danfreak - 22 March 2007 04:06 AM

edwardmolasses - 21 March 2007 06:14 PM

hi there,

I wanted to say thank you for making this extension! I’m quite new to it, so i hope this isn’t a very silly question. I’m having some problems that i think might have something to do with sessions. I’ve installed it and according the installer, everything went okay. I can login okay, but as soon as i go to another page, i’m no longer logged in (for example, i login and then go to change password and it no longer says i am logged in; or i login as the admin, and then click on one of the admin menu options and it sends me back to the login).

andrew.

Hey Andrew, your welcome!
cheers for yous “help summary” in the wiki

Well yours is a strange issue!

Well ou said you have cookies enabled, and that your session is written ok in DB.

did you change any setting in the application/config/config.php ?

Dan

hi Dan,

Thanks for answering! Ack, a strange issue doesn’t sound very good! Perhaps it’s some server setting. Could it have something to do with using PHP4 perhaps?

I did make a couple changes to config.php. I set error logging to 4, and i added some global constants at the end which i just use for some standard messages to the user in the rest of my application. So it doesn’t seem like they should interfere with anything.
I have a link here to my error log.
I’ve pasted a couple of the messages from that log that seem suspicious and that i don’t really understand. Do you think there is anything there that might indicate the problem?

thank you!
andrew.

...
DEBUG - 2007-03-22 14:19:08—> Config file loaded: config/freakauth_light.php
DEBUG - 2007-03-22 14:19:08—> Helpers loaded: url, form, array, freakauth_light, html
DEBUG - 2007-03-22 14:19:08—> Database Driver Class Initialized
DEBUG - 2007-03-22 14:19:08—> FreakAuth Class Initialized
DEBUG - 2007-03-22 14:19:08—> Session Class Initialized (db)
ERROR - 2007-03-22 14:19:08—> Severity: Notice —> unserialize() [<a href=‘function.unserialize’>function.unserialize</a>]: Argument is not a string /homepages/34/d160587096/htdocs/test/system/application/libraries/Db_session.php 208
...
DEBUG - 2007-03-22 14:19:08—> Encrypt Class Initialized
ERROR - 2007-03-22 14:19:08—> Severity: Notice —> unserialize() [<a href=‘function.unserialize’>function.unserialize</a>]: Error at offset 0 of 15 bytes /homepages/34/d160587096/htdocs/test/system/libraries/Session.php 187
ERROR - 2007-03-22 14:19:08—> The session cookie data did not contain a valid array. This could be a possible hacking attempt.
DEBUG - 2007-03-22 14:19:08—> Controller Class Initialized
DEBUG - 2007-03-22 14:19:08—> Language file loaded: language/english/freakauth_lang.php
DEBUG - 2007-03-22 14:19:08—> Model Class Initialized
DEBUG - 2007-03-22 14:19:08—> Validation Class Initialized
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/template/menu.php
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/template/header.php
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/content/login.php
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/template/content.php
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/template/footer.php
DEBUG - 2007-03-22 14:19:08—> File loaded: /homepages/34/d160587096/htdocs/test/system/application/views/FreakAuth_light/template/container.php
DEBUG - 2007-03-22 14:19:08—> Final output sent to browser
DEBUG - 2007-03-22 14:19:08—> Total execution time: 0.2298

Well I’m aware of this

But no clue about the other. Never happened to anybody else.

Let me know. I gotta go now!

edwardmolasses - 21 March 2007 06:14 PM

I can login okay, but as soon as i go to another page, i’m no longer logged in (for example, i login and then go to change password and it no longer says i am logged in; or i login as the admin, and then click on one of the admin menu options and it sends me back to the login).

andrew.

Are you loading any other session libraries? Look in your autoload config file.
Also try using the profiler to see what session ID is being created and queried in the database.

codelearn - 22 March 2007 11:40 AM

Danfreak,

How would I let levels 3 and 4 to access the admin console upon login?

It’s a good idea to let people be redirected where the webmaster decided them to go.
In a recent post you told us that you sorted this out.
Did you change the _login function?

I think we could make $this->config->item(‘FAL_login_success_action’) an array (‘role’=>‘page’) and something like this instead of the switch:

This could be more powerful in terms of customisation.

@edwardmolasses

Do you maybe use global XSS filtering in you config file?

Dan

@Grahack

Yes, I edited that function to also admit some other roles to access the admin panel. Your way is nice because we can also easily redirect to user profiles and etc.

I may make that change.

If you do so please give us your valid code, mine is not tested at all.

Hey grahack, you finally changed your pic!

So happy the previous one was so frightening!

my real one is this: Mr.danfreak…

Two reasons : the Spring and I’m now a “Junior Member”.

Sorry I have not enough muscles to show on my photo

grahack - 23 March 2007 10:35 AM

Two reasons : the Spring and I’m now a “Junior Member”.

Sorry I have not enough muscles to show on my photo

...that pic has been taken something like 1566 years ago: I’m 350Kg now + I’m white like a cadaver after all hours spent on FAL

hahaha and i was wond’rin why i looked like a vampire since some months. i started to believe lcd/crt removes the color of the skin. or is it because i’m livin more on the night-times? cool climbing btw dan, you should sometime come over to turkey/oludeniz; good places for vacation & climbing.
btw back once more after some bigger hardware crashdown. will check out FAL-latest these days…
cheerz!

ddasinger - 22 March 2007 08:45 PM

edwardmolasses - 21 March 2007 06:14 PM

I can login okay, but as soon as i go to another page, i’m no longer logged in (for example, i login and then go to change password and it no longer says i am logged in; or i login as the admin, and then click on one of the admin menu options and it sends me back to the login).

andrew.

Are you loading any other session libraries? Look in your autoload config file.
Also try using the profiler to see what session ID is being created and queried in the database.

Thanks for the suggestions guys! It was a frustrating couple of days. Thanks Dan, i didn’t have the global xss filtering on though. To answer ddasinger, that was it, thank you so much, i feel very silly now. I had autoloaded the session library as well as freakauth. Everything is working okay now.

Sorry everyone for my very silly mistake, and thanks so much for the help!

hi there again,

Maybe this has been asked before and i’ve missed it looking through this thread, but i wasn’t sure of the best way to add new profile fields to the registration and user profile? Is there a traditional way to do this with freakauth?

I’ve noticed the custom user fields settings in the freakauth_light.php config file which correspond to the FA_user_profile table in the database. So i was thinking that i should add my fields in here and also modify the register.php template, but i wasn’t sure exactly how, is there some sample code for doing this or documentation?

thanks!
andrew.

Hey Dan,

Just wanted to say thanks for making this great library.  It’s great that you’re so active in making this a success.  I’m not sure if you’ve fixed this in your next release, but I found a few places where the template directory was hard-coded instead of using the config variable.  I’ve listed all the values I could find as a line number and what the line should read.  The only change for each line was replacing :

with

Thanks again for all your excellent work on this library.

Hello

Does anyone know how to prevent 2 or more people to log at the same time with the same username and password?