Opened 10 years ago

Closed 9 years ago

#24 closed bug (fixed)

login not working

Reported by: philipp Owned by:
Priority: minor Milestone: 0.1.4
Component: FrameWork Keywords: hot
Cc:

Description

on test.bw

login from http://test.bewelcome.org/bw/index.php is not working for
admin and philipp

could be problem of accounts/pwd in testdb or problem in the code

Change History (23)

comment:1 Changed 10 years ago by philipp

  • Owner yj deleted

comment:2 follow-up: Changed 10 years ago by philipp

when trying the tb based login from the page http://test.bewelcome.org/trip (left column) you end up with this error

Fatal error: Call to undefined function CountWhoIsOnLine?() in /var/www/test_html/modules/user/lib/bwauth.lib.php on line 73

comment:3 Changed 10 years ago by philipp

  • Keywords hot added

comment:4 in reply to: ↑ 2 Changed 10 years ago by anonymous

Replying to philipp:

when trying the tb based login from the page http://test.bewelcome.org/trip (left column) you end up with this error

Fatal error: Call to undefined function CountWhoIsOnLine?() in /var/www/test_html/modules/user/lib/bwauth.lib.php on line 73

I got a different thing here: After some loading, the page shown doesn't change. Locally, everything works fine though.

comment:5 Changed 10 years ago by philipp

  • Owner set to steinwinde

comment:6 Changed 10 years ago by steinwinde

  • Resolution set to fixed
  • Status changed from new to closed
  • version set to test

Several easy bugfixes seem to have fixed the login.

On http://test.bewelcome.org/bw/index.php I can login with admin or steinwinde - I don't know, what was wrong.

On http://test.bewelcome.org/trip there is no login at the left any more (the error caused by CountWhoIsOnLine? has been fixed a week ago by reverting a user module to a previous version); but there's a Login link on the same page (right top) now, and it works.

comment:7 follow-up: Changed 10 years ago by midsch

  • Resolution fixed deleted
  • Status changed from closed to reopened

this is still not working, tried http://test.bewelcome.org/bw/index.php and http://test.bewelcome.org/ -> "login failed"

comment:8 in reply to: ↑ 7 Changed 10 years ago by micha

Replying to midsch:

this is still not working, tried http://test.bewelcome.org/bw/index.php and http://test.bewelcome.org/ -> "login failed"

Sorry midsch, but this is really not a good description of an error. What means "login failed"? Is that an error-code that the browser displays after you tried to login? What happens after entering (which?) data in the login form and clicking the button?

There is a known error, maybe you mean this one: Upon trying to login, the browser displays the following:

        This XML file does not appear to have any style information associated with it. The document tree is shown below.
      
−
	<exception>
<code>1000</code>
<message>MySQL error!</message>
−
	<file>
/var/www/test_html/lib/db/db_statement_mysql.lib.php
</file>
<line>285</line>
−
	<info>
Statement: 
REPLACE `user` 
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`) 
VALUES 
(
    657, 
    1, 
    'lupo-test', 
    '', 
    '$1$3587c7a1$q0pg1zwXTHJ0JQu.ITghw1', 
    1
)
</info>
<info>1451</info>
−
	<info>
Cannot delete or update a parent row: a foreign key constraint fails (`hcvoltest/forums_posts`, CONSTRAINT `forums_posts_ibfk_6` FOREIGN KEY (`authorid`) REFERENCES `user` (`id`))
</info>
−
	<trace>
−
	<event stackno="0">
<file>/var/www/test_html/lib/db/db_mysql.lib.php</file>
<line>299</line>
<class type="->">PDBStatement_mysql</class>
<function>query</function>
−
	<args>
−
	<arg>

REPLACE `user` 
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`) 
VALUES 
(
    657, 
    1, 
    'lupo-test', 
    '', 
    '$1$3587c7a1$q0pg1zwXTHJ0JQu.ITghw1', 
    1
)
</arg>
</args>
</event>
−
	<event stackno="1">
<file>/var/www/test_html/modules/user/lib/bwauth.lib.php</file>
<line>213</line>
<class type="->">PDB_mysql</class>
<function>query</function>
−
	<args>
−
	<arg>

REPLACE `user` 
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`) 
VALUES 
(
    657, 
    1, 
    'lupo-test', 
    '', 
    '$1$3587c7a1$q0pg1zwXTHJ0JQu.ITghw1', 
    1
)
</arg>
</args>
</event>
−
	<event stackno="2">
<file>/var/www/test_html/modules/user/lib/bwauth.lib.php</file>
<line>58</line>
<class type="->">MOD_bw_user_Auth</class>
<function>updateUser</function>
−
	<args>
<arg>lupo-test</arg>
<arg>moma21.de</arg>
</args>
</event>
−
	<event stackno="3">
<file>/var/www/test_html/build/user/lib/user.lib.php</file>
<line>339</line>
<class type="->">MOD_bw_user_Auth</class>
<function>doLogin</function>
−
	<args>
<arg>lupo-test</arg>
<arg>moma21.de</arg>
</args>
</event>
−
	<event stackno="4">
<file>/var/www/test_html/build/user/user.model.php</file>
<line>228</line>
<class type="::">APP_User</class>
<function>login</function>
−
	<args>
<arg>lupo-test</arg>
<arg>moma21.de</arg>
</args>
</event>
−
	<event stackno="5">
<class type="->">User</class>
<function>loginProcess</function>
<args/>
</event>
−
	<event stackno="6">
<file>/var/www/test_html/lib/handler/posthandler.lib.php</file>
<line>101</line>
<function>call_user_func</function>
−
	<args>
<arg>Array</arg>
</args>
</event>
−
	<event stackno="7">
<file>/var/www/test_html/lib/handler/posthandler.lib.php</file>
<line>51</line>
<class type="->">PPostHandler</class>
<function>save</function>
<args/>
</event>
−
	<event stackno="8">
<file>/var/www/test_html/htdocs/index.php</file>
<line>115</line>
<class type="::">PPostHandler</class>
<function>get</function>
<args/>
</event>
</trace>
</exception>

If then you click enter in the browser's address field, you're correctly logged in and can surf the site.

comment:9 Changed 10 years ago by steinwinde

  1. The afore mentioned constraint (column handle in table user is unique) was introduced to avoid duplicates of handles (which are usernames really) in the user table. In fact you easily get double entries in table user now. Of course this is forbidden to happen on production, so the ticket is still open.
  1. I'm not sure, why doLogin calls updateUser. Probably half of this is Travelbook code. Hannu might know, he knows the login stuff in platform PT/TB best.
  1. I doubt REPLACE is a good idea in bwauth.lib.php line 203 (method updateUser). Possibly UPDATE would be more accurate.

comment:10 Changed 10 years ago by steinwinde

I forgot to mention: With release 3265 hopefully I replaced a new UNIQUE constraint in the user table by the original SQL structure (just INDEX) of the user table in TB.

comment:11 follow-up: Changed 10 years ago by matrixpoint

"3. I doubt REPLACE is a good idea in bwauth.lib.php line 203 (method updateUser). Possibly UPDATE would be more accurate." - steinweide

This was definitely causing problems with password change by creating duplicate handle records once the UNIQUE qualifier was removed from the handle key.

So, I followed your advice and replaced the REPLACE with an UPDATE/INSERT combination.

Someone more familiar with this bug and the operation of the login process should double check this, please.

comment:12 Changed 10 years ago by anonymous

  • Priority changed from blocker to critical

comment:13 Changed 10 years ago by anonymous

  • Priority changed from critical to blocker

comment:14 Changed 10 years ago by anonymous

  • Owner changed from steinwinde to pc
  • Status changed from reopened to new

comment:15 Changed 10 years ago by anonymous

  • Owner changed from pc to steinwinde

comment:16 Changed 10 years ago by anonymous

sorry guys for the changes (shouldnt have any impact), I was just testing TRAC.
Surprised, in fact, that I can edit anything of the ticket without even be logged in. May be problematic if we use the system at a larger scale. (Pierre-Charles)

comment:17 Changed 10 years ago by philipp

you might be right, but you didn't managed to change it without being noticed, and leaving a record of all your changes
we might add some more login and rights management at a later point, but so far things seem to be much easier without and (surprisingly) we did not have a single bad edit on this open plattform.

comment:18 in reply to: ↑ 11 Changed 10 years ago by steinwinde

Replying to matrixpoint:

"3. I doubt REPLACE is a good idea in bwauth.lib.php line 203 (method updateUser). Possibly UPDATE would be more accurate." - steinweide

This was definitely causing problems with password change by creating duplicate handle records once the UNIQUE qualifier was removed from the handle key.

So, I followed your advice and replaced the REPLACE with an UPDATE/INSERT combination.

Someone more familiar with this bug and the operation of the login process should double check this, please.

I feel a bit unsure, but to me your solution seems to work. I did a brief code review and tested it locally, on test.bewelcome.org and on alpha.bewelcome.org. I didn't observe any problems with the changed code. Particularly I didn't produce any doubles in table user anymore (checked this locally and on test.bewelcome.org).

comment:19 Changed 10 years ago by steinwinde

  • Milestone changed from 0.1-outreach-release to 0.x forum
  • Priority changed from blocker to minor
  • Resolution set to worksforme
  • Status changed from new to closed

The filed problems with the login should be solved now. However, I still doubt updateUser should be called at all in doLogin. I leave this ticket open convinced we should check the login logic again while introducing new platform PT version and changing to new signup procedure.

comment:20 Changed 10 years ago by steinwinde

  • Resolution worksforme deleted
  • Status changed from closed to reopened

comment:21 Changed 10 years ago by philipp

  • follow_up set to none
  • Milestone changed from forum improvements to 0.1.3 - more improvements & bugfixing

comment:22 Changed 9 years ago by steinwinde

  • Owner steinwinde deleted
  • Status changed from reopened to new

comment:23 Changed 9 years ago by philipp

  • freq_reported set to 1
  • Resolution set to fixed
  • show_on_bw set to 0
  • Status changed from new to closed

closing for now - but lets keep the login in mind as an important thing to check again and again

Note: See TracTickets for help on using tickets.