Users Unable to Sign Out
tatortodd22
New
After logging in a second time on IE or Firefox, the user is unable to Sign out from the forum unless they clear their browser cache.
Firefox (38.0.5) and Internet Explorer (11.0.9600.17843)
Reproduction Steps:
1. Go to home page.
2. Sign in.
3. Rerouted to homepage, signed in successfully.
4. Sign out. This is successful.
5. Sign back in a second time.
6. Attempt to sign out. It fails and you remain signed in. No error is prompted and you are not rerouted. Refreshing and browsing to other tabs in the website does not fix the problem.
7. Clear browser cache.
8. Refresh page. user is now successfully signed out
Screenshots available for each step.
We are hosted by Go Daddy, using Vanilla 2.1.10
I would very much appreciate help on how to fix this. I know CSS and basic HTML. Please provide step by step instructions for anything more complicated than that.
Comments
The user session is "stored" in an HMAC cookie.
What server software are you using? (apache, nginx, iis, etc.)?
Are you using any plugins?
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
Hi again @hgtonight!
It's not a plugin issue, more likely a server or caching issue.
We're using GoDaddy hosting, which is running Linux, and using a MySQL database for the Vanilla install.
Between steps 4/5 and 5/6, try refreshing the page.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
Refreshing does not help.
This appears to be a Firefox and IE only issue. Chrome works fine.
Does that give any hints as to where we should look for a solution?
It sounds like a hanging session issue how many user have reported this issue, or is it just your testing?
grep is your friend.
It's reproducible every time by following the above steps. Both within our studio, and external with our users.
Two hunches:
Can you share the forum url?
grep is your friend.
@x00 I would love to run these leads down for you, but I'm a bit of a novice when it comes to web development. Where can I find what you're talking about, and what specific steps should I take? (Happy to get you all the info I can).
The forum is here: http://www.hivejump.com/community
edit: the forum is in invite only mode, so if you need one, PM me your e-mail.
Tried clearing all the .ini's in my cache folder. Didn't help.
@hgtonight Any thoughts?
Bump! Still need help with this one. Unsure why it only happens on Firefox and IE, and not Chrome.
sent a PM
grep is your friend.
Much appreciated @x00, invite sent!
So I talked with GoDaddy today. They weren't too helpful in terms of correcting the issue, but they helped provide me some new avenues to look into.
1) php5.ini - I can create one of these on my root web hosting to modify things like session length. I'm not sure how to do this, or if it will really help the underlying issue, which may be more cookie-based (due to the per-browser nature of this issue).
2) Cookies! I need more information on how vanilla creates and destroys cookies so that I can hunt down why the sign-out is broken on Firefox and IE.
Can anyone help on either of these?
So I've found that if I manually go to
http://hivejump.com/community/index.php?p=/entry/signoutin my address bar, that the user gets successfully logged off.I would like to make sure that hitting the sign-out button redirects the user in this way. (Similar to how @hgtonight had me use this
$Configuration['Garden']['SignIn']['Popup'] = FALSE;to fix my sign-in issue)Does anyone know where in Vanilla or the Bootstrap theme I can set this up?
Thanks in advance!
^Nevermind. That does NOT work. :-(
I am not seeing a silver bullet here. Ending the session should null out the session cookie.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
If the user clears their cookies, they are logged out. Again, this is only Firefox and IE.
I'm pretty lost at this point. I'm going to try using someone's sign-in / out plugin and see if that helps.
Nope. Using the plugin did not help.
Switching to a different theme does not help either.