[SOLVED] Session expired or cookies are not enabled in your

13 years 3 months ago #148479 by makitso
There have been many posts over the last few years that have dealt with the “Session expired or cookies are not enabled in your browser...” problem. Some have been resolved with configuration changes.

However, there has been one that is most elusive – only getting this error at certain times of the day. I have tracked down what I think is the problem and IMO, a reasonable fix.

The problem begins when one's hosting site and GMT are separated by one day. So, it its 6:01 PM in the central timezone (GMT -6) in the U.S on Dec 12, then its 00.01 AM GMT Dec 13.

This problem is reproducible not only on my hosting site but also on my dev system that is on my desktop, using different browsers, OS's etc. So, what I am saying is that is not a hosting issue.

It looks as though the function cbSpoofCheck return false to function login, which then proceeds to expire the session. The spoof code is very complicated and I do not understand how it works. However this change fixed the problem for me.

CB Version 1.2.3
File: components/com_comprofiler
function login

around line 1183, change $spoofCheckOk = false; to $spoofCheckOk = true;

Post edited by: makitso, at: 2010/12/12 15:26

Post edited by: krileon, at: 2010/12/15 22:02

Please Log in to join the conversation.

13 years 3 months ago #148595 by krileon
I can see the time difference certainly being an issue as the session wouldn't match up (already expired). You need to configure within your Joomla configuration the offset to ensure the time matches up (play with it until times in your database session table are correct). Otherwise Joomla/CB will be setting/checking an expired session!


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

13 years 3 months ago #148614 by makitso
Krileon,

That sounded like a great idea. However, under Local Settings - Timezone, changing it to UTC-06:00 made no difference.

For what its worth, I have another joomla/CB vanilla install on my desktop system. That system does not have the problem that our production local system has. So, I can test both versions and one fails and the other does not. I am sure that some plugin is causing the problem. But, if its works up to 20:00 GMT-6 why not after that?

Rob

Please Log in to join the conversation.

13 years 3 months ago #148649 by krileon

That system does not have the problem that our production local system has.

Don't understand. You've a localhost for development and a localhost for production? 1 works and 1 doesn't? Aren't they exactly the same? or did you mean the production is on a live host (not local)?

I am sure that some plugin is causing the problem.

What's different between your production and development server? I would disable everything that is different to see if there truly is a conflict.

But, if its works up to 20:00 GMT-6 why not after that?

Not a clue, perhaps some sort of "maintenance" the host is performing around that time such as an apache reload/refresh that's killing all existing sessions.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

13 years 3 months ago #148653 by makitso
Krileon,

I have a development system in my home with Ubuntu and a LAMP environment. On that system I have a copy of our production -- hosted -- system that runs on on Lunarpages. The timeout happens on both systems, so one can't blame the hosting company.

Last nights testing showed that the $_CB_framework object is being truncated after 6 PM.

The last thing printed from the after 6 PM run was

Array ( [jqueryui/ui.all.css] => Array ( [0] => [1] => ) ) ) )


In a normal run this is what comes next

Array ( [jqueryui/ui.all.css] => Array ( [0] => [1] => ) ) ) ) 13/12/10 : 18:25:04 DATE=13122010 POST=Array ( [username] => petersra [passwd] => 9999x [op2] => login [lang] => english [force_session] => 1 [return] => B:aHR0cDovL2xvY2FsaG9zdC8= [message] => 0 [loginfrom] => loginmodule [cbsecuritym3] => cbm_36311db5_3d1ecefe_1fd377814b6a2ead0cc13b2bf4770003 [jb1fee5ead47793ba1b0d0f1cc7275df6] => 1 [Submit] => Login ) SPOOF=cbm_36311db5_3d1ecefe_1fd377814b6a2ead0cc13b2bf4770003 SECRET=cbm_36311db5_3d1ecefe_1fd377814b6a2ead0cc13b2bf4770003

So, all the POST data, the SPOOF and SECRET are missing and thus the command fails.

**********************

Please Log in to join the conversation.

13 years 3 months ago #148671 by krileon
Interesting, were you able to find an differences between the production and development servers? For example something installed on the production server that is not on the development server? Have you tried removing those differences? Logically makes no sense for 1 install to not function and another to function. This would lead to believe a 3rd party conflict is present; likely something touching sessions. It could be caching or even a security extension.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

Moderators: beatnantkrileon
Time to create page: 1.637 seconds

Facebook Twitter LinkedIn