[SOLUTION J1.0.12-] www issue: login doesn't keep

12 years 1 month ago #47364 by baccanasta
As I readed in this forum, a lot of people has (or had) some problems when using www in their site name.
In fact there was an issue when going to www.site.com and trying to login.

But I found another problem with www; maybe this wasn't hard to fix, but I would like to post my solution.
This is the situation: the login works for both sites, so you can login from site.com and www.site.com ; in both cases after the login you are redirected to site.com (by the option in the cb configuration) and you can use the site as you wish.
But if while you are logged in you go to www.site.com , you will not be logged in; if you return to site.com you will be logged in again.
So the problem is: the www site doesn't maintains the login status.

The main problem is in the usage of cookies. Your site is configured as site.com, so cookies are created for site.com. If you go to www.site.com , joomla doesn't find correct cookies and so you will not be logged in.

The solution is to find a way to make the site believes you are on site.com even if you are on www.site.com .
First I tried a solution that works for subdomains: write
php_value session.cookie_domain ".site.com"
in the htaccess file of subdomains folders and the session of xxx.site.com will be shared with www.site.com .
Doesn't work for me, but you can try.
In this case if your php is loaded as cgi you must write the line in the php.ini of your domain (usually there is a local version of php.ini).

Then I tried to modify manually the cblogin code, but I didn't find the place where cb retrieves the site name. I knew that I had to modify the use of the $_SERVER["HOST_NAME"], with $_SERVER["DOMAIN_NAME"].
So...doesn't work.


At last the solution:
in your htaccess file, even if php is not loaded as module, write:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.site.com$
RewriteRule ^(.*)$ site.com/$1

This will redirect you to site.com everytime you try to access www.site.com .
So this solution should work for every issue related to www.

Hope this will help.

EDITED TITLE FOR SOLVED AND JOOMLA VERSIONS.

Post edited by: beat, at: 2007/10/07 15:54

Post edited by: baccanasta, at: 2007/10/08 01:16
12 years 1 month ago #47377 by beat
Cool, thanks for sharing and posting a good FAQ about this Joomla problem. Will make this a sticky and edit title to reflect problem.

Yes this is a Joomla 1.0.12 and below cookies issue.

Mambo 4.5.5 and 4.6.2, as well as Joomla 1.0.13 and Joomla 1.5.x are not affected by the login issue, but for SEO optimization, you want to have only one site, so adding the Apache .htaccess rules make sense for all installations.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
12 years 1 week ago #49411 by dmcgavock
Yikes

I am running Joomla 1.0.13 and IE7 with CB 1.1.

I am having the www problem. If I try to login without www everything is fine. When I have www in the address bar, I just loop back to the page as unlogged in.

I tried the htaccess fix changed the domain name from site.com to my domain however I get a 500 error.

I guess 1.0.13 is still vulnerable and perhaps the syntax on the htaccess code is not valid. Would SEF have an impact?

Dennis
12 years 1 week ago #49423 by dmcgavock
I have a workaround in place/

In mod_cblogin.php I have replaced:

$loginPost = sefRelToAbs("index.php?option=com_comprofiler&task=login");

with
$loginPost = (" site.com/index.php?option=com_comprofiler&task=login ");

As it goes through the login process it will still route the user to www.site.com .

I don't know how this could be turned into a permanent fix.

Dennis
12 years 4 days ago #49765 by rteeples
Has anyone tried this solution?

There are lots of forums addressing this problem in varying ways, but there doesn't seem to be a clear solution.

For my site (pfxglobal.com), the problem only exists in IE.

Basically, a user logs in, and after viewing a couple pages, they are logged out.

It's an infuriating problem, and it kills any ability to make community work.

Please reply if you have figured out a solution or tried the one recommended above.
12 years 2 days ago #49901 by dmcgavock
The workaround doesn't fix the issue. It only allows me to login at the home page, once I navigate off the home page the session is lost.

I have tried an htaccess mod
php_value session.save_path tmp

This has no impact for me.

Does anyone know a FIX for this issue. Surely other Joomla sites have a lot of users on IE that are being impacted.

Dennis
Moderators: beatnantkrileon
Time to create page: 0.428 seconds
Facebook Twitter Google LinkedIn