed?

It's a VPS so the shame lies with me.  Opcache = yes.  I restart nginx and php-fpm periodically and have done so manually a few times while troubleshooting this issue.


php-common.x86_64                                                                       5.4.16-48.el7
php-fpm.x86_64                                                                          5.4.16-48.el7


and other packages with the same version (gd, mysql, pecl-zendopcache, etc.)

wnff_chief

Reverting to 2.0.15 "fixed" the 24 hour login issue.  Confirmed by users as well.

So what's going on that 2.0.16 is breaking it?  :(

Sir Osis of Liver

AFAIK that's never been reported.  I would upload a clean set of 2.0.17 files, see if it fixes the problem, then reinstall mods with current versions.  I'm betting it's a mod glitch.
Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

shawnb61

Or a theme glitch...  I can't find the thread, but we have seen the theme fix applied multiple times, causing funky behavior (multiple "hidden="s on the same line...).  There are a couple ways this can happen.  I would audit the hidden= fix to ensure it was proper. 

I'd also confirm $auth_secret in Settings.php looked valid (almost any value will do...).  We've seen strange behavior caused by that entry being malformed in some way, e.g., "$auth_secret ="...

If nothing else worked, I'd try adding to Settings.php:
$cookie_no_auth_secret = true;

If that worked, there is something else going on, e.g., SSI or a mod or an integration, that needs a look...
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Advertisement: