Page 6 of 6

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Wed Jul 30, 2008 6:20 am
by undoIT
Well, the login problem is back after adjusting both the time offset and changing the CB login module. However, I am still able to login with the Fireboard login form. Perhaps a clue lies in the coding for that login method, since it different than the other two and is the only login that is working. I'll attach the file that contains the Fireboard login.

(Of course I'd rather just upgrade to Joomla 1.5. I am developing another site using 1.5 and CB 1.2RC2 and I am not seeing this problem. Unfortunately, several of the 3rd party components on Themebot are still 1.0.x native only, so it is a matter of waiting and hoping that those components are ported.)

components/com_fireboard/template/default/plugin/profilebox/profilebox.php

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Thu Jul 31, 2008 3:32 am
by undoIT
There seems to be a problem with the way that modules are loaded that causes the wrong value for function josSpoofValue to be created. Both the Fireboard login box and the Joomla component, com_login work fine. Around 5:00 - 5:30PM everyday the login problem appears. Then around 12:00 - 12:30PM it starts working again. None of the login modules work during this time period.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Thu Jul 31, 2008 6:50 am
by Beat
As stated on joomlapolis thread (5 pages long just with UndoIt and me): my final guess is that this problem arrises because of the "Cache module" setting being set to ON in that login module parameters in the backend, which then caches the wrong josSpoofValue hidden input field.

If anyone else has this problem with CB only and didn't turn on that module cache..., please reply there:

http://www.joomlapolis.com/component/op ... tstart,30/

Well, reply here and there too, if that guess was right ;)

Please note that we need to have access to a test-installation (not necessarily a live site) with that problem active to efficiently debug and fix.

Thanks.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 01, 2008 4:27 am
by kacenka
I have successfully fixed the initial login problem on front end by editing the joomla.php according to pawel7 with the (int) in the spoof line. Never had backend problem. Do not and never had CB on this site.

But... (I know you were waiting for this) I am using AEC subscription manager and am getting the "you are not authorized..." on that page even after I successfully login in.

Oh, upgraded from 13 to 15. My cache (the general one) is off. The other cache talk you had up here is unfortunately getting little too complicated for me to understand.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 01, 2008 5:01 am
by undoIT
When you made the edit to joomla.php as suggested by pawel7 did it immediately fix the login problem or did you notice? Everything I tried, including that suggestion, has not worked and I am not able to login to the frontend for a time period of around 7 hours when it kicks in.

Also, has anyone who is still experiencing this problem tried using both the login module and the joomla login component (com_login)? I've noticed that this only affects the login modules, but not login forms within components.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 01, 2008 6:19 am
by undoIT
Drum roll please...

I finally figured out what the problem was. After examining /includes/joomla.php more closely and having ruled out just about everything that could possibly be causing this, it dawned on me that the problem might be in the template. I turned on the login module where nobody would see it (the privacy policy page) and then assigned a default template to that page. Sure enough, I was able to login.

Then I started combing through my template to figure out what could be causing this. The culprit?...

I have a conditional comment that is visible only for visitors using Internet Explorer 6 and below. There is nothing wrong with the code for that except that maybe a month or two ago, right around the time that I installed Community Builder, I also adjusted the conditional comment to include some tracking code from OpenX, my banner management software. The tracking code uses PHP. This works fine in all of the browsers, but for some reason, having PHP in the conditional comment screws up the josSpoofValue function.

What a waste of time. :eek:

Even if it wasn't directly Internet Explorer's fault, (or in this case completely my fault for wanting to see how many people click on the Firefox link after reading the warning about IE6) I'm still going to blame it on Internet Explorer for making it necessary to put in conditional comments and cruddy hacks in the first place.

If you want to see what I'm talking about in regards to the conditional comment, just visit the site with IE6:

http://themebot.com

Also, if you are running Linux and need a tool to test your web development in Internet Explorer, check out IEs4Linux. It is a very handy tool.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 01, 2008 4:03 pm
by kacenka
undoIT wrote:When you made the edit to joomla.php as suggested by pawel7 did it immediately fix the login problem or did you notice? Everything I tried, including that suggestion, has not worked and I am not able to login to the frontend for a time period of around 7 hours when it kicks in.

Also, has anyone who is still experiencing this problem tried using both the login module and the joomla login component (com_login)? I've noticed that this only affects the login modules, but not login forms within components.
Yup it worked right away and is still working.

Glad you fixed your problem but not sure it will work for everybody. I for one cannot log in from neither IE nor Modzilla. Not to mention that I would never dare to mess up with my tempate beyond maybe css. :)

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 01, 2008 4:41 pm
by undoIT
Hi Kacenka. I have also seen something similar to this pop up in the past, before I was using CB. To make things clear, this problem was not related to Community Builder. When trying to login I would get the "not authorized" message very sporadically. At that time, either clearing the caching mechanisms on the site (PageCache and Joomla Cache) and / or also clearing the cached URLs for sh404SEF would fix the problem.

For this particular instance, it was specific to my site. How was I supposed to know that adding a bit of PHP to my conditional comment for IE6 and below would cause the josSpoofValue function to stop working at a certain time of the day, for a certain number of hours and only when trying to login using the login module? 8)

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Tue Aug 05, 2008 12:58 pm
by daew
Hi, I have very similar issue to this, but not after update to version 1.0.15. I have found out, I can not log-in when I write down the adress like page.abc. But if I use adress like www.page.abc it works and after that it works also for adress without www. Strange. This problem is only in IE. In firefox I can log-in with no problem. Anyway I have set up to automatically switch to adress with www when the one without www is entered.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Fri Aug 08, 2008 2:55 am
by Jaryd
Thanks heaps! This front end login problem was doing my head in.

It was the commenting out of the spoofing hack code line 6049 /includes/joomla.php that worked for me.

By the way - The sites I had effected did not have CB on them at all.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Wed Aug 13, 2008 12:06 pm
by paddylatino
I had this error with IE only, Firefox was OK

I was using sh404SEF and cleared the cache of URLs, that fixed it up

odd why it happens with one browser and not another...

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Wed Aug 13, 2008 5:42 pm
by undoIT
If it is browser specific like that, it is probably due to the browser cache. IE does not totally reload the page if you hit the refresh button. You need to manually delete the cache.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Thu Aug 14, 2008 1:47 am
by paddylatino
I *did* clear IE's cache first, still no joy

worrying me as most people use IE... and login is pretty important :)

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Wed Aug 20, 2008 9:01 pm
by shikar
I am using Firefox with Mac and for me the solution turned out to be the one mentioned by Jaryd:
commenting out line 6044-6048 in /includes/joomla.php:
// if (!$validate) {
// header( 'HTTP/1.0 403 Forbidden' );
// mosErrorAlert( _NOT_AUTH );
// return;
// }

I tried all the other tricks but only this one worked (without changing anything else). I am not totally sure about other consequences of this commenting out though.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Sat Sep 13, 2008 3:08 pm
by grassmonster
Hello to the forum

I was having this problem for a few days...
I sorted it out by making the session directory owned and group member of apache
so if for example, your joomla writes its sessions to:
/home/joomsess/session

then make sure the session directory is apache:apache and 777

regards
grassmonster

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Sat Sep 13, 2008 5:53 pm
by grassmonster
Hello

I was still getting a hit and miss login even after I thought the session directory was mended.

I had a full backup of my site from June this year including full mysql backup of the same backup session which was labled "before the Community Builder update"
So, out of curiosity, I re-installed the site and DB

And so far, all login and session problems have completely disappeared ...

conclusion for now is that the culprit leans towards Community Builder update

Mmmm!

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Sun Sep 14, 2008 7:30 pm
by Beat
grassmonster,

As I understand you upgraded CB and joomla, and logically CB first.

Could you please tell us exactly the differences between the working and the not-working backup-set ?:

For each:
- joomla version
- CB component version
- CB login module version
- other extensions installed

Also, does the version where you upgraded CB and not joomla has the same problem ?

Thanks in advance for your help trying to find the problem. :)

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Mon Sep 15, 2008 2:42 pm
by grassmonster
Hello

The main difference I found was that with the up2date CB and Joomla 1x only members who resent themselves a new password from the front end option renewed their ability to login and use their account.
As many people don't figure this option immediately, naturately the support gets a lot of "can't login" email messages.

I looked at the db on the server and noticed the upgrades were registering the md5 password differently from an earlier version of both software... that is:

gjk34587fj3rh834frh347ehur3 (sample older md5 password)

6r87yrtvu93498vrj343498f934:gui235y78yvfd32r (sample new md5 password)

I don't know whether this has relevance but as it was apparent then it became noticed immediately during investigation.
It only happened when CB was upgraded to my joomla 1.13 installation
I tried update to latest 1.15x joomla but it did not fix the problem

Versions of software

By chance I had backups still available so the versions included in the restoration that work from June this year are:

Joomla
Joomla! 1.0.13 Stable [ Sunglow ] 21 July 2007 16:00 UTC

Community BuilderYour version is : 1.1

Software: Copyright 2004 - 2007 MamboJoe/JoomlaJoe, Beat and CB team. This component is released under the GNU/GPL version 2 License and parts under Community Builder Free License. All copyright statements must be kept. Derivate work must prominently duly acknowledge original work and include visible online links. Official site:
www.joomlapolis.com .

Credits:

Nick A.

Documentation and Public Relations
Please note there is a free installation document, as well as a full documentation subscription for this free component available at www.joomlapolis.com

If you like the services provided by this free component, please consider making a small donation to support the team behind it


Community Builder includes following components:
Application Version License
Icons N/A http://www.foood.net/agreement.htm
Tabs 1.02 http://webfx.eae.net/license.html
Calendar 1.1 GNU Lesser General Public License
Jason's Calendar 2005-09-05 Dynamic Drive terms of use License
overLib 4.17 http://www.bosrup.com/web/overlib/?License
Snoopy 1.2.3 GNU Lesser General Public License
BestMenus 1.0 Limited Community Builder JoomlaPolis License


Hope this helps
GM

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Mon Sep 15, 2008 10:47 pm
by Beat
grassmonster,

My first guess is that your file includes/version.php didn't upgrade with your corresponding Joomla version.

CB 1.1 relies on that file to get the Joomla version, and to accordingly hash and check the passwords in Joomla's table.

Some hosters unfortunately mess with that file, e.g. to change the CMS name or add their own name, or whatever other reasons. This has been the most common error people experienced when "can't login happened" with CB 1.1.

In CB 1.2 RC 2 we stopped relying on that file, and guessed joomla's new password with available functions...

Maybe that gives you an idea where to look ?

Another thing to try is to overwrite the joomla install with a full joomla 1.0.15 image (after having installed CB 1.1 or CB 1.2 RC 2), and then quickly remove installation directory. At least then you are sure that you have a correct set of files.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Tue Sep 16, 2008 10:45 am
by grassmonster
Hello Beat

This is very interesting and I will look at all of your suggestions.
I have backup copies of all my installs including the ones with the joomla and CB login problem.

I shall endeavour to unwrap these and see if your suggestion of the /includes/version.php file is manually altered.
I can't recall doing this, but there is always a chance that some files may have been branded as you suggest.

Interestingly though, a new site under construction using joomla 1.5.7 and CB with Legacy enabled, is also generating passwords akin to the format separated with a colon, ie. 435ywv0897344738v897438704yf:344ty879hf3874
Even though some user password information was in the double colon separated format to start with, new test users created have resulted in the same password layout.

I did import an older DB file but I reckon that I shall have a look into these effects further when I get the chance.

In the meantime, thank you for your information.
I'll post updated results and information as soon as I am able to check things out further.

best regards
GM

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Tue Sep 16, 2008 11:49 am
by Beat
Joomla 1.0.0-1.0.12 are using the old format: e.g.

435ywv0897344738v897438704yf

Joomla 1.0.13+ and Joomla 1.5.x are using the new format, e.g.

435ywv0897344738v897438704yf:344ty879hf3874

but can accept the old format, and at each login will convert it to the new format.

That's why you can see mixtures of the 2 password formats.

CB 1.1 checks this includes/version.php file to see which joomla version it runs on, to check and store the passwords in the correct native format.

Btw, CB 1.1 hits quite a few bugs with Joomla 1.5.x legacy-layer which are documented in the joomlapolis CB 1.1 bugs forum stickies. CB 1.2 RC 2 fixes all those bugs by runing natively on Joomla 1.5.x, and is currently our recommended release for Joomla 1.5.x and has a few minor issues which will all be fixed for upcoming CB 1.2 stable.

Re: [UNDER REVIEW] can't login to front-end after 1.0.13 to 1.0.

Posted: Tue Sep 16, 2008 12:25 pm
by grassmonster
That allays any misunderstanding and wasted time searching for information not relevant to my learning curve, so thanks for clarifying these points. I will follow the method you suggested regarding trying to make a joomla 1.15 vers to work with latest CB. I am interested to get this to work and post any helpful observations for anyone else dealing with the problem.
Kind regards
GM
Beat wrote:Joomla 1.0.0-1.0.12 are using the old format: e.g.

435ywv0897344738v897438704yf

Joomla 1.0.13+ and Joomla 1.5.x are using the new format, e.g.

435ywv0897344738v897438704yf:344ty879hf3874

but can accept the old format, and at each login will convert it to the new format.

That's why you can see mixtures of the 2 password formats.

CB 1.1 checks this includes/version.php file to see which joomla version it runs on, to check and store the passwords in the correct native format.
Btw, CB 1.1 hits quite a few bugs with Joomla 1.5.x legacy-layer which are documented in the joomlapolis CB 1.1 bugs forum stickies. CB 1.2 RC 2 fixes all those bugs by runing natively on Joomla 1.5.x, and is currently our recommended release for Joomla 1.5.x and has a few minor issues which will all be fixed for upcoming CB 1.2 stable.