Forums / Install & configuration / Can't login with cookie : off

Can't login with cookie : off

Previous topic

Install & configuration

Next topic

Author	Message
Guillaume COLSON	Monday 02 May 2005 6:41:55 am Hi, To solve a problem with user/register on browsers with cookies disabled I had to set a .htaccess file in the root of my site containing : php_value session.use_cookies 0 php_value session.use_trans_sid 1 php_value url_rewriter.tags a=href,area=href,frame=src,input=src,form= This allows me to send the session id in URL and register normally even on browsers with cookie off. You'll said everything's allright so. But what is quite strange is that I can't login with these browsers. However it seems to work well as soon as an hidden input with the id appeared correctly in the login form. It's as if the page /user/login doesn't use the session id if sent by a form. The new form sounds like that : <form method="post" action="/~site/user/login?eZSESSID=66dbb140e4a4207868ded35f612ab5d3"> <input type="hidden" name="eZSESSID" value="66dbb140e4a4207868ded35f612ab5d3" /> When I'm trying to connect with an account, I get the same page with another id number and it seems that I'm not connected. But when watching to "who is connected" in config/sessions of the admin interface, I find that my connection is saved... If someone has any idea about where is the problem from or any test to do, please let me know. Thanks to have taken the time to read all that! Guillaume
Guillaume COLSON	Tuesday 03 May 2005 8:48:54 am Hello, I think I begin to see a solution. The problem seems to come from the redirection after login. If I well understand the mechanism, when you log in, your credentials are sent to the /user/login page which after login send you back to the page given in the hidden input "RedirectURI". When I use session.use_trans_sid to add the session_id to the URL, it doesn't change the value of the "redirectURI" input. Does anyone know how to add something to this field automatically? Or could someone give me another solution? Thanks in advance, Guillaume

Author

Message

Guillaume COLSON

Monday 02 May 2005 6:41:55 am

Hi,

To solve a problem with user/register on browsers with cookies disabled I had to set a .htaccess file in the root of my site containing :
php_value session.use_cookies 0
php_value session.use_trans_sid 1
php_value url_rewriter.tags a=href,area=href,frame=src,input=src,form=

This allows me to send the session id in URL and register normally even on browsers with cookie off.

You'll said everything's allright so.

But what is quite strange is that I can't login with these browsers. However it seems to work well as soon as an hidden input with the id appeared correctly in the login form.

It's as if the page /user/login doesn't use the session id if sent by a form.

The new form sounds like that :

When I'm trying to connect with an account, I get the same page with another id number and it seems that I'm not connected. But when watching to "who is connected" in config/sessions of the admin interface, I find that my connection is saved...

If someone has any idea about where is the problem from or any test to do, please let me know.

Thanks to have taken the time to read all that!

Guillaume

Guillaume COLSON

Tuesday 03 May 2005 8:48:54 am

Hello,

I think I begin to see a solution.
The problem seems to come from the redirection after login.
If I well understand the mechanism, when you log in, your credentials are sent to the /user/login page which after login send you back to the page given in the hidden input "RedirectURI".
When I use session.use_trans_sid to add the session_id to the URL, it doesn't change the value of the "redirectURI" input.
Does anyone know how to add something to this field automatically? Or could someone give me another solution?

Thanks in advance,

Guillaume