Closed (fixed)
Project:
Protected Node
Version:
6.x-1.7
Component:
Code
Priority:
Major
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
13 Mar 2012 at 11:17 UTC
Updated:
25 Mar 2012 at 14:01 UTC
after the user enters the correct password, the page tries to access the page but for some reason it stays on the protected-node page. it does not display the protected content. if the user enters the wrong password it recognizes that its wrong.
Comments
Comment #1
AlexisWilke commentedHi ashabi,
I'm not sure I understand what you're saying here...
A user goes to your protected node, enters the proper password, and it asks him for the password again and again? Is that what you're trying to say?
I see that the wrong password behavior is as expected. Good.
Thank you.
Alexis
Comment #2
ashabi commentedYes that is exactly what is happening. Its like the correct password is not actually unlocking the page.
Comment #3
AlexisWilke commentedAshabi,
Just in case, you need to have cookies working... Are your cookies turned off? If so then it wouldn't work indeed.
Thank you.
Alexis
Comment #4
ashabi commentedcookies are fine. i installed a fresh copy of drupal and the module worked ok. then i installed all other modules one by one to see if there was a clash and it too worked ok. the only difference is that the live site is working on a regular linux on a godaddy server. my local drupal is running off an appserv. could there be a difference in the configuration on the godaddy server that would not allow it to work?
Comment #5
AlexisWilke commentedAs far as I know GoDaddy uses Apache on Linux. There is really no reason why the cookies would fail. I use a session variable, so the cookie itself is named by PHP. However, the session tables are being managed by Drupal and once in a while they delete older cookies (mainly anonymous users cookies that did not come back to your site within hours/days...) If somehow that process deletes the sessions too quickly, then it would fail.
Now I'd be really surprised, but you can see it in your database. The table is called sessions and the data is a serialized PHP array. If the table is empty, then that's certainly the problem. It should nearly never be empty (unless you have 0 hits for a while...)
Comment #6
ashabi commentedSessions table is fine and working. What about any configuration apache issues? mod_rewrite? (Just throwing possible ideas out there to help try to figure out the issue)
Comment #7
AlexisWilke commentedHmmm... the session is probably just fine. As a test you should be able to enter the password and then go to the protected page. It should not be protected anymore.
The redirect makes use of the $_GET['destination'] variable. More precisely, they use the $_REQUEST['destination'] variable, and that can be overwritten in a form... Now what's strange is that you tried with the same modules on another Drupal system and it worked just fine. So I'm not too sure how I could explain the difference.
In most cases, I have had to check the variables to debug such problems. It's an ugly process... I'm not too sure how I can help you further at this point.
One thing, at least, do you see the ?destination=... variable in the URL when you go to a protected page?
According to this page: http://www.php.net/manual/en/reserved.variables.request.php
the order of the variables is defined in the php.ini as defined here: http://www.php.net/manual/en/ini.core.php#ini.variables-order
There are a few examples here:
With ssh access you can see the file since it can be read by anyone on a Linux server. But I'd be surprised that would be different from the usual default (i.e. GPCS, and not EGPCS.)
This still doesn't really explain the source of the problem.
Thank you.
Alexis Wilke
Comment #8
ashabi commentedHi. I appreciate you trying to help.
These are my findings:
1. Yes there is a destination. It says ?destination=node/165
2. I have variables_order = "GPCS"
when I try to debug the protected_node.fork.inc page its almost as if it doesn't recognize this page. Even if I put echo "hello";exit into the script.
Comment #9
AlexisWilke commentedAh... if you're using the fork feature it's somewhat different. In that case it expects one of several password and depending on the password it will go to this or that page.
The fork would have a problem if you also have a destination, in that case the destination would take over no matter what and possibly send you to the wront node and thus send you back to the password screen.
The normal process (without the fork support) sends you here: protected_node/protected_node.redirect.inc
And the destination does its magic which is why we don't see a drupal_goto() in that file.
The culprit maybe protected_node_enterpassword_validate() or protected_node_enterpassword_submit() which both make the password effective (first it is verified and second it is saved in the session.)
Thank you.
Alexis Wilke
Comment #10
ashabi commentedFigured out the problem. It had to do with the permissions/users roles tables. I dropped them and put in clean tables and everything worked out. I have a feeling there is an issue with this module and customized user groups.
Thanks for your help.