Jump to content

Totally unable to login to Admin CP

Recommended Posts

I've got my forum setup on a subdomain of "forums" and I've got my main site integrated with IPS. It all works locally, but when I've gone to do it for real, the cookie from the forum is not setting accross the whole domain. Does anyone have any idea how to achieve this?

I've added this to my constants.php file, but it's not recognising it off the forums subdomain:

define( 'COOKIE_DOMAIN', '.strongholdnation.co.uk' );
define( 'COOKIE_PREFIX', '' );
define( 'COOKIE_PATH', '/' );

P.S. Both parts are using SSL also.

Edited by Chris89
Link to comment
Share on other sites



Session Support enabled
Registered save handlers files user
Registered serializer handlers php_serialize php php_binary
Directive Local Value Master Value
session.auto_start Off Off
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_samesite no value no value
session.cookie_secure 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.lazy_write On On
session.referer_check no value no value
session.save_handler files files
session.save_path /opt/alt/php74/var/lib/php/session /opt/alt/php74/var/lib/php/session
session.serialize_handler php php
session.sid_bits_per_character 4 4
session.sid_length 32 32
session.upload_progress.cleanup On On
session.upload_progress.enabled On On
session.upload_progress.freq 1% 1%
session.upload_progress.min_freq 1 1
session.upload_progress.prefix upload_progress_ upload_progress_
session.use_cookies 1 1
session.use_only_cookies 1 1
session.use_strict_mode 0 0
session.use_trans_sid 0 0

Some PHP.INI settings on cookies in case it can help anyone to get any more info

Link to comment
Share on other sites

I already have a ticket in with support about this but they don't get back until (I assume) Monday. Basically, I'm completely unable to login to my admin CP, even though my login username and password is correct. I've tried on multiple devices, multiple browsers and multiple accounts with varying levels of admin access. It just keeps redirecting me back to the login page (no errors) with a query string similar to this: ?adsess=86d50dcc930de1a89a8ecb0e2cf0d543&app=core&module=system&controller=login&error=NO_COOKIE&ref=Jg==

It's always the same- the error query string is "NO_COOKIE". I have no idea why this is occuring, but it's now happened for me in three different environments. When I used a business class grade server on my old isntallation (a total clean install without plugins), it was happening on there all of a sudden out of the blue. I took it as maybe an error on the old version, as that one was running 4.3. But when I've recently tried 4.4 on my local installation, it was also happening on there. Support wouldn't assist me in that case because apparently IPS don't support test installations anymore.

From some debugging I did myself on this local installation, I managed to prevent the error & login correctly if I commented out lines 80-83 in the file system\Session\Admin.php. This is obviously no good on a live server though, because it's less secure and doesn't verify the session correctly.

From some other debugging I did at the same time, it seemed as if my Session ID was changing each time I loaded the page or was redirected back to the login page, which I assume was the cause of this error. I have no idea whether this is some specific server setting or what, but it was fixed when the session ID stopped changing by itself.

I'm just wondering really whether any other members of the community have witnessed or experienced this problem themselves, and what the cause of it was for them if they had. The only thing I can think of is that it's just a PHP configuration error, but I find that hard to believe that IPS or more users wouldn't have found this when I've found it in three hosting environments, generally out of the box installations of PHP.

Edited by Chris89
Link to comment
Share on other sites

Thanks for your reply. I've just checked via phpinfo() and it is setting correctly. Unfortunately I'm on shared hosting so changing anything to do with Apache/nginx is totally out of my control on this one. Any other fixes you're aware of?

Link to comment
Share on other sites

Turns out the issue is due to cookie settings that I specified in constants.php to try and get the cookie accross the whole domain. IPS now won't assist me. If a mod is reading this topic, it's possibly a good idea to merge it with my other topic here:


Link to comment
Share on other sites

After some more debugging:

These are two print_r() occurences of $_COOKIE. The first is from my forums subdomain, and the second is from the main domain. The cookies seem to be setting fine accross both parts of my site. I don't understand why it's not registering I'm logged in.

Forums subdomain:

Array ( [IPSSessionFront] => b52ab2e2beb6179bee5fc2932a01c720 [guestTime] => 1593960120 [ipsTimezone] => Europe/London [__cfduid] => ** [_ga] => ** [_gid] => ** [hasJS] => true [device_key] => 498c56281eb73e32f70f12b96b98d1e2 [member_id] => 2 [login_key] => 98a7496953476166f62f2636bb7de45c [loggedIn] => 1 [cpsession] => ** ) 

Main domain:

Array ( [__cfduid] => ** [_ga] => GA1.3.211408320.1593959883 [_gid] => ** [_gat_gtag_UA_58106165_1] => * [hasJS] => true [device_key] => 498c56281eb73e32f70f12b96b98d1e2 [member_id] => 2 [login_key] => 98a7496953476166f62f2636bb7de45c [loggedIn] => 1 [IPSSessionFront] => b52ab2e2beb6179bee5fc2932a01c720 [guestTime] => 1593959947 [ipsTimezone] => Europe/London ) 

It seems to be an issue with $_SESSION. I've used print_r() on the SESSION variable on both the forums subdomain and my main domain using this code (amending the directory path for each location):

define('IPS_ROOT', __DIR__.'/include/subdomains/community/');
require IPS_ROOT.'init.php';

echo \IPS\Member::loggedIn()->name;

The forums subdomain will display the data fine, but as soon as I go to the main domain it wipes the member name and starts displaying hashed again, as I was getting in this topic: https://invisioncommunity.com/forums/topic/457157-integrate-ips-with-my-own-website/

After I've visited the main domain page, I'm logged out of the forums entirely and have to log back out again. This is such a weird glitch ........

Link to comment
Share on other sites

Thanks for you reply. Sadly, I actually tried it without the dot first- this wouldn't even allow me to login at all, even on the forums subdomain. It's only with the dot that I could login on the forum. Or totally blank.

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...