I'm not quite sure I understand how "Cookie Check" is supposed to work and I'm getting an error message on my screen.

Here's what I'm doing:
1. To start fresh, I delete cookies from IE 7.0.
2. I go to my web site, wellnesscorps.com.
3. I type in my username and password and log in.
4. The next screen shows the following message:

Cookie problems
It seems that your browser does not accept cookies. To log into this site, you need to accept cookies from the domain .wellnesscorps.com.

5. In #4, I'm actually logged in and can, e.g., enable modules, go to "Status report", etc.

So, if I'm allowed to log in, why am I being told my browser does not accept cookies per #4 above?

My Drupal-powered web site is the only one I've seen the verbiage that appears in #4. I log in to a LOT of sites and this is the 1st time I believe I've ever actually seen this message.

I'm using:
Drupal 5.7.
Web server: Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
MySQL database: 5.0.24a
PHP: 5.2.3

Thanks in advance.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

nedjo’s picture

Category: support » bug

Sounds like a bug, possibly limited to IE7? Can you please test your site with other browsers and report back?

Walt Esquivel’s picture

Hi nedjo.

Unfortunately, it's not limited to IE7. I have the same issue in both IE 7.0.5730.11 and Firefox 2.0.0.13.

As mentioned above:

5. In #4, I'm actually logged in and can, e.g., enable modules, go to "Status report", etc.

And I can actually log in to the different browsers yet, after logging in, I get the same "Cookie problems" message. Strange.

I'm not sure if you can see the screenshot of the "Cookie problems" verbiage as it appears in Firefox when I tested using that browswer, but I attached it anyway. You can, from the screenshot, clearly see that I'm logged in. I get the same verbiage in IE.

Thanks in advance.

IceCreamYou’s picture

Priority: Normal » Critical

I have this problem too.

Raising to critical because if users see this they'll be scared away.

salvis’s picture

Status: Active » Needs review
FileSize
969 bytes

@Walt:

Here's what I'm doing:
1. To start fresh, I delete cookies from IE 7.0.
2. I go to my web site, wellnesscorps.com.

Could it be that you got your home page from the browser cache (and thus without a cookie)?

I can reproduce this behavior in IE6 as follows:

1. Go to example.com (which has a login block)
2. Clear the cookies
3. Try to log in -> "Cookie problems", no log-in, redirected to example.com/cookie_check
4. Try to log in again -> success, but I'm still on the example.com/cookie_check page

Please try the attached patch — I want this fixed so we can proceed with #2946: Login fails and no warning is issued if cookies are not enabled.

Walt Esquivel’s picture

@Salvis:

I'm no longer using Cookie Check.

Regardless, I'm not sure I understand your question. If I log in to a Drupal-powered site, doesn't that automatically create a cookie?

salvis’s picture

@Walt Esquivel: Yes, but if you "go to my web site, wellnesscorps.com", then you're not yet logging in. I think you could initially be getting a cached copy of the front page without a cookie.

I think the problem that you described is that once you got to the cookie_check page (probably rightfully, because for some reason Drupal didn't get the cookie at first), you stayed there, even after you had logged in successfully.

Staying on that page is the irritating part of the behavior that you observed, and it's what my patch intends to fix by redirecting to the front page upon successful log-in.

It's difficult to exactly diagnose the problem with your setup from remote, but I think the patch should give you acceptable behavior.

The testing that we do in this context is somewhat flawed anyway, because removing cookies and clearing caches is not what this is about. This module (and the underlying core patch) is intended to cause two behaviors:
a) show a clear message if log-in fails because of a missing cookie, and
b) not show that message if log-in succeeds

In the real world, for a given client, we'll normally either never get the cookie, or always get the cookie, so we have a clear case of either a) or b). There's one additional relevant situation: going from a) to b), when the user has read the message, enables cookies and retries. Typically, the user will need to refresh once after enabling cookies (so that the cookie can make it to the browser, to be ready for being sent back to the server on the subsequent submit) — there's nothing we can do about that —, but after that, the log in should succeed, and my patch ensures that the user doesn't remain on the cookie_check page.

IceCreamYou’s picture

I can confirm that the patch in #4 works. Or at least, it works for me on Vista in FF2, Opera, and Safari on D5.7 with PHP5.2.5 and MySQL 5.0.45.

IceCreamYou’s picture

I take it back. It works every other try, i.e. the first, third, fifth, seventh etc. tries.

salvis’s picture

@IceCreamYou: If you put it this way, I sure have to wonder what you're doing.

What exactly is it that you're doing ten times?

I'm trying to mimick what a typical user might do in real life, i.e. get to the site with cookies cleared and turned off, read the helpful message, turn cookies on, refresh, log in, and be happy.

IceCreamYou’s picture

I'm doing this:

1) Log in.
2) Log out.
3) Repeat.

It works the first time you do it, but if you log out and try to log back in again you get the cookie_check page. You're still logged in though, and if you log out and try again it works.

salvis’s picture

I had to add a Refresh between 2 and 3 to get what you describe.

Here's a version that's more solid on that ground. However, it doesn't log in reliably, apparently because the form submit isn't redirected reliably. nedjo will have to address that part...

IceCreamYou’s picture

Any developments?

nedjo’s picture

Apologies, I'd forgotten to subscribe to issues for this project so wasn't getting these updates.

salvis, given your interest in this area, I've assigned you CVS access to the project.

I'll have a look at this when I get a chance.

salvis’s picture

Thanks, nedjo, I'm a bit over-committed right now, but I'm still interested in getting this done...

plan9’s picture

Subscribe

IceCreamYou’s picture

Is this fixed with the "significant simplification of the code from the previous D5 version" in 1.0?

nedjo’s picture

Status: Needs review » Fixed

I believe so. Then again, I was unable to reproduce the reported issue in the first place.

Please reopen if the problem reappears.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.