Scary Problem With Login

Yii 1.1 General Discussion
1

Hi,

I have just uploaded my Yii Project to my new Hosting Service.

Everything ok, except for one strange problem.

I have a database with two users and both works very well on the local machine.

But in the hosting server if i try to login with a user something dont work, is like that someone do an immediate logout.

Example:

  • Normal case:

I request a protected action on my controller, that only registered user can see.

Yii show to me the login form, that i fill and submit.

If correct it show me the previous requested page.

  • My Case:

I request a protected action on my controller, that only registered user can see.

Yii show to me the login form, that i fill and submit.

If correct, it send me to the index page (like if i have requested a logout)

And if i request the protected page again it show me the login page again. (so im not authenticated)

Note: If i check RememberMe it send me to the index page too, but if i’ll require the requested page another time, it show me (like if i was logged succesful). But in this case commands like


Yii::app()->session['variable']

dont work

Someone can help me in this? Anyone has an idea?

Login Action:


	public function actionLogin()

	{

		$model=new LoginForm;


		// if it is ajax validation request

		if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')

		{

			echo CActiveForm::validate($model);

			Yii::app()->end();

		}


		// collect user input data

		if(isset($_POST['LoginForm']))

		{

			$model->attributes=$_POST['LoginForm'];

			// validate user input and redirect to the previous page if valid

			if($model->validate() && $model->login())

				$this->redirect(Yii::app()->user->returnUrl);

		}

		// display the login form

		$this->render('login',array('model'=>$model));

	}
2

Not sure what’s wrong with your returnUrl.

The session part sounds familiar and there’s a post here that may save me some time explaining:

http://www.yiiframework.com/forum/index.php/topic/25500-changing-sessionid-after-login/

3

Thank you for the reply, but the problem is in the login session that authenticate the user.

I dont think that the problem is in the returnPage.

4

Anyone can help me? I’m in this problem since 3 days.

5

Hi again,

The post that I linked to above is not discussing the returnUrl. It discusses the fact that after login, the session ID is regenerated. This may be why your previous session variables are no longer valid.

6

The sessionId is ok.

The only problem is that:

If i login without check the "Remember me", it return me the index page and the sessionID change.

Example:

I’m logged out.

SessionId is: 7397fd8ds93hd

I try to login with correct credentials

Im redirected to the index page.

and now the sessionID is changed.

SessionId: 684fhsi9380029

Like a logout.

7

Well, i dont know how to fix the issue.

For everyone that have se same problem i found a workaround, that worked very well for me.

Make manage the sessions at the Database.

Is very simple, in the protected/config/main.php make these changes:




// application components

 ‘components’=>array(

    ……….

    ‘session’ => array(

        ‘class’ => ‘system.web.CDbHttpSession’,

        ‘connectionID’ => ‘db’,

        ),

 ),

It creates automatically a new table YiiSession and uses it for session data. The problem will fixed and the site works much faster.

See the entire article there:

http://programmersnotes.info/2009/03/05/speeding-up-yii-or-why-should-you-use-db-sessions/

Note: So, there isn’t a problem with the Yii code, but something to do with the server. (maybe permissions or paths).

But the strange thing is that Yii and the PHP don’t send any error.

Thank to Outrage for trying to help me.

8

Most of the user modules have this problem, here is what i have done to eradicate.

return url problem