Proposed Solution: Double Login Issues

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: Proposed Solution: Double Login Issues

Postby friesengeist » Thu Jan 18, 2007 2:48 pm

pmcnamara wrote:Its amazing to me that such a horrific problem would be allowed to exist in version after version.


That is not quite true. While I understand that it is frustrating if login is not working, I can not agree that we have not done our best to solve all these issues! Joomla! 1.0.12 has solid session handling, if login does not work, then this is usually not something Joomla! can be blamed for.

At this point, I'm only aware of one and a half issues* with the login handling of Joomla!. After I had put up the patch in my initial post of this thread, all other problems were related to server misconfiguration or some (wrongly) modified Joomla! files. All the information you need to solve this can be found in this thread.

If time permits, I'll try to write down a "step-by-step" to identify the cause of failed logins. No promise on this though, as 1.5 is priority now.

Enno


* 1. Login does not work directly from the first page you visit, if the site is hosted on IIS.
* 2. Users seem to get logged out if they switch from a http:// site to https://.
We may not be able to control the wind, but we can always adjust our sails

User avatar
pmcnamara
Joomla! Guru
Joomla! Guru
Posts: 572
Joined: Fri Nov 10, 2006 7:05 pm
Location: Detroit, Michigan, USA
Contact:

Re: Proposed Solution: Double Login Issues

Postby pmcnamara » Sat Jan 27, 2007 3:43 pm

Are you saying then that effective with Joomla 1.0.12 that there should be no log-in issues except the two you denoted above ?

IdeasUnknown
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Tue Sep 12, 2006 11:05 am

Re: Proposed Solution: Double Login Issues

Postby IdeasUnknown » Mon Feb 26, 2007 12:29 pm

For all of those IIS users with Joomla 1.0.12 this is how I fixed my installation.  I already posted this in reply to someone who had the same issues and couldn't find a solution.  You can see the original message Here.

Since I posted the last message I decided it was too annoying to use the Login Message...so I changed the alert code to a redirect.

In \modules\mod_login.php
Around line 148, Original Code:

Code: Select all

   // JS Popup message
   if ( $message ) {
      ?>
      <script language="javascript" type="text/javascript">
      <!--//
      alert( "<?php echo addslashes( _LOGIN_SUCCESS ); ?>" );
      //-->
      </script>
      <?php
   }


Replace entire section, New Code:

Code: Select all

   // JS Popup message
   if ( $message ) {
      ?>
      <script language="javascript" type="text/javascript">
      <!--//
      window.location="<?php echo $return; ?>";
      //-->
      </script>
      <?php
   }


I believe that this could be added to the mod_login.php configuration panel to add a radio button to enable this instead of having to change your login message code, so as to leave that feature functional.  Well I felt a little ambitious so I decided to just see if you could add the feature, and well you can.  Imagine that  ;) (The Joomla developers really did a good job at making this software adaptable).  Please ignore the above workaround if you are going to follow the directions below.

This has been tested only for Joomla 1.0.12.  Please make backups before attempting this.

List of files changed (with location):
  • index.php
  • modules\mod_login.php
  • modules\mod_login.xml

Step 1.  Open index.php.

On or around line 142, Original Code:

Code: Select all

// frontend login & logout controls
$return = strval( mosGetParam( $_REQUEST, 'return', NULL ) );
$message = intval( mosGetParam( $_POST, 'message', 0 ) );
if ($option == 'login') {
   $mainframe->login();

   // JS Popup message
   if ( $message ) {
      ?>
      <script language="javascript" type="text/javascript">
      <!--//
      alert( "<?php echo addslashes( _LOGIN_SUCCESS ); ?>" );
      //-->
      </script>
      <?php
   }


Replace entire section, New Code:

Code: Select all

// frontend login & logout controls
$return = strval( mosGetParam( $_REQUEST, 'return', NULL ) );
$message = intval( mosGetParam( $_POST, 'message', 0 ) );
//START ADDED FOR REDIRECT
$iis = intval( mosGetParam( $_POST, 'iis', 0 ) );
//END ADDED FOR REDIRECT
if ($option == 'login') {
   $mainframe->login();

//START ADDED FOR REDIRECT
   if ( $iis ) {
      ?>
      <script language="javascript" type="text/javascript">
      <!--//
      window.location="<?php echo $return; ?>";
      //-->
      </script>
      <?php
   }
//END ADDED FOR REDIRECT

   // JS Popup message
   if ( $message ) {
      ?>
      <script language="javascript" type="text/javascript">
      <!--//
      alert( "<?php echo addslashes( _LOGIN_SUCCESS ); ?>" );
      //-->
      </script>
      <?php
   }


Step 2. Open modules\mod_login.php

On or around line 129, Original Code:

Code: Select all

   <input type="hidden" name="option" value="login" />
   <input type="hidden" name="op2" value="login" />
   <input type="hidden" name="lang" value="<?php echo $mosConfig_lang; ?>" />
   <input type="hidden" name="return" value="<?php echo sefRelToAbs( $login ); ?>" />
   <input type="hidden" name="message" value="<?php echo $message_login; ?>" />
   <input type="hidden" name="force_session" value="1" />
   <input type="hidden" name="<?php echo $validate; ?>" value="1" />
   </form>


Replace entire section, New Code:

Code: Select all

   <input type="hidden" name="option" value="login" />
   <input type="hidden" name="op2" value="login" />
   <input type="hidden" name="lang" value="<?php echo $mosConfig_lang; ?>" />
   <input type="hidden" name="return" value="<?php echo sefRelToAbs( $login ); ?>" />
   <input type="hidden" name="message" value="<?php echo $message_login; ?>" />
<!-- START ADDED FOR REDIRECT -->
   <input type="hidden" name="iis" value="<?php echo $iis_redirect; ?>" />
<!-- END ADDED FOR REDIRECT -->
   <input type="hidden" name="force_session" value="1" />
   <input type="hidden" name="<?php echo $validate; ?>" value="1" />
   </form>


On or around line 32, Original Code:

Code: Select all

$registration_enabled    = $mainframe->getCfg( 'allowUserRegistration' );
$message_login          = $params->def( 'login_message',    0 );
$message_logout       = $params->def( 'logout_message',    0 );
$login                = $params->def( 'login',          $return );
$logout             = $params->def( 'logout',          $return );
$name                = $params->def( 'name',          1 );
$greeting             = $params->def( 'greeting',       1 );
$pretext             = $params->get( 'pretext' );
$posttext             = $params->get( 'posttext' );


Replace entire section, New Code:

Code: Select all

$registration_enabled    = $mainframe->getCfg( 'allowUserRegistration' );
$message_login          = $params->def( 'login_message',    0 );
$message_logout       = $params->def( 'logout_message',    0 );
//START ADDED FOR REDIRECT
$iis_redirect = $params->def( 'login_redirect',   0 );
//END ADDED FOR REDIRECT
$login                = $params->def( 'login',          $return );
$logout             = $params->def( 'logout',          $return );
$name                = $params->def( 'name',          1 );
$greeting             = $params->def( 'greeting',       1 );
$pretext             = $params->get( 'pretext' );
$posttext             = $params->get( 'posttext' );


Step 3. Open modules\mod_login.xml

On or around line 25, Original Code:

Code: Select all

      <param name="logout_message" type="radio" default="0" label="Logout Message" description="Show/Hide the javascript Pop-up indicating Logout Success">
         <option value="0">Hide</option>
         <option value="1">Show</option>
      </param>
      <param name="greeting" type="radio" default="1" label="Greeting" description="Show/Hide the simple greeting text">
         <option value="0">No</option>
         <option value="1">Yes</option>
      </param>


Replace entire section, New code:

Code: Select all

      <param name="login_redirect" type="radio" default="0" label="IIS Redirect" description="Enables first attempt login for IIS hosted Joomla installations">
         <option value="0">Disable</option>
         <option value="1">Enable</option>
      </param>
      <param name="greeting" type="radio" default="1" label="Greeting" description="Show/Hide the simple greeting text">
         <option value="0">No</option>
         <option value="1">Yes</option>
      </param>


Test it and let me know what you think.  I changed the com_login files as well, I am not sure if it matters at all really since the mod_login files are the ones that my site calls for and uses.  I guess I wanted to be safer than sorry.  Below are those changes just in case you wanted those too.

List of files changed (with location):
  • components\com_login\login.php
  • components\com_login\login.html.php

Step 1. Open components\com_login\login.php

On or around line 33, Original Code:

Code: Select all

$params->def( 'page_title', 1 );
$params->def( 'header_login', $menu->name );
$params->def( 'header_logout', $menu->name );
$params->def( 'pageclass_sfx', '' );
$params->def( 'back_button', $mainframe->getCfg( 'back_button' ) );
$params->def( 'login', $mosConfig_live_site );
$params->def( 'logout', $mosConfig_live_site );
$params->def( 'login_message', 0 );
$params->def( 'logout_message', 0 );
$params->def( 'description_login', 1 );
$params->def( 'description_logout', 1 );
$params->def( 'description_login_text', _LOGIN_DESCRIPTION );
$params->def( 'description_logout_text', _LOGOUT_DESCRIPTION );
$params->def( 'image_login', 'key.jpg' );
$params->def( 'image_logout', 'key.jpg' );
$params->def( 'image_login_align', 'right' );
$params->def( 'image_logout_align', 'right' );
$params->def( 'registration', $mainframe->getCfg( 'allowUserRegistration' ) );


Replace entire section, New Code:

Code: Select all

$params->def( 'page_title', 1 );
$params->def( 'header_login', $menu->name );
$params->def( 'header_logout', $menu->name );
$params->def( 'pageclass_sfx', '' );
$params->def( 'back_button', $mainframe->getCfg( 'back_button' ) );
$params->def( 'login', $mosConfig_live_site );
$params->def( 'logout', $mosConfig_live_site );
$params->def( 'login_message', 0 );
$params->def( 'logout_message', 0 );
//START ADDED FOR REDIRECT
$params->def( 'login_redirect',   0 );
//END ADDED FOR REDIRECT
$params->def( 'description_login', 1 );
$params->def( 'description_logout', 1 );
$params->def( 'description_login_text', _LOGIN_DESCRIPTION );
$params->def( 'description_logout_text', _LOGOUT_DESCRIPTION );
$params->def( 'image_login', 'key.jpg' );
$params->def( 'image_logout', 'key.jpg' );
$params->def( 'image_login_align', 'right' );
$params->def( 'image_logout_align', 'right' );
$params->def( 'registration', $mainframe->getCfg( 'allowUserRegistration' ) );


Step 2. Open components\com_login\login.html.php

On or around line 125, Original Code:

Code: Select all

      <input type="hidden" name="op2" value="login" />
      <input type="hidden" name="return" value="<?php echo sefRelToAbs( $return ); ?>" />
      <input type="hidden" name="lang" value="<?php echo $mosConfig_lang; ?>" />
      <input type="hidden" name="message" value="<?php echo $params->get( 'login_message' ); ?>" />
      <input type="hidden" name="<?php echo $validate; ?>" value="1" />
      </form>


Replace entire section, New Code:

Code: Select all

      <input type="hidden" name="op2" value="login" />
      <input type="hidden" name="return" value="<?php echo sefRelToAbs( $return ); ?>" />
      <input type="hidden" name="lang" value="<?php echo $mosConfig_lang; ?>" />
      <input type="hidden" name="message" value="<?php echo $params->get( 'login_message' ); ?>" />
<!-- START ADDED FOR REDIRECT -->
      <input type="hidden" name="iis" value="<?php echo $params->get( 'login_redirect' ); ?>" />
<!-- END ADDED FOR REDIRECT -->
      <input type="hidden" name="<?php echo $validate; ?>" value="1" />
      </form>


GOOD LUCK!  :)
Last edited by IdeasUnknown on Tue Feb 27, 2007 5:16 am, edited 1 time in total.

digitalmaster
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 148
Joined: Wed Nov 08, 2006 7:57 pm

Re: Proposed Solution: Double Login Issues

Postby digitalmaster » Thu Mar 01, 2007 9:30 pm

I'm using 1.0.12 and I'm having the same problem.

User logs in from front page. It refreshes, but shows them as logged out. They click a link, get error. Then click home, or one of the other links on the menu and are redirected to the page and are correctly logged in. So, I really really really need this problem fixed. My company trusted me to get this website done, they were prepared to pay to have me get a CMS and I said, rather than doing that, open source is great and we can use that, set it up, then donate after we have it all working... So they approved my request, yet now I'm not giving them any reasons to donate as this issue is the main issue I'm dealing with...

I don't care if I have to upgrade to 1.5, but I really need this fixed... Please, someone who has had this please help...

User avatar
Jack Goa
Joomla! Intern
Joomla! Intern
Posts: 99
Joined: Fri May 19, 2006 7:09 pm
Location: South Africa
Contact:

Re: Proposed Solution: Double Login Issues

Postby Jack Goa » Fri Mar 02, 2007 6:52 am

I have had this problem a couple of times now. Without fail, this is what I have found. I've tested it and it happens every time.
Whenever you install Joomla! in a sub-folder, this happens. Also, if you install it in a sub-domain, but the sub-domain actually points to a sub folder in your root directory, it happens... Don't ask me why? I've tried messing around with .htaccess, and all and all, don't have enough knowledge to be able to fix it...
Joomla kicks WP's butt.

User avatar
mcsmom
Joomla! Exemplar
Joomla! Exemplar
Posts: 7985
Joined: Thu Aug 18, 2005 8:43 pm
Location: New York
Contact:

Re: Proposed Solution: Double Login Issues

Postby mcsmom » Fri Mar 02, 2007 8:44 pm

This is almost always due to logging in from an incorrect livesite. If your livesite says http://www.mydomain.com users must login from there, not from mydomain.com. You can use htaccess to always force this or there are some other solutions such as changing your configuration so that the livesite has a variable.
So we must fix our vision not merely on the negative expulsion of war, but upon the positive affirmation of peace. MLK 1964.
http://officialjoomlabook.com Get it at http://www.joomla.org/joomla-press-official-books.html Buy a book, support Joomla!.

User avatar
Jack Goa
Joomla! Intern
Joomla! Intern
Posts: 99
Joined: Fri May 19, 2006 7:09 pm
Location: South Africa
Contact:

Re: Proposed Solution: Double Login Issues

Postby Jack Goa » Sat Mar 03, 2007 8:14 am

Nope, checked that out as well, no cigar.
Joomla kicks WP's butt.

mojazz
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Fri Jul 21, 2006 2:56 am

Re: Proposed Solution: Double Login Issues

Postby mojazz » Wed Mar 14, 2007 6:49 pm

Re: Enno's comments on 18 Jan 2007 --

Joomla! devs can continue burying their heads in the sand if they so choose... I have never had the frustrating login problems with any piece of software I have used on my server hosts - open source or otherwise - that I have had with Joomla!  It's a simple user login for crying out loud.

Because these issues fail to be rectified, as one user commented "version after version", I am having to move my clients away from Joomla! I can appreciate the concern for security. (You're achieving perfect security for many users as they can't get in all). My clients simply will not put up with the fact that users cannot use their sites - and it is not the server this or that - other apps work perfectly fine. It's Joomla! that can't get it together.

I'm sorry if that sounds harsh... and to those who've had no problems it probably does... but as someone who has had to dig into Joomla! code to fix multiple sites on multiple hosts that all experience these problems, I have come to the end of my patience.

nerivon
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Tue Sep 19, 2006 1:12 am
Location: Toronto Ontario
Contact:

Re: Proposed Solution: Double Login Issues

Postby nerivon » Thu Apr 12, 2007 3:02 pm

A while back in this forum, someone asked about having a module or add-on to change the LiveSite.
Though its customized and a bit... rough.. I wrote this mambot as part of an effort to create a working multi-sites installation. I'm having the login issues that everyone is talking about here too, ... with my multi-sites... so its been an interesting read. But I thought i would contribute by providing my mambot here for the person who was looking for one.

This mambot is triggered by the "onStart" event, and runs before other code is loaded. It effectively changes the mosConfig_live_site setting to whatever you want. So far though there have been problems with the odd bit of code just... "loading up the configuration.php" file over again to grab variables... its a pain, but for most components so far that I've tested, this mambot seems to work well enough.

(NOW BEAR IN MIND, this is intended to work in conjunction with OpenSEF to get the URL's to work right, this mambot just allows you to customize the mosConfig_live_site, it doesn't "make" multi-sites work all on its own or anything).
You do not have the required permissions to view the files attached to this post.
Chris Broumley, Web Developer, CBS Group Ltd, http://www.cbsgroup.com

robfahy
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Tue May 29, 2007 9:11 am

Re: Proposed Solution: Double Login Issues

Postby robfahy » Tue May 29, 2007 9:44 am

Hi. I had the same login issues using IIS and tried all the suggested solutions, but nothing seemed to work.
Eventually by trying everything I could think off, I unpublished mod_cblogin and published mod_login. Evertyhing works perfectly now. I'm not sure why or how, but am glad that my site finally works. Maybe this might fix it for some other people who are at their wits end.

Rob.

User avatar
Beat
Joomla! Guru
Joomla! Guru
Posts: 837
Joined: Thu Aug 18, 2005 8:53 am
Location: Switzerland
Contact:

Re: Proposed Solution: Double Login Issues

Postby Beat » Tue May 29, 2007 10:25 am

robfahy wrote:Hi. I had the same login issues using IIS and tried all the suggested solutions, but nothing seemed to work.
Eventually by trying everything I could think off, I unpublished mod_cblogin and published mod_login. Evertyhing works perfectly now. I'm not sure why or how, but am glad that my site finally works. Maybe this might fix it for some other people who are at their wits end.

Rob.


I just reproduced same problem here with mod_cblogin 1.0.2 on very latestest joomla 1.0 svn after a timed-out session in some cases. Will investigate and fix. Thanks for reporting. 8)
Beat 8)
www.joomlapolis.com <= Community Builder + CBSubs Joomla membership payment system - team
hosting.joomlapolis.com <= Joomla! Hosting, by the CB Team

mvdw
Joomla! Apprentice
Joomla! Apprentice
Posts: 34
Joined: Tue Aug 15, 2006 2:11 pm

Re: Proposed Solution: Double Login Issues

Postby mvdw » Sun Jun 10, 2007 4:01 pm

Beat

Has the problem been solved for cb_login and Joomla 1.0.12?  I have also changed back to the mod_login, but I am using CB so would like to receive the changed login module.

Thanks
Mariana

digitalmaster
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 148
Joined: Wed Nov 08, 2006 7:57 pm

Re: Proposed Solution: Double Login Issues

Postby digitalmaster » Mon Jun 11, 2007 2:00 pm

Any new information regarding this issue?

robba
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 12, 2007 1:57 pm

Re: Proposed Solution: Double Login Issues

Postby robba » Tue Jun 12, 2007 3:56 pm

here is my issue, and this is killing me...

when i pull up the page http://www.mydomain.com/index.php?optio ... task=login
and I login

I get redirected to http://mydomain.com/index.php somewhere the www is being stripped and not letting the users in, how do I fix this?

My config.php file has the www, and i have tried this as well $mosConfig_live_site = 'http://' . $_SERVER['HTTP_HOST'] . '/';

also I have run the 2 new files in the orginal post, with no luck.

User avatar
burek
Joomla! Intern
Joomla! Intern
Posts: 87
Joined: Fri Nov 17, 2006 12:20 pm

Re: Proposed Solution: Double Login Issues

Postby burek » Sun Apr 20, 2008 10:23 pm

[quote="robba"]here is my issue, and this is killing me...

when i pull up the page http://www.mydomain.com/index.php?optio ... task=login
and I login

I get redirected to http://mydomain.com/index.php somewhere the www is being stripped and not letting the users in, how do I fix this?

My config.php file has the www, and i have tried this as well $mosConfig_live_site = 'http://' . $_SERVER['HTTP_HOST'] . '/';

also I have run the 2 new files in the orginal post, with no luck.[/quote]

This looks like you have a Community Builder on your site, and if that's the case, check its' configuration, especially what's the redirected page, after a successful login.

User avatar
pe7er
Joomla! Master
Joomla! Master
Posts: 21933
Joined: Thu Aug 18, 2005 8:55 pm
Location: Nijmegen, The Netherlands
Contact:

Re: Proposed Solution: Double Login Issues

Postby pe7er » Mon Apr 21, 2008 6:10 am

Add the following code to your .htaccess file to force all traffic to http://www.yoursite.com:

Code: Select all

RewriteCond %{HTTP_HOST} ^yoursite\.com [NC]
RewriteRule (.*) http://www.yoursite.com/$1 [R=301,L]
Kind Regards,
Peter Martin, Global Moderator
https://db8.nl - Joomla specialist, Nijmegen, Nederland
Co-founder of data2.eu GDPR Tool https://data2.eu/en/gdpr-tool

User avatar
pochat
Joomla! Apprentice
Joomla! Apprentice
Posts: 9
Joined: Wed Nov 26, 2008 9:25 pm

Re: Proposed Solution: Double Login Issues

Postby pochat » Fri Jan 16, 2009 7:54 pm

[quote="pe7er"]RewriteCond %{HTTP_HOST} ^yoursite\.com [NC]
RewriteRule (.*) http://www.yoursite.com/$1 [R=301,L][/quote]

This fixed it for me, thanks a lot!!

Joomla 1.5
hostgator Unix server


Return to “Superseded Issues - Archive”

Who is online

Users browsing this forum: No registered users and 3 guests