Opening this issue as a catch all for all the accumulated different login issues.

Log In seems to fail with no error message. Log files show a session was opened for user, however user-access level is still at Guest/Annonymous user level.

Problem environment:
Browser: Firefox
Drupal: 4.8.0 dev
Web server: Apache
Unable to determine your web server type and version. Drupal might not work properly.
PHP: 5.1.5
MySQL database: 4.1.18-standard-log
Configuration file: Protected
Cron maintenance tasks Last run 7 min 47 sec ago
Unicode library: PHP Mbstring Extension

CommentFileSizeAuthor
#7 sessionname_1.patch1.38 KBJohnAlbin
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

magico’s picture

magico CreditAttribution: magico commented
Category: bug » support
Priority: Critical » Normal

Downgrading to normal, because I'm using the most recent HEAD version and I don't have any login problem.
Also, no one else had this problem.

grymwulf’s picture

grymwulf CreditAttribution: grymwulf commented
Category: support » bug

I've already fixed it by adding 1 bit of custom code to my site settings.php

/**
 * PHP settings:
 *
 * To see what PHP settings are possible, including whether they can
 * be set at runtime (ie., when ini_set() occurs), read the PHP
 * documentation at http://www.php.net/manual/en/ini.php#ini.list
 * and take a look at the .htaccess file to see which non-runtime
 * settings are used there. Settings defined here should not be
 * duplicated there so as to avoid conflict issues.
 */
ini_set('arg_separator.output',     '&');
ini_set('magic_quotes_runtime',     0);
ini_set('magic_quotes_sybase',      0);
ini_set('session.cookie_domain', '.grymwulf.com');
ini_set('session.cache_expire',     200000);
ini_set('session.cache_limiter',    'none');
ini_set('session.cookie_lifetime',  2000000);
ini_set('session.gc_maxlifetime',   200000);
ini_set('session.save_handler',     'user');
ini_set('session.use_only_cookies', 1);
ini_set('session.use_trans_sid',    0);
ini_set('url_rewriter.tags',        '');


This bug exists in 4.7.3... and the behaviour was the same as the previous version bug report.  I'm returning this to bug report as I don't currently need support concerning this incident.
magico’s picture

magico CreditAttribution: magico commented
Version: x.y.z » 4.7.3
Component: other » user.module
magico’s picture

magico CreditAttribution: magico commented
Version: 4.7.3 » 4.7.5
Status: Active » Fixed

Should be fixed with the following code present in settings.php

/**
 * We try to set the correct cookie domain. If you are experiencing problems
 * try commenting out the code below or specifying the cookie domain by hand.
 */
if (isset($_SERVER['HTTP_HOST'])) {
  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
  // Per RFC 2109, cookie domains must contain at least one dot other than the
  // first. For hosts such as 'localhost', we don't set a cookie domain.
  if (count(explode('.', $domain)) > 2) {
    ini_set('session.cookie_domain', $domain);
  }
}
Anonymous’s picture

(not verified) CreditAttribution: commented
Status: Fixed » Closed (fixed)
JohnAlbin’s picture

JohnAlbin
he/they/他
Primary language English
Location Taipei, Taiwan
CreditAttribution: JohnAlbin commented
Title: Login Issues cvs Drupal 4.8.0 dev 9/1/2006 » Login Issues cvs Drupal4.8.0 dev 9/1/2006

The code quoted by Magico, does not fix the problem entirely. See http://drupal.org/node/56357 for the proposed solution.

JohnAlbin’s picture

JohnAlbin
he/they/他
Primary language English
Location Taipei, Taiwan
CreditAttribution: JohnAlbin commented
Title: Login Issues cvs Drupal4.8.0 dev 9/1/2006 » Login Issues and session cookie collisions
Version: 4.7.5 » 6.x-dev
Component: user.module » user system
Priority: Normal » Critical
Status: Closed (fixed) » Needs review
FileSize
sessionname_1.patch1.38 KB

Please see http://drupal.org/node/56357#comment-213495 for a full description of the cause of this problem. But, briefly, a session cookie for www.example.com will collide with a session cookie for other.example.com and will result in the problem as described by grymwulf:

Log In seems to fail with no error message. Log files show a session was opened for user, however user-access level is still at Guest/Annonymous user level.

This is a PHP Bug (#40806) that affects all versions of Drupal. The supplied patch is a work-around for 5.x. Can easily be back-ported to 4.7.

RobRoy’s picture

RobRoy CreditAttribution: RobRoy commented
Status: Needs review » Needs work

FYI, // don't re-calculate base_url, if done in settings.php should be

// Don't re-calculate $base_url, if done in settings.php.

And use 2 spaces instead of tabs.

http://drupal.org/node/318

JohnAlbin’s picture

JohnAlbin
he/they/他
Primary language English
Location Taipei, Taiwan
CreditAttribution: JohnAlbin commented
Status: Needs work » Closed (duplicate)

Thanks for the comments, Roy. I will incorporate them into my patch.

I was half-way into splitting http://drupal.org/node/56357 into two issues when I realized they really are the same issue. I'm marking this as a duplicate. Sorry for cluttering the issue queue! :-D