Hi

Testing your new phpBB3 module alongside Drupal 5.

I have found some problems:

Session control is one problem, Drupal login continues to work no problem, but when it comes to phpBB3 the login does login but refreshing the page and the user is no long logged in (happens most of the time). However, the Drupal is still logged in at all times.

Looking closely, I have found that phpBB is creating new sessions/sid's every time the page is refreshed. So when the SID does not match the original log in SID, the user is not logged in - makes sense. I have also looked at phpBB module, and I wonder is that conflicting with phpBB sessions - e.g. a problem with reading sessions/cookies.

The cookies do look fine.

Installation was done following instructions and I have tried it twice. Without the Drupal/phpBB linked (i.e. not using phpBB module) they work fine independently.

This is one problem, I have looked at your working copy.

Any ideas?

Thanks!

Regards
Jason
http://jason.ilobby.co.uk

Comments

arkepp’s picture

arkepp commented

Does this happen on http://kepp.net/phpbb3 ? I wasnt able to replicate it.

The module only does two things:
1) To create a session it creates the "always log me in" cookie and inserts a session_key for that.
2) To destroy a session it deletes the mentioned cookie and session_key, but it also destroys all other phpBB cookies and attempts to clean out the session_id database.

In other words, if the front page shows you logged in, it should really be a phpbb problem. One thought: Try clearing phpBB's cache directory, since Drupal uses the database.

So what you should test is phpbb without Drupal:
1) just remove the .htaccess file from the phpBB directory
2) create a new user in phpbb
3) clear your cookies
4) log in, check the "always log me in" box
5) quit the webbrowser
6) start it again, verify the _sid cookie is gone, or delete it
7) go to the phpbb front page

I'll probably add a line to destroy existing _sid cookies, you can for example replace the line
// Just in case
with
_phpbb_unset_cookies($phpbb_cookie_name);

But in that case deleting the cookies would have worked too.

jase951’s picture

jase951 commented

I have looked into this and found that phpbb.module creates 3 cookies _k _u and _sid. These are conflicting with phpBB login.

phpBB does not set these cookies and when removed it works fines. The problem is can I not set these cookies?

Regards
Jason

arkepp’s picture

arkepp commented

Asking again: Is this something you can produce on kepp.net/phpbb3 ?

The cookies are not conflicting with the phpBB login, they ARE the phpBB login. It's possible the _sid cookie is redundant, at least I can't remember off the top of my head any reason to keep it.

jase951’s picture

jase951 commented

Hi

Thanks for your reply.

sorry i did not answer your question, your website seems fine.

i have found that the cookie _sid does not contain the same ID as that of the database.

function _phpbb_set_cookies($phpbb_cookie_name, $session_key) {
  global $user;
  // Two weeks should be ample
  setcookie($phpbb_cookie_name . '_k', $session_key, time() + 1209600, '/');
  setcookie($phpbb_cookie_name . '_u', $user->uid, time() + 1209600, '/');
  setcookie($phpbb_cookie_name . '_sid', '1', time() + 1209600, '/');
}

Is this correct with the SID cookie set as 1 all the time? Looking at your website, the SID cookie is not one but that of the user's session.

Any ideas?

jase951’s picture

jase951 commented
Assigned: Unassigned » jase951
Status: Active » Fixed

The problem with this was that the cookies that Drupal sets and the cookies that phpBB sets did not correspond in terms of the domain/host.

So to solve this I emptied the textbox for cookie domain, under cookie settings within the phpBB admin interface. This meant that cookies are created with "host" as in the host of the page whereby the cookie is generated.

If you get this problem try out my method.

Regards
Jason

jase951’s picture

jase951 commented
Status: Fixed » Closed (fixed)

Closed