Problem with login (doesn't seem to 'take')

Sometimes this problem is related to server setup. For me the problem was with HTTP_HOST setting. It contained an IP problem with was treated as a domain name at the end of settings.php file. Just comment out:

if (isset($_SERVER['HTTP_HOST'])) {
  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
  // Per RFC 2109, cookie domains must contain at least one dot other than the
  // first. For hosts such as 'localhost', we don't set a cookie domain.
  if (count(explode('.', $domain)) > 2) {
    ini_set('session.cookie_domain', $domain);
}

Best wishes,
Andrei.

Reading this thread, several potential problem had been found:

• PHP 5.2.0
• ZoneAlarm (firewall problem?)
• browser related - on this one, I discovered that it is impossible to log in with W3M, a text browser. It seems to be related with how invalid cookies are handled

Do you see any other problems?

I have tried all the proposed solutions up until this post w/o success, but this one did the trick for me!

My Setup
Drupal version 4.7
Windows 2000 Server
PHP 5
MySQL 5
____________________________
Insurance Center

I posted a while back (in a different thread) and got told that all my troubles would be over if I just upgraded, first to 4.7.6 and then to 5.1. I moved to 4.7.6 and still found the double cookie issue was a problem. I wrote some text in the login page about removing cookies, but users are generally not big on reading, and as such I sitll got hassles over this. Then the site owner called up and said he couldn't sign in. I was able to log in as him using both FF and IE, but even after clearing his cookies he couldn't get in with IE (no FireFox to test on his end). I figured this was the excuse I needed and upgraded to 5.1.

Whoops. Now nobody can log in. I don't know what the cause is, but I'm bloody glad I backed things up. I went through all of the fixes here and nothing seemed to help. I'm on a shared external server and don't have access to PHP.INI, so those were the only changes I didn't try.

HELP. This sucks. I've sent a ticket to the host to restore my backup and go back to 4.7.6, but this is getting ridiculous. Frankly, I don't see sticking with Drupal if I continue to have this kind of problem. Any new tricks I can try?

I've been trying to get Drupal 5.2 running. I have
PHP Version 5.2.1
Apache Version 1.3.3

None of the posted solutions work for me. All the user info seems to be getting into the database just fine. A login with incorrect information correctly tells me the username or password is not recognized. But a proper login just brings be to "Access Denied".

If anyone has a solution, I would be ever so grateful.

Just to follow the discussion

I have tried almost all the solutions suggested above.

Unfortunately nothing worked by itself or in combination with other solutions. And this is a hard problem to make sure it is truly resolved because, in my case, it is not consistent. Most of the time, users can log in fine the first time. But sometimes I will get calls (or it happens to me) where the user logs in but the page they are looking at shows them still needing to login again. Watchdog shows that they are logged in (Session opened for ...).

I have found that most of the time if the user just presses the browser refresh/reload button, everything is fine and the page shows them being logged in.

So I added one line at the end of sess_regenerate() in sessions.inc:

function sess_regenerate() {
  $old_session_id = session_id();

  // We code around http://bugs.php.net/bug.php?id=32802 by destroying
  // the session cookie by setting expiration in the past (a negative
  // value).  This issue only arises in PHP versions before 4.4.0,
  // regardless of the Drupal configuration.
  // TODO: remove this when we require at least PHP 4.4.0
  if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time() - 42000, '/');
  }

  session_regenerate_id();

  db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
  
  //Added bottdev - clear the cache for this user so the page from where they are logging in will be pulled again from the DB rather than from the cache
  $user->cache = time();
  //End Added bottdev
}

By setting the user's cache time to the current time, a new page will be loaded rather than being pulled from the cache. Of course, the front page was cached as it always is for unauthenticated users. But I was having the same problem from other pages also if the user had browsed other areas of the website before logging in.

Note: I also have these 3 other solutions mentioned above still in my code. I do not plan to take them out at this time, but these are those that remian:
1) in index.php, included $GLOBALS['tempUser'] = $user; at the end of the file
2) in user.module included session_regenerate_id(); as suggested by iDonny above (drupal.org/node/6696#comment-122419)
3) I am using 4.7.7 so a couple of the solutions regarding cookie settings in settings.php are already included--I have not made any changes to this section from what is included in 4.7.7.

So far this seems to work for Firefox and IE6. I had the problem this morning on my machine and when I added this line I was able to get in every time using 10 different development user ids. That doesn't mean that this problem is really solved for me, but it at least appears that way.

Based on the wide variety of solutions that work for some and not others, I hope this works for at least some of you. I see that many have already tried clearing the cache with no success.

Thank you to all for the hours/days/years spent in making Drupal a great product and community!

After a few hours of looking into this problem we noticed that our session table was corrupted. We had to drop it and then rebuild it from a backup which solved the problem. It looks like there is a more detailed fix similar to what we did here: http://drupal.org/node/61900#comment-287666

I have put the two slashes in front of regenerate in user.module

i.e.
// sess_regenerate();

I have appended

$GLOBALS['tempUser'] = $user;
to the very end of index.php

and now I'm happy

running drupal 5.x w php 5.2.4 on apache 1.3.39 with multisite configured per http://drupal.org/node/125539

I've tried absolutely everything.

I've commented out sess_regenerate(); from user.module.

I've added $GLOBALS['tempUser'] = $user; to the bottom of index.php.

I've commented out

if (isset($_SERVER['HTTP_HOST'])) {
  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
  // Per RFC 2109, cookie domains must contain at least one dot other than the
  // first. For hosts such as 'localhost', we don't set a cookie domain.
  if (count(explode('.', $domain)) > 2) {
    ini_set('session.cookie_domain', $domain);
  }
}

from settings.php.

I've commented out

$old_session_id = session_id();
session_regenerate_id();
db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);

from session.inc.

And so on, and so on, and so on. You name it, I've tried it.

Everything listed on every thread on this website to do with IE6 not being able to login, I've tried.

At least I'm sent to the correct user's page when I try to login (i.e. user/1 if admin), but then I get there and it says "access denied", as if the cookie didn't stick.

I have same kind of error with 5x.

I installed with no problems. Now im on the "Configure your website" part of the installation.
and i created an admin account. But i cant login with the created admin account. When I enter the login/pass nothing happens seems like page just refreshes and i still have welcome page saying
"Welcome to your new Drupal website!
Please follow these steps to set up and start using your website: "

when i click on "administration section", I get

"Access denied
You are not authorized to access this page." error.

I tried with firefox and ie. I am not sure how to fix this issur. I have added "drupal_page_footer();
$GLOBALS['tempUser'] = $user;" to the end of my index.php didnt help.

Whats the problem here? When i tried to "request new password" i didnt receive any emails either..

thanks for your help in advance.

when i go to ask a qustion about the sims 2 castaway it tells me to restiter and so i fill everything out and it wont let me can you help?

when i go to ask a qustion about the sims 2 castaway it tells me to restiter and so i fill everything out and it wont let me can you help?

when i go to ask a qustion about the sims 2 castaway it tells me to restiter and so i fill everything out and it wont let me can you help?

Sorry - this comment won't help anyone - just wanted to add to the thread of a hot topic to make it hotter. I've already spent 5 hours on this issue with no resolution. I can't believe it's still an issue.

I hate to say it, but I'm pretty close to done with Drupal. Oh well at least for me this came up during the evaluation phase. I see other people weren't so lucky. Good luck everyone.

I had a similar problem when moving my site. Backed the database and moved the directory structure. Everything seemed fine, except I couldn't login. I commented out like so:

#if (isset($_SERVER['HTTP_HOST'])) {
#  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
#  // Per RFC 2109, cookie domains must contain at least one dot other than the
#  // first. For hosts such as 'localhost', we don't set a cookie domain.
#  if (count(explode('.', $domain)) > 2) {
#    ini_set('session.cookie_domain', $domain);
#  }
#}

I haven't tried it, but it could also work if I specified the domain (on moving, I also changed the domain to something readable).

When I went to access control and activated cac_lite module for anonymous and activated, I got rid of the problem.

Hope that helps...

Installing Drupal for the first time and all went well until I got this set of errors (below) at the end of the setup:

ALSO,

I cannot access any admin features at the page :

Welcome to your new Drupal website!

Please follow these steps to set up and start using your website:

NOTE: drupal is installed at
http://www.iipj.org/drupal/
but my main site entrance is simply
http://www.iipj.org

I am not sure if that has any bearing on the matter.

I had few problems loading Joomla! on my server.

Thank you,

Michael

* warning: array_fill() [function.array-fill]: Number of elements must be positive in /home/.sites/143/site2/web/drupal/includes/database.inc on line 235.
* warning: implode() [function.implode]: Invalid arguments passed in /home/.sites/143/site2/web/drupal/includes/database.inc on line 235.
* warning: array_keys() [function.array-keys]: The first argument should be an array in /home/.sites/143/site2/web/drupal/modules/user/user.module on line 500.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT p.perm FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in /home/.sites/143/site2/web/drupal/modules/user/user.module on line 500.
* warning: array_keys() [function.array-keys]: The first argument should be an array in /home/.sites/143/site2/web/drupal/modules/block/block.module on line 402.
* warning: array_fill() [function.array-fill]: Number of elements must be positive in /home/.sites/143/site2/web/drupal/includes/database.inc on line 235.
* warning: implode() [function.implode]: Invalid arguments passed in /home/.sites/143/site2/web/drupal/includes/database.inc on line 235.
* warning: array_merge() [function.array-merge]: Argument #2 is not an array in /home/.sites/143/site2/web/drupal/modules/block/block.module on line 403.
* user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module' at line 1 query: SELECT DISTINCT b.* FROM blocks b LEFT JOIN blocks_roles r ON b.module = r.module AND b.delta = r.delta WHERE b.theme = '' AND b.status = 1 AND (r.rid IN () OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module in /home/.sites/143/site2/web/drupal/modules/block/block.module on line 403.

Something else to check for anyone else experiencing something similar is that session.use_cookies is set to on (check phpinfo() ).

If it isn't, you could turn it on in .htaccess with a line like this inside of your appropriate , e.g. for PHP 4 and Apache 1:
<IfModule mod_php4.c>
php_value session.use_cookies 1
</IfModule>

or via php:
ini_set('session.use_cookies', true);

When this is off I get the same results you are describing, and it is easy to forget on an upgrade if you overwrite your .htaccess

OK beat me for not having read all this lengthy thread. But I had the same problem as original poster and solved it. Relatively new install with only an administrative user. Worked fine for 3 days. Then got blocked. I kept requesting a new password and everytime I clicked on login with the emailed new temporary password, I got the message that I was not authorized to access that page. Also, sometimes would just return me to login page with no change. From reading this thread, I went to IE7 and cleared both my browsing history and my cookies and I began to get in again.

Thinking back, as I was trying to embed gallery2 with Drupal after failed attempts, one instruction was to Not enable "Clean URL." So I DISABLED "Clean URL" and perhaps that is what instigated my login problem. Hope this helps someone.

~~Ray

I had problems with not beinable to login from the comfirmation email after creating a new account except for the first user. Joomla has very similar issues.
I found the problem when trying to install Joomla in that I got an error That said "Session Save path was not Writeable." And the path it refered to was not writebale and I could not change the rights.
I contacted my web host and asked them if they could change that to writeable. They basically set up another location inside my site root directory and made it writeable.
Problem solved. Now the Login works perfectly from the confirmation email and Joomla also works perfect as well. No need for hacks or other fixes in my case.
Long story short is contact your web hosting service and see if they will make the change for you.
I hope this might help somebody.
Ron

hey guys, ok im having the same problem, but not when logging in, but when posting comments.
i gt the error but the comment does get posted, but after the error each time i try to read the node i get the error, this only works when logged in as a normal user, admin works finee
!!!!!
any ideas?

Cross-posted from http://drupal.org/node/83822#comment-913011

Subscribing

Hi All
so whats the solution?
I am on drupal 6.10, and a few days back my host upgraded to Apache-2.2/PHP-5.2/Mysql-5.0
Now I can only login from the forum. Loggin in from anywhere else results in absolutely nothing. no error or nothing, just a page reload.

Is there a solution that wont cause any trouble when upgrading later etc.
I am assuming my problem is the same as many other described here even my symptoms are 100% alike.

thanks in advance

Just thought I would mention, had this "access denied" issue with 6.12 out of the blue and tried this patch code and it seems to work like a charm now.

I tried at least two of the "solutions" here and they didn't work for me.

It finally dawned on my what i had changed. i had moved a PHP call to session_commit() from conditional to all the time in my home page, meaning that the function even for anonymous users. this was what i thought i wanted, but when i put it back only for authenticated+ users, i could login in again. (off subject: i read in this forum that it is not necessary to use this procedure. i have found a situation when it fixed a problem for me).

when i had the problem, i was unable to log in via IE, Chrome and Firefox (all that i tried).

I've had a same problem, the solution was in SESSIONS table. It need to be repaired.

I had a problem with a mysterious login failure in Internet Explorer (appeared after a domain shift, and didn't generate any error message). Turns out the problem is that the new domain name started with a numeric digit. So 1aaaaaaa.tld is actually a non-standard domain name, which will cause IE to reject the cookie when logging in.

I solved it by using only www2.1aaaaaaa.tld, and then adding rewrite rules for the 1aaaaaaa.tld and www.1aaaaaaa.tld hosts in .htaccess. Don't know if that really qualifies as a standards-compliant solution.... but anyway, it seems to have solved the cookie problem.

Hope that helps someone!

Drupal 6.15
PHP5
Apache2

I had moved my files from a public server to the one running locally on my computer. The reason for Drupal not accepting the correct login info was because the domains set up in settings.php were for the original domain. I just changed those and voila!

line 125:

$base_url = 'new.server.domain'; 

on line 169:

$cookie_domain = 'new.server.domain';

But now there's a new problem. I'm getting warnings from Drupal that:

warning: include_once(system.admin.inc) [function.include-once]: failed to open stream: No such file or directory in /var/www/buysseosha/includes/theme.inc on line 613.

I've encountered the same problem described here in Drupal 6. The solution was none of the above and not entirely intuitive.

When moving servers, I zipped up the directory structure and unzipped it on the new machine. The group owner on the new machine needed to be different, so the error was being caused by a permissions failure. chown -R fixed everything after a good hour of struggling.

I ran into this issue when moving an old site to a local test server to prepare for some updates (Drupal 5.12). I found a line in settings.php referring to the old $cookie_domain setting. I changed the value to reflect my local install, cleared cache in the browser, and the issue was resolved.

Just in case anyone comes across this issue, perhaps this comment will help.

In my case it was a broken sessions table in the database. I fixed it using the repair function in phpmyadmin.

Had the same problem, a table repair for the "sessions" table did the job.

So I had a similar problem, user_login_submit was simply not called at all and after long hours of research it seems that in form.inc line 857, drupal checks that form_get_errors() returns no errors before calling the submit function which seems fine because that's how it checks that there are no validations errors before submitting the form except this time it was a completely different form that has no relation with the user_login_form that returned the error I had no way to see it till I found I should dsm(form_get_errors());
Now I know so I hope it helps someone...

My problem was related to underscore in my domain name.
As soon as I renamed it to a domain without underscore, my login problem went away.

It's related to cookies which are not processed because of the domain name which is not compliant to RFCs.

https://drupal.org/node/1444718

Repairing the sessions table worked for me, with 6.x.

After 7 days of search and testing I solved this problem.
I deactivate/uninstall the PHP suhosin extension and now everything works perfectly!!!!!!!

My symptoms were log-in not working, or needing to be done twice.
I finally narrowed it down to www.example.com and example.com being treated as two totally different sites with most, but not all, of the links being correctly re-written.
So, a user successfully logs in to www.example.com, gets redirected to the logged-in home page which is on example.com (no www) and gets an access denied message. Log in again, this time unkowingly on the example.com site (with no www) and it all works perfectly.
Solution - a simple re-write command uncommented in /etc/apache2/httpd.conf and now all is well.
Hope that helps somebody!

After going through most of the suggestions on here for my Drupal 6 installation, I finally resolved the situation by reducing my post_max_size to 512M. Apparently I had set it to a value too high for the environment and so the login form was just misbehaving.

Login Page is not opening .can any one pls help.i gave like domain name/user