Recent Topics

Unable to Login after Upgrade to 6.9.3-stable

Started by on Nov 03, 2017 – Contents updated: Nov 09, 2017

Nov 03, 2017 08:09    

Setup:
b2evolution 6.9.3-stable
PHP Version 5.5.38
MySQL Version 5.7.19
Mac OS X El Capitan with Server.app
Mac Mini collocated
https://press.teleinteractive.net/
LetsEncrypt Certificate

I am unable to login after upgrading to 6.9.3 stable. The front-end is working fine. I did a clean upgrade, that is, I deleted all previous b2evolution files, except for the stub files for the various blogs. I copied over the files from the unpacked 6.9.3 archive. I assured that owner:group were correct, and opened up the permissions to rwx for owner, group and all. I brought back conf/_basic_config.php, and ran the install as an upgrade. I brought back the skins that we use, and media files. The front-end looked great. I tried to login, and just came back to htsrv/login.php. My first thought was cookie or cookies domain. I cleared browser cache, history and cookies…to no avail. I am using the programmatic setting for $baseurl as hardcoding gives a too many redirects error. The programmatic way worked in the past, and still seems to be working. I thought that perhaps the password was somehow corrupted with the database update, so I tried the "forgot password" link; this gives an error. I tried reinstalling. Any ideas would be greatly appreciated. Thank you all for the great work, and thanks in advance for any help.

Error message:

Bad Request!

The parameters of your request are invalid.

If you have obtained this error by clicking on a link INSIDE of this site, please report the bad link to the administrator.

Go back to home page

Additional information about this error:

Illegal value received for parameter «redirect_to»!
Backtrace:

bad_request_die( "Illegal value received for parameter «redirect_to»!" )
File: /Library/Server/Web/Data/Sites/Default/inc/_core/_param.funcs.php on line 293
param( "redirect_to", "url", "/htsrv/login.php?action=lostpassword&redirect_to=http%253A%252F%252Fpress.teleinteractive.net%252F&return_to=%252Fhtsrv%252Flogin.php%253Fdebug%253D_sh1cG8T" )
File: /Library/Server/Web/Data/Sites/Default/htsrv/login.php on line 38
Ignored last: 1

I turned on debugging: Here is the output.

<-- debug output after login attempt start -->

Log in to your account×

Lost your password?

Register »
Your IP address: 207.254.40.10
You will have to accept cookies in order to log in.
powered by open-source CMS software
b2evolution 6.9.3-stable – GPL License

©2003-2016 by François Planque & others.

AJAX Debug log
Clear
Debug info

HTTP Response code: 200
$content_type_header: Content-type: text/html; charset=utf-8
$disp: -- detail:
$robots_index:
$robots_follow:
8 SQL queries executed in 0.003 seconds scroll down to details
Timers
Category Time % Count
total 0.083 100.00% 1
_init_base 0.009 10.84% 1
first_flush 0.083 100.00% 1
_MAIN.inc 0.063 75.90% 1
_init_db 0.005 6.02% 1
SQL QUERIES 0.003 3.61% 8
abstractsettings_GeneralSettings_get 0.001 1.20% 43
init modules 0.030 36.14% 1
plugin_init 0.001 1.20% 1
_init_hit 0.008 9.64% 2
_init_session 0.005 6.02% 2
_init_session__new 0.002 2.41% 1
_init_login 0.001 1.20% 1
abstractsettings_AbstractSettings_get 0.001 1.20% 1
shutdown 0.005 6.02% 1

  • 6 queries < 1%
    Opcode cache: none
    User cache: none

Memory usage: 10 MB
Memory peak usage: 10 MB
Len of serialized $cache_imgsize: 2
Len of serialized $cache_File: 2
Debug messages

note | _init_login | locale | request | timer
note:

redirect_to: http://press.teleinteractive.net/
return_to: /htsrv/login.php
_init_login:

Login: login: ''
Login: pass: empty
locale:

Set DB connection charset: utf8
Login: default_locale from conf: en-US
Login: default_locale from DB: en-US
Login: default_locale from HTTP_ACCEPT: en-US
evo_charset: utf-8
io_charset: utf-8
We need to load a new translation file to translate: "Log in to your account"
T_: Messages file does not exist or is not readable: /Library/Server/Web/Data/Sites/Default/locales/en_US/_global.php
request:

vars: vars: Getting ReqURI from REQUEST_URI
vars: $ReqHost: http://press.teleinteractive.net
vars: $ReqURI: /htsrv/login.php
vars: $ReqPath: /htsrv/login.php
Hit: IP: 207.254.40.10
Hit: UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38
Hit: Referer: false; type=direct
Hit: Remote Host(NO nslookup):
Session: cookie_domain=press.teleinteractive.net
Session: cookie_path=/
Session: Session ID received from cookie: 14007062
Session: Session ID is valid.
Session: Session user_ID: NULL
Session: Session data loaded.
Hash key: 57
Hit: Recording the hit.
Hit:detect_useragent(): Agent name: safari
Hit:detect_useragent(): Agent platform: mac
Session: Session data saved!
timer:

total resumed at 0.000

_init_base resumed at 0.000
    first_flush resumed at 0.000
        _MAIN.inc resumed at 0.000
        _init_base paused at 0.009 (+0.0090)
        _init_db resumed at 0.000
        _init_db paused at 0.005 (+0.0053)
        init modules resumed at 0.000
        init modules paused at 0.030 (+0.0298)
        plugin_init resumed at 0.000
        plugin_init paused at 0.001 (+0.0012)
        _init_hit resumed at 0.000
            Hit::get_remote_host resumed at 0.000
            Hit::get_remote_host paused at 0.000 (+0.0001)
        _init_hit paused at 0.008 (+0.0084)
        _init_session resumed at 0.000
            _init_session__new resumed at 0.000
            _init_session__new paused at 0.002 (+0.0022)
            _init_session__new stopped at 0.002
            _init_session__plugin resumed at 0.000
            _init_session__plugin paused at 0.000 (+0.0000)
            _init_session__plugin stopped at 0.000
            _init_session__user_settings resumed at 0.000
            _init_session__user_settings paused at 0.000 (+0.0004)
            _init_session__user_settings stopped at 0.000
        _init_session paused at 0.005 (+0.0045)
        _init_login resumed at 0.000
        _init_login paused at 0.001 (+0.0013)
        _init_session resumed at 0.005
            _init_session__locale resumed at 0.000
            _init_session__locale paused at 0.000 (+0.0000)
            _init_session__locale stopped at 0.000
        _init_session paused at 0.005 (+0.0000)
        _init_hit resumed at 0.008
        _init_hit paused at 0.008 (+0.0000)
        suspect_user_by_IP resumed at 0.000
        suspect_user_by_IP paused at 0.000 (+0.0000)
        suspect_user_by_IP stopped at 0.000
    _MAIN.inc paused at 0.063 (+0.0635)
    shutdown resumed at 0.000

DB

Config DB Username: blogmaster
Config DB Database: tiapress
Config DB Host: localhost
Config DB tables prefix: tiap_
Config DB connection charset:
Current DB charset: utf8
DB queries: 8
Query #1: Force MySQL "strict" mode (and make sure server is not configured with a weird incompatible mode)

SET sql_mode = "TRADITIONAL"
Rows: 0 – Time: 0.0002s (4.75%)
Query #2: Load settings from evonet_settings

SELECT set_name, set_value
FROM tiap_settings
Rows: 84 – Time: 0.0004s (13.94%)
Query #3: Loading plugin events

SELECT pevt_plug_ID, pevt_event
FROM tiap_pluginevents
INNER JOIN tiap_plugins ON pevt_plug_ID = plug_ID
WHERE pevt_enabled > 0
AND plug_status = 'enabled'
ORDER BY plug_priority, plug_classname
Rows: 150 – Time: 0.0007s (22.37%)
Query #4:

SELECT loc_locale, loc_datefmt, loc_longdatefmt, loc_extdatefmt, loc_input_datefmt, loc_timefmt, loc_shorttimefmt, loc_input_timefmt, loc_startofweek,

        loc_name, loc_messages, loc_priority, loc_transliteration_map, loc_enabled

FROM tiap_locales
ORDER BY loc_priority
Rows: 25 – Time: 0.0004s (12.72%)
Query #5:

SELECT sess_ID, sess_key, sess_data, sess_user_ID, sess_start_ts, sess_lastseen_ts, sess_device
FROM tiap_sessions
WHERE sess_ID = '14007062'
AND sess_key = 'ogIuJP4g9x5cKNwsP0n77V9Gx2KyxVgR'
AND UNIX_TIMESTAMP(sess_lastseen_ts) > 1509076522
Rows: 1 – Time: 0.0004s (12.06%)
Query #6: Load settings from evonet_global__cache

SELECT cach_name, cach_cache
FROM tiap_global__cache
Rows: 7 – Time: 0.0004s (11.12%)
Query #7: Record the hit

INSERT DELAYED INTO tiap_hitlog ( hit_datetime, hit_uri, hit_disp, hit_ctrl, hit_action, hit_type, hit_referer_type, hit_referer, hit_referer_dom_ID, hit_keyphrase_keyp_ID, hit_keyphrase, hit_serprank, hit_coll_ID, hit_remote_addr, hit_agent_type, hit_agent_ID, hit_response_code, hit_method, hit_sess_ID )
VALUES ( FROM_UNIXTIME( 1509681322 ), '/htsrv/login.php', '', '', 'req_login', 'service', 'direct', '', NULL, NULL, '', NULL, NULL, '207.254.40.10', 'browser', NULL, '200', 'GET', '14007062' )
Rows: 1 – Time: 0.0003s (10.22%)
Query #8: Session::dbsave()

UPDATE tiap_sessions SET

    sess_lastseen_ts = FROM_UNIXTIME(1509681322),
    sess_data = 'a:4:{s:22:\"crumb_latest_loginform\";a:2:{i:0;N;i:1;s:43:\"jm5UR0TzgkVJiEojz2dVGmoQKunLqT5y-1509680407\";}s:11:\"core.pepper\";a:2:{i:0;i:1509766807;i:1;s:64:\"sPWg74bp01j29CiidXF8c7u3DOYFl1voTuOYoIQ5T2KVuQ9vBCr9XgG6Odk5BxJ6\";}s:22:\"crumb_latest_loginsalt\";a:2:{i:0;N;i:1;s:43:\"3b4FLOwc5ujUUW0koxb9IjN8C6y4qwTx-1509680407\";}s:17:\"crumb_latest_item\";a:2:{i:0;N;i:1;s:43:\"L0Uuc4TLTx2obd2kGz3Rrw1nZ8hOnRMC-1509680675\";}}',
    sess_ipaddress = '207.254.40.10',
    sess_key = 'ogIuJP4g9x5cKNwsP0n77V9Gx2KyxVgR'

WHERE sess_ID = 14007062
Rows: 1 – Time: 0.0003s (7.96%)
Total rows: 269
Measured time: 0.0032s
Profiled time: 0.0000s

<--debug output after login attempt end -->

<-- debug output after lost password attempt start -->

Debug info

HTTP Response code: 400
$content_type_header: Content-type: text/html; charset=utf-8
$disp: -- detail:
$robots_index:
$robots_follow:
6 SQL queries executed in 0.002 seconds scroll down to details
Timers
Category Time % Count
total 0.053 100.00% 1
_init_base 0.005 9.43% 1
first_flush 0.053 100.00% 1
_MAIN.inc 0.048 90.57% 1
_init_db 0.004 7.55% 1
SQL QUERIES 0.002 3.77% 6
abstractsettings_GeneralSettings_get 0.001 1.89% 39
init modules 0.023 43.40% 1
plugin_init 0.001 1.89% 1
_init_hit 0.007 13.21% 2
_init_session 0.003 5.66% 2
_init_session__new 0.002 3.77% 1
_init_login 0.001 1.89% 1
shutdown 0.004 7.55% 1

  • 6 queries < 1%
    Opcode cache: none
    User cache: none

Memory usage: 9.2 MB
Memory peak usage: 9.3 MB
Len of serialized $cache_imgsize: 2
Len of serialized $cache_File: 2
Debug messages

_init_login | locale | request | timer
_init_login:

Login: login: ''
Login: pass: empty
locale:

Set DB connection charset: utf8
Login: default_locale from conf: en-US
Login: default_locale from DB: en-US
Login: default_locale from HTTP_ACCEPT: en-US
evo_charset: utf-8
io_charset: utf-8
We need to load a new translation file to translate: "Illegal value received for parameter «%s»!"
T_: Messages file does not exist or is not readable: /Library/Server/Web/Data/Sites/Default/locales/en_US/_global.php
request:

vars: vars: Getting ReqURI from REQUEST_URI
vars: $ReqHost: http://press.teleinteractive.net
vars: $ReqURI: /htsrv/login.php?action=lostpassword&redirect_to=http%253A%252F%252Fpress.teleinteractive.net%252F&return_to=%252Fhtsrv%252Flogin.php%253Fdebug%253D_sh1cG8T
vars: $ReqPath: /htsrv/login.php
Hit: IP: 207.254.40.10
Hit: UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38
Hit: Referer: false; type=direct
Hit: Remote Host(NO nslookup):
Session: cookie_domain=press.teleinteractive.net
Session: cookie_path=/
Session: Session ID received from cookie: 14007062
Session: Session ID is valid.
Session: Session user_ID: NULL
Session: Session data loaded.
Hit: Recording the hit.
Hit:detect_useragent(): Agent name: safari
Hit:detect_useragent(): Agent platform: mac
Session: Session is up to date and does not need to be saved.
timer:

total resumed at 0.000

_init_base resumed at 0.000
    first_flush resumed at 0.000
        _MAIN.inc resumed at 0.000
        _init_base paused at 0.005 (+0.0049)
        _init_db resumed at 0.000
        _init_db paused at 0.004 (+0.0040)
        init modules resumed at 0.000
        init modules paused at 0.023 (+0.0229)
        plugin_init resumed at 0.000
        plugin_init paused at 0.001 (+0.0014)
        _init_hit resumed at 0.000
            Hit::get_remote_host resumed at 0.000
            Hit::get_remote_host paused at 0.000 (+0.0000)
        _init_hit paused at 0.007 (+0.0070)
        _init_session resumed at 0.000
            _init_session__new resumed at 0.000
            _init_session__new paused at 0.002 (+0.0017)
            _init_session__new stopped at 0.002
            _init_session__plugin resumed at 0.000
            _init_session__plugin paused at 0.000 (+0.0000)
            _init_session__plugin stopped at 0.000
            _init_session__user_settings resumed at 0.000
            _init_session__user_settings paused at 0.000 (+0.0003)
            _init_session__user_settings stopped at 0.000
        _init_session paused at 0.003 (+0.0030)
        _init_login resumed at 0.000
        _init_login paused at 0.001 (+0.0014)
        _init_session resumed at 0.003
            _init_session__locale resumed at 0.000
            _init_session__locale paused at 0.000 (+0.0000)
            _init_session__locale stopped at 0.000
        _init_session paused at 0.003 (+0.0000)
        _init_hit resumed at 0.007
        _init_hit paused at 0.007 (+0.0000)
        suspect_user_by_IP resumed at 0.000
        suspect_user_by_IP paused at 0.000 (+0.0000)
        suspect_user_by_IP stopped at 0.000
    _MAIN.inc paused at 0.048 (+0.0483)
    shutdown resumed at 0.000

DB

Config DB Username: blogmaster
Config DB Database: tiapress
Config DB Host: localhost
Config DB tables prefix: tiap_
Config DB connection charset:
Current DB charset: utf8
DB queries: 6
Query #1: Force MySQL "strict" mode (and make sure server is not configured with a weird incompatible mode)

SET sql_mode = "TRADITIONAL"
Rows: 0 – Time: 0.0001s (5.52%)
Query #2: Load settings from evonet_settings

SELECT set_name, set_value
FROM tiap_settings
Rows: 84 – Time: 0.0003s (11.84%)
Query #3: Loading plugin events

SELECT pevt_plug_ID, pevt_event
FROM tiap_pluginevents
INNER JOIN tiap_plugins ON pevt_plug_ID = plug_ID
WHERE pevt_enabled > 0
AND plug_status = 'enabled'
ORDER BY plug_priority, plug_classname
Rows: 150 – Time: 0.0008s (31.52%)
Query #4:

SELECT loc_locale, loc_datefmt, loc_longdatefmt, loc_extdatefmt, loc_input_datefmt, loc_timefmt, loc_shorttimefmt, loc_input_timefmt, loc_startofweek,

        loc_name, loc_messages, loc_priority, loc_transliteration_map, loc_enabled

FROM tiap_locales
ORDER BY loc_priority
Rows: 25 – Time: 0.0004s (16.13%)
Query #5:

SELECT sess_ID, sess_key, sess_data, sess_user_ID, sess_start_ts, sess_lastseen_ts, sess_device
FROM tiap_sessions
WHERE sess_ID = '14007062'
AND sess_key = 'ogIuJP4g9x5cKNwsP0n77V9Gx2KyxVgR'
AND UNIX_TIMESTAMP(sess_lastseen_ts) > 1509087713
Rows: 1 – Time: 0.0003s (13.64%)
Query #6: Record the hit

INSERT DELAYED INTO tiap_hitlog ( hit_datetime, hit_uri, hit_disp, hit_ctrl, hit_action, hit_type, hit_referer_type, hit_referer, hit_referer_dom_ID, hit_keyphrase_keyp_ID, hit_keyphrase, hit_serprank, hit_coll_ID, hit_remote_addr, hit_agent_type, hit_agent_ID, hit_response_code, hit_method, hit_sess_ID )
VALUES ( FROM_UNIXTIME( 1509692513 ), '/htsrv/login.php?action=lostpassword&redirect_to=http%253A%252F%252Fpress.teleinteractive.net%252F&return_to=%252Fhtsrv%252Flogin.php%253Fdebug%253D_sh1cG8T', '', '', 'lostpassword', 'service', 'direct', '', NULL, NULL, '', NULL, NULL, '207.254.40.10', 'browser', NULL, '400', 'GET', '14007062' )
Rows: 1 – Time: 0.0004s (14.76%)
Total rows: 261
Measured time: 0.0025s
Profiled time: 0.0000s

<-- debug output after lost password attempt end -->

Nov 04, 2017 19:26

I see the bad the request, and even the line of code in the inc/_core/_param.funcs.php file. However, they aren't bad requests, that is, the parameters being passed seem correct, but aren't being processed..

Yes, I can go back to a previous version, which is how I did the reinstall.

But I would prefer to see this bug fixed.

Thank you for taking a look at this.

Nov 04, 2017 22:46

Trying to get my head around your problem
"I am unable to login after upgrading to 6.9.3 stable. The front-end is working fine. I did a clean upgrade, that is, I deleted all previous b2evolution files, except for the stub files for the various blogs. I copied over the files from the unpacked 6.9.3 archive. I assured that owner:group were correct, and opened up the permissions to rwx for owner, group and all. I brought back conf/_basic_config.php, and ran the install as an upgrade. I brought back the skins that we use, and media files. The front-end looked great. I tried to login, and just came back to htsrv/login.php. My first thought was cookie or cookies domain. I cleared browser cache, history and cookies…to no avail. "

All that seems fine and works fine on my upgrade
but have no idea on what you have done here
" I am using the programmatic setting for $baseurl as hardcoding gives a too many redirects error. The programmatic way worked in the past, and still seems to be working."
but then as the first part works for me ??

The only issue I've had on new installs lately were bad permission in the install folder which you seemed to have passed.
Can you install to a different server? to see if it works

Nov 05, 2017 01:27

@amoun Thank you again for working with me on this.

In conf/_basic_config.php one can hardcode the $baseurl or one can allow the php to programmatically find the URI of the site. As we are actually planning on running several domains through b2evolution, and have done so since we first started using b2evo in 2005, we use the programmatic method, as follows:


/**
 * $baseurl is where your blogs reside by default. CHECK THIS CAREFULLY or nothing will work.
 * It should be set to the URL where you can find the blog templates and/or the blog stub files,
 * that means index.php, blog1.php, blog2.php, etc. as well as admin.php.
 * Note: Blogs can be in subdirectories of the baseurl. However, no blog should be outside
 * of there, or some tricky things may fail (including intempestive logouts)
 *
 * IMPORTANT: If you want to test b2evolution on your local machine, do NOT use that machine's
 * name in the $baseurl!
 * For example, if your machine is called HOMER, do not use http://homer/b2evolution/blogs/ !
 * Use http://localhost/b2evolution/blogs/ instead. And log in on localhost too, not homer!
 * If you don't, login cookies will not hold.
 *
 * @global string $baseurl
 */
//$baseurl = 'http://press.teleinteractive.net/';
// Use the following if you want to use the current domain:

if( isset($_SERVER['HTTP_HOST']) )
{       // This only works if HOST is provided by webserver (i-e DOES NOT WORK IN PHP CLI MODE)
        $baseurl = ( (isset($_SERVER['HTTPS']) && ( $_SERVER['HTTPS'] != 'off' ) ) ?'https://':'http://')
                                                        .$_SERVER['HTTP_HOST'].'/';
}

The $baseurl is important in setting the cookies domain, and login depends on cookies, so the cookies domain must be correct for the cookies to allow the login to work. At least, that is my, possibly faulty, understanding.

I've only played around with PHP programming. Most of my experience is in SQL (ANSI and PL/SQL mostly) and The R Programming language, and I am rusty in both. I am not seeing any MySQL problems. Most of my SysAd experience (from 24 years ago) is in Unix (prefer BSD variants) RHEL Linux, and now the Mac OS X flavor of BSD Unix.

I do have an old iMac at home running Server.app and could try to install b2evo there, using the instructions for installing on a local machine. Good idea, thank you. There may still be some odd permissions issue, as I seem to have had to open up the permissions more than I like to get actual blog pages to show up; in this version vs the previous version that I used. I should also mentioned that I tried to upgrade to a 6.8.6 v2evo version, and that failed at a time when I couldn't look into it further, so I just went back to what I was using previously, 6.6.7.

Hey, Manuel @mgsolipa or François @fplanque – any ideas?

Thank you all. We will get this figured out.

__---
Best Regards,
Joseph

Nov 06, 2017 02:32

OK sorry to be a bit slow on this

Do you only have one domain currently, and can you log in ok with

$baseurl = 'http://press.teleinteractive.net/'

Nov 06, 2017 19:50

If I allow _basic_config.php to hard code $baseurl then web browsers give too many redirect errors. The programmatic methods is the one that works for our platform.

No, I can not login under wither domain that is currently active, nor from the FQDN of the server.

The main blogs are at https://press.teleinteractive.net/

We have another set up now for https://saeiot.com/

The FQDN is fortuna.teleinteractive.net

I had also tried setting Server.app | Web to NOT ALLOW and to ALLOW .htaccess override. Either setting seems to work the same.

I didn't think to try this before, but I can login through localhost/admin.php

Of course, that I means that I need to VNC into the server; but it is at least a workaround for now.

Thank you again for all of your help @amoun

Nov 06, 2017 20:15

Your are definitely in an area I'm unfamiliar with so i don't think I can comment any more. All the best

Nov 06, 2017 21:47

@amoun

Thank you very much for helping. I will keep posting as I try different approaches.

– Joseph

Nov 06, 2017 23:20

@josephdp I tried to reproduce the issue in my Mac with no luck.

The first thing I can see from your site is it's mixing https and http contents. Idea: can you test temporarily removing https?

Nov 07, 2017 05:54

Manuel,

Turing off the redirects to the SSL URL allows me to login from a remote machine, either to http or https. When I log into https, I and logged in, but an error appears saying that password hashing failed, that I was logged in insecurely, and that I should contact an administrator.

Since our sites are all b2evo, this means that b2evo is serving up a mix of secure and unsecured URLs. Is the programmatic way of providing $basurl in _basic_config.php broken? I think so, in that I pulled the code out, added a line to echo $baseurl, and when I access https://press.teleinteractive.net/testBaseURI.php the $baseurl is given as http://press.teleinteractive.net/

I will see if I can figure out how to rewrite the code, so that only https is provided, and see if that works.

Thank you for your help @mgsolipa

Nov 07, 2017 21:19

Forcing the $baseurl to be https:// helped but created a new problem, @mgsolipa – The login page no longer has a mix of secure and insecure content, and I can login remotely. But, I am returned to the front page; with the full menu bar. When I try to go to the backoffice, I get too many redirects error.

Whether or not I am forcing the $baseurl to https, I also see that the skins (CSS) are not being rendered on the blogs.The main collection, which gathers all the blogs under press.teleinteractive.net, shows properly, and its base href, as shown in view source, is /skins/<sknName> For the others, the base href is /<blogName>/skins/<skinName>. Perhaps I should make this as a new issue.

Nov 08, 2017 07:05

I remember now that when we first changed from RHEL to Mac OS X for our server, and using LetsEncrypt certificates, there was some playing around to do in the URL settings for each collection. I need to use an absolute path for all assets in collections | settings | URL I have now done this, and that is working again.

I can only login from localhost though, and as @mgsolipa says, it is likely due to a mix of secure and insecure content being served. So, the original problem remains, and I still need to keep looking for settings in /conf/ files or in the backoffice.

Thank you to all who help or empathize in this community.

Nov 08, 2017 21:59

I've added the following to the top of conf/_advanced.php


/**
 * To reslove an issue with Mac OS X Server.app Webserver
 * that makes websites appear to be behind some form of double proxy,
 * We need to hardcode the location of htsrv and rsc subdirectories and
 * while this isn't a good solution, it does work - however,
 * if the server FQDN changes, then this breaks
 * Using $baseurl won't work, that will give too many redirect errors.
 * With PHP v5.3.0 and greater, use the following to programmatically hard code the location of
 * the htsrv and rsc directories using $hostname
 * We will declare the variable here, and use it below
 */

$hostname = gethostname();

And then changed the following for htsrv and rsc subdirectory locators.


/**
 * Location of the HTml SeRVices folder.
 * 
 * Note: This folder NEEDS to by accessible through HTTP.
 * 
 * @global string $htsrv_subdir
 * @global string $htsrv_path
 * @global string $htsrv_url This applies only to the backoffice. For the frontoffice, the URL will be dynamically generated by function get_htsrv_url( false )
 */
$htsrv_subdir = 'htsrv/';                // Subdirectory relative to base
$htsrv_path = $basepath.$htsrv_subdir;   // You should not need to change this
$htsrv_url = 'https://'.$hostname.'/'.$htsrv_subdir;     // Changed to use FQDN rather than $baseurl for Mac OS X  
//$htsrv_url = ( (isset($_SERVER['HTTPS']) && ( $_SERVER['HTTPS'] != 'off' ) ) ?'https://':'http://').$_SERVER['HTTP_HOST'].'/htsrv/'; //may be needed for multiple domains
//$htsrv_url = $baseurl.$htsrv_subdir;     // You should not need to change this

/**
 * Sensitive URL to the htsrv folder.
 * 
 * Set this separately (based on {@link $htsrv_url}), if you want to use
 * SSL for login, registration and profile updates (where passwords are
 * involved), but not for the whole htsrv scripts.
 *
 * @global string $htsrv_url_sensitive This applies only to the backoffice. For the frontoffice, the URL will be dynamically generated by function get_htsrv_url( true )
 */
$htsrv_url_sensitive = $htsrv_url;
//$htsrv_url_sensitive = 'https://'.$hostname.'/'.$htsrv_subdir;
//$htsrv_url_sensitive = 'http://localhost/'.$htsrv_subdir;

/**
 * Location of the RSC folder.
 *
 * Note: This folder NEEDS to by accessible through HTTP. It MAY be replicated on a CDN.
 *
 * @global string $rsc_subdir
 * @global string $rsc_path
 * @global string $rsc_url This applies only to the backoffice. For the frontoffice, the URL will be dynamically generated by function Blog->get_local_rsc_url()
 * @global string $rsc_uri
 */
$rsc_subdir = 'rsc/';                    // Subdirectory relative to base
$rsc_path = $basepath.$rsc_subdir;       // You should not need to change this
//$rsc_url = $assets_baseurl.$rsc_subdir;  // You should not need to change this - original code before use of $hostname for Mac OS X
$rsc_url = 'https://'.$hostname.'/'.$rsc_subdir; // Changed to use FQDN rather than $baseurl for Mac OS X 
//$rsc_url = $baseurl.$rsc_subdir;         // You should not need to change this
$rsc_uri = $basesubpath.$rsc_subdir;

And this seems to work, in my limited testing so far.

Again, thank you @amoun and @mgsolipa for all your help. BTW, Manuel, this is based on the hard coding that you did in our conf/_advanced.php file when we first moved from RHEL to Mac OS X server. That Mac Mini Server host had been acquired and our machine was moved to a new facility, prompting a change to FQDN.


Form is loading...

powered by b2evolution – This forum is powered by b2evolution CMS, a complete engine for your website.