Yii App In Subdomain Login Not Working

psalmnoelfigueroa · March 12, 2013, 1:45pm

Hi. I just made a sample application at a website http://app.website.com, but it fails when I login into the system.

Locally, it is working. Upon tracing the bug, I found out that after the login code of $this->setState(‘roles’, $usersmodel->role); , the system succesfully sets the ‘roles’ to the user’s session (I echo the Yii::app()->user->getState(‘roles’) and Yii::app()->user->roles both). However, when I refresh the page, the state set would be gone.

I tried to locally see if my page somehow calls the log out url of my application, but it does not. Im not sure though if it has something to do with my HTAccess or something…

Here are my codes:

class UserIdentity extends CUserIdentity

{

private &#036;id;


public function authenticate()


{	


	&#036;username = &#036;this-&gt;username;


	&#036;pw = &#036;this-&gt;password;





	&#036;usersmodel = MUsers::model()-&gt;find('username = :uname', array(':uname'=&gt;&#036;this-&gt;username));


	


	if(&#33;&#036;usersmodel)


		&#036;this-&gt;errorCode=self::ERROR_USERNAME_INVALID;


	elseif(&#036;usersmodel-&gt;password&#33;==md5(&#036;this-&gt;password))


		&#036;this-&gt;errorCode=self::ERROR_PASSWORD_INVALID;


	else{


		&#036;this-&gt;id = &#036;usersmodel-&gt;id;


        &#036;this-&gt;setState('roles', &#036;usersmodel-&gt;role);    


		&#036;this-&gt;errorCode=self::ERROR_NONE;


	}


		


	return &#33;&#036;this-&gt;errorCode;


}





public function getId(){


    return &#036;this-&gt;id;


}

}

class WebUser extends CWebUser

{

/**


 * Overrides a Yii method that is used for roles in controllers (accessRules).


 *


 * @param string &#036;operation Name of the operation required (here, a role).


 * @param mixed &#036;params (opt) Parameters for this operation, usually the object to access.


 * @return bool Permission granted?


 */


public function checkAccess(&#036;operation, &#036;params=array())


{


   if (empty(&#036;this-&gt;id)) {


        // Not identified =&gt; no rights


        return false;


    }





    &#036;role = &#036;this-&gt;getState(&quot;roles&quot;);


    if (&#036;role === 'superadmin') {


        return true; // admin role has access to everything


    }


    // allow access if the operation request is the current user's role


    return (&#036;operation === &#036;role);


}

}

I added the class to the main configuration file

And I configured a controller to read my session

public function filters()

{

return array(


    'accessControl', // perform access control for CRUD operations


);

}

public function accessRules()

{

return array(


    array('allow',


        //'actions'=&gt;array('admin'),


        'roles'=&gt;array('superadmin', 'staff'),


    ),


    array('deny',  // deny all users


        'users'=&gt;array('*'),


    ),


);

}

When I remove/disable the redirection part when the form is validated and user is logged in, I try to echo the roles, and it works. But if I refresh the page or go to other links, the roles would be gone and I would be GUEST again.

Any help would be appreciated! Thank you!!

psalmnoelfigueroa · March 13, 2013, 6:30am

To help others out there with this issue, here are the steps I took:

I placed a fresh copy of Yii (generated from yiic locally then uploaded to webhost)
Logging in is not working in the fresh copy so I suspected that there is a session problem
I suspected that there is a problem with PHP’s Session so I placed a var_dump(session_start()) on each page. It then came out with an error

I then browsed through the PHP.ini file and found that the session path is not familiar to me, so I contacted the webhost(iPage - i know) and asked them to help me with the session. They fixed the session save path and everything works now.

Hope this helps a random citizen out there!