SimplePortal
Support => English Support => Topic started by: MultiformeIngegno on April 05, 2010, 05:55:29 AM
-
Hi! :)
This bug I've found is not a SimplePortal bug, it's a SMF bug. I'm reporting it here because it happens also with SP, in standalone mode (if you have the forum in a subdomain and the portal in the main domain).
http://dev.simplemachines.org/mantis/view.php?id=4244
I re-post here the procedure to reproduce it on a common SSI page (to try it in SimplePortal: if you have the forum in a subdomain and the portal in the main domain, you only need to try to login from the portal, you'll get a "password wrong" error):
OK, I'm able to reproduce clearly this issue. Here's the procedure:
You have a freshly installed SMF 2.0 RC3 in a /test_forum folder. Now create a subdomain, testforum.yourdomain.com (that of course has test_forum as main dir). Now change the forum url to use the subdomain. OK. Create a new folder in your server (out of the forum one), called /test_ssi. Now put there your ssi file, called myssifile.php:
<?php
// Layers to be utilized
$ssi_layers = array('html', 'body');
//This is the SSI.php file in the Board dir.
require('../test_forum/SSI.php');
?>
My test file!
<?php
ssi_shutdown();
?>
Now create another subdomain so you have testssi.yourdomain.com (with of course /test_ssi as main directory). Now clear your cookies/cache/everything and go to -> testssi.yourdomain.com/myssifile.php. You should see your ssi-based file with (of course) the login box. Now try to login, you should get the "password wrong" error and all the behaviors that we've talked about (sessions number that changes at every refresh, etc...)!
ALL THIS HAPPENS WITH THE OPTIONS "Use subdomain independent cookies" ON and "Enable local storage of cookies" OFF!
If you're on the same subdomain or without subdomains, you don't have these issues (or at least I can't reproduce 'em!).
:)
I hope this is useful...
-
I'll take a look at this later, but if it needs a lot changes as they, we won't be fixing it as SimplePortal.
I'm marking this as solved in the mean time and moving the the support boards.
-
Hello Sinan... I see you sometimes in the smf bug tracker (4244 (http://dev.simplemachines.org/mantis/view.php?id=4244))...
Sorry to bump this but.. IMHO it's really important to have this fixed before the next release!
To help you I've created a test board to reproduce it, you can find it here:
FORUM: http://testforum.rockciclopedia.com
SSI-PAGE: http://testextra.rockciclopedia.com
I've created also a test-user.
Go to the SSI-PAGE link provided above, then insert this data in the header login box: "demo" & "password"
You'll receive a "password wrong" error, then try to login again always with demo & password (now you're in the forum) and it will work. Then try to logout from the ssi-page, it won't work.
-
Problem has been solved (http://www.simplemachines.org/community/index.php?topic=374064.msg2666071#msg2666071) by Nao! ;)
It was caused by the Suhosin patch installed on the server!