After Login Successfull Yii::app()->User->Isguest() Always Return True

Yii 1.1 General Discussion
1

Recently, I have created a new web application by using yiic console command. Unfortunately, I was unable to login to the system with the default login credentials (admin/admin or demo/demo) provided by Yii. There is no error message and it just redirect me to the homepage.

After further checking, I realized that the Yii::app()->user->isGuest() is always return true although I have successfully logged in to the system and the “login” hyperlink on top of the banner wasn’t change to “logout”.

I didn’t modify any code and all the code is originally generated from yiic command.

I’m using Apache/2.2.15, Yii Framework/1.1.14, PHP 5.5.3, Centos 6.4. Will it be any compatibility issues? How can I fixed this issue?

BTW, I’m new to Yii and sorry for my poor English.

2

Please can you post your code… it will be helpful to identify what is wrong :(

3

Thanks Chandran. Let me explain the scenario first.

Step 1 - Access to the home page

4858

step1.PNG

Step 2 - Login with invalid login credential, and system manages to prompt me the error message

4859

step2.PNG

Step3 - Login with valid login credential

4860

step3.PNG

Step4 - After login, system redirects to home page but there is no logout and Yii::app()->user->isGuest still return true

4861

step4.PNG

SiteController.php




public function actionLogin()

	{

		$model=new LoginForm;


		// if it is ajax validation request

		if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')

		{

			echo CActiveForm::validate($model);

			Yii::app()->end();

		}


		// collect user input data

		if(isset($_POST['LoginForm']))

		{

			$model->attributes=$_POST['LoginForm'];

			// validate user input and redirect to the previous page if valid

			if($model->validate() && $model->login())

				$this->redirect(Yii::app()->user->returnUrl);

		}

		// display the login form

		$this->render('login',array('model'=>$model));

	}

LoginForm.php




<?php


/**

 * LoginForm class.

 * LoginForm is the data structure for keeping

 * user login form data. It is used by the 'login' action of 'SiteController'.

 */

class LoginForm extends CFormModel

{

	public $username;

	public $password;

	public $rememberMe;


	private $_identity;


	/**

	 * Declares the validation rules.

	 * The rules state that username and password are required,

	 * and password needs to be authenticated.

	 */

	public function rules()

	{

		return array(

			// username and password are required

			array('username, password', 'required'),

			// rememberMe needs to be a boolean

			array('rememberMe', 'boolean'),

			// password needs to be authenticated

			array('password', 'authenticate'),

		);

	}


	/**

	 * Declares attribute labels.

	 */

	public function attributeLabels()

	{

		return array(

			'rememberMe'=>'Remember me next time',

		);

	}


	/**

	 * Authenticates the password.

	 * This is the 'authenticate' validator as declared in rules().

	 */

	public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$this->_identity=new UserIdentity($this->username,$this->password);

			if(!$this->_identity->authenticate())

				$this->addError('password','Incorrect username or password.');

		}

	}


	/**

	 * Logs in the user using the given username and password in the model.

	 * @return boolean whether login is successful

	 */

	public function login()

	{

		if($this->_identity===null)

		{

			$this->_identity=new UserIdentity($this->username,$this->password);

			$this->_identity->authenticate();

		}

		if($this->_identity->errorCode===UserIdentity::ERROR_NONE)

		{

			$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days

			Yii::app()->user->login($this->_identity,$duration);

			return true;

		}

		else

			return false;

	}

}

UserIdentity.php




<?php


/**

 * UserIdentity represents the data needed to identity a user.

 * It contains the authentication method that checks if the provided

 * data can identity the user.

 */

class UserIdentity extends CUserIdentity

{

	/**

	 * Authenticates a user.

	 * The example implementation makes sure if the username and password

	 * are both 'demo'.

	 * In practical applications, this should be changed to authenticate

	 * against some persistent user identity storage (e.g. database).

	 * @return boolean whether authentication succeeds.

	 */

	public function authenticate()

	{

		$users=array(

			// username => password

			'demo'=>'demo',

			'admin'=>'admin',

		);

		if(!isset($users[$this->username]))

			$this->errorCode=self::ERROR_USERNAME_INVALID;

		elseif($users[$this->username]!==$this->password)

			$this->errorCode=self::ERROR_PASSWORD_INVALID;

		else

			$this->errorCode=self::ERROR_NONE;

		return !$this->errorCode;

	}

}

Thanks.

4

if you did not modify anything in code then problem must be in session/cookie handling by your php on server or your browser. You must debug what cookies are set, session id, etc.

5

Hi,

I think you have to change useridentity class like below

I hope it will help you

class UserIdentity extends CUserIdentity

{

[font=Menlo, Consolas,]private[/font][color=#808080][font=Menlo, Consolas,] [/font][/color][font=Menlo, Consolas,]&#036;_id[/font][color=#808080][font=Menlo, Consolas,];[/font][/color]

[font="Menlo, Consolas, Courier New, Courier, mono"][size="2"][color="#808080"]

[/color][/size][/font] public function authenticate()

{


	&#036;users=array(


		// username =&gt; password


		'demo'=&gt;'demo',


		'admin'=&gt;'admin',


	);


	if(&#33;isset(&#036;users[&#036;this-&gt;username]))


		&#036;this-&gt;errorCode=self::ERROR_USERNAME_INVALID;


	elseif(&#036;users[&#036;this-&gt;username]&#33;==&#036;this-&gt;password)


		&#036;this-&gt;errorCode=self::ERROR_PASSWORD_INVALID;


	else {


    [font=Menlo, Consolas,]&#036;this[/font][color=#808080][font=Menlo, Consolas,]-&gt;[/font][/color][font=Menlo, Consolas,]_id[/font][color=#808080][font=Menlo, Consolas,]=[/font][/color]&#036;this-&gt;username[color=#808080][font=Menlo, Consolas,];[/font][/color]


		&#036;this-&gt;errorCode=self::ERROR_NONE;


    }


	return &#33;&#036;this-&gt;errorCode;


}

[color=black]public[/color] [color=black]function[/color] [color=green]getId[/color]color=olive[/color] [color=olive]{[/color] [color=black]return[/color] [color=blue]$this[/color]->[color=green]_id[/color]; [color=olive]}[/color]}

6

Make sure cookies are enabled and php sessions work properly.

7

I have tried this, but still no luck for me. I believe it’s something to do with the PHP session or cookies problem like what andy_s and redguy mentioned. Thanks anyway.

Hi Andy & Redguy, could you guys please guide me on how to check on the session/cookie handling by PHP? Attached herewith the screenshot of the PHP session from php_info.

Thanks

4862

phpsession.png

8

Two more possible steps:

  1. Open your browser’s cookie manager and clear all the old cookies from this domain. Then try to login again.

  2. (Weird, but cool): What’s your domain name look like? I’ve had this issue on Google Chrome + dev domain w/o TLD (i.e. http://example instead of http://example.local)

9

I have fixed the problem and it was due to the permission issues on the PHP session directory.

Thanks everyone.

10

Try to store the sessions in database, like:

[i]‘session’ => array(

        'class' =&gt; 'CDbHttpSession',


        'autoStart' =&gt; false,


        'connectionID' =&gt; 'db',


        'sessionTableName' =&gt; 'session',


        'autoCreateSessionTable' =&gt; false,


        'cookieMode' =&gt; 'none',

),[/i]