Recent Topics

Keep having to log in admin?

Started by on Oct 10, 2003 – Contents updated: Oct 10, 2003

Oct 10, 2003 05:28    

I'm new to b2evolution. Install went fine (b2evolution 0.8.6, apache 2.0.47, php 4.3.1, FreeBSD). I have my correct username and password, and can login successfully.. but when I try and go anywhere, (stats, cats, blogs, Options, Templates, users.. ) I have to login again, which works, but is this correct?

And even after I login to one 'section' and I leave it, I have to login again.. I've checked cookies and that whole thing (IE win2k) and they are all default, I've installed other 'blogger' applications and none of them have this cookie problem. (If it is a cookie problem).

Other than that it works great ;)

I thank you for taking the time to read this message.

Oct 10, 2003 13:10

You MUST use the same base URL as you have set in $baseurl to log in.

Otherwise the cookies won't hold.

Oct 10, 2003 14:52

Thank you for taking time to write back..

I'm using this for internal testing first..

root@milenko [/usr/local/www/b2evolution/blogs/conf]# 8 > grep baseurl _config.php
# $baseurl is where your blogs reside by default. CHECK THIS CAREFULLY or nothing will work.
# $baseurl = 'http://www.example.com/blogs';
$baseurl = 'http://milenko/b2evo/blogs'; // IMPORTANT: NO ENDING SLASH !!!

and when I go to http://milenko/b2evo/blogs it shows me the page that starts with: ".. This page is a placeholder .. "

Css works. When I go to the Demo Blog A, Blog B, Blogroll, they all showup the correct way, (css and images working is my only test).

But when I go the My Back-Office or try to Login as admin, (again all the css and graphics show up correctly on the login page(s)) I put in the correct working password, and after I get authenticated and do $whatever, its like it doesn't keep the login cookie.

Oct 10, 2003 23:00

I had the same problem (using 0.8.6) when using IE6 on W2k. I think it's something to do with IE's privacy settings - I had to set IE to always accept cookies from my domain.

Oct 11, 2003 01:34

Ok ;)

You were correct, it did have to do with the hostname. I run internal dns on my home network,(A, PTR's and the like.. ) in which I created the domain 'at.home', so the fqdn of the milenko box would be milenko.at.home . Since all machines that I would allow to access it would be part of the 'at.home' domain, there was no logical reason that I saw to enable anything but.

Obviously I was wrong.

I'm not sure what spec you are referring to (as to why it didn't work; as I previously stated this setup worked for many other blogs that I have tried/tested). If it would be of interest to you or anyone, would anyone like to understand why b2evolution didn't or doesn't work the same way that things like b2, postnuke, geeklog, e107.. work with a 'hostname' and don't need an fqdn? I would happily accept that 'everyone else is wrong'.

Just a thought..

Otherwise, I greatly appreciate your help.

Oct 11, 2003 02:04

I keep repeating this over and over... :P

b2evolution is one of the rare applications that will specify the cookie DOMAIN and the cookie PATH when trying to set a cookie. Most apps don't and let the browser handle it as it likes...

Specifying the DOMAIN and PATH forces you to actually be on that URL for the cookie to be set.

Now why do we do that? The main reason is that it will allow you to run multiple instances of b2evolution in different folders of the same website. (even different versions). Another reason is security. This restriction prevents several different cookie stealing attacks.

Finally, if you think cookie carelessness is a better choice, you can change the cookie default conf in _advanced.php and let the cookies be set on a very broad range.

Apr 05, 2004 01:12

hiya,

i've just upgraded from b2, and am getting the "you must log in!" error message over and over, as mentioned in this thread and in the FAQ.

my installation is at http://bo.gs/b2e/blogs and seems to be working fine.

my _config.php file has the following line:

$baseurl = 'http://bo.gs/b2e/blogs';

any ideas what's going on? does it have to do with my sort of nonstandard domain name? i ask this because when modifying IE's privacy settings to explicitly allow cookies from this domain, IE doesn't accept "http://bo.gs" as a valid domain :-/

Apr 05, 2004 08:05

Check that you do have set $b2evo_name = 'somename' as a single word without any space. It may cause the problem...

Apr 14, 2004 11:21

Safari is a little buggy when it comes to logging in. I made sure all my paths were correct, but it still prompted me to log in continually.

I don't have this problem in Mac's IE5.2 or Firefox 0.8.

Apr 14, 2004 11:29

just to followup on my earlier posting in this thread...

after reinstalling several times, fiddling with my IE cookie, browser & security settings, i've ascertained the following:

i've set $baseurl = 'http://bo.gs/b2e';

my blog views fine at the above URL.

in Netscape and Mozilla, i can login as admin at the http://bo.gs/b2e/admin with no problem, the cookies stick as i jump from admin page to admin page.

in IE, for whatever reason, i have to continually login as i jump from admin page to admin page. however, if i use the following URL instead:

http://WWW.bo.gs/b2e/admin, then everything works fine. for some reason, i'm inclined to believe that this has to do with the way that IE handles cookies.

Apr 28, 2004 22:30

Hello all,
i'm new to B2evo and I had this same problem of 'logging on each page' in admin section. I've red th FAQ, and search the forum, and I have applied all sugestions. Nothing works, but Ericbogs make me thinking of name resolution problem (or DNS).
Eureka : you MUST use 'fully qualified name' if you are in a Office Lan like me for testing.
EG : $baseurl='http://machinename.full.domain.name:8080/b2evolution/blogs/admin' works fine for me !!
I suppose its due to cookie stuff that store path AND DOMAIN...

;)

May 07, 2004 01:48

Ok. I understand what's the problem with cookies in a local installation.
But I don't like to change the way that I use to set up URLs on my local server ( simply http://somename/ ) and it's not so clear how to leave that issue (cookies) just for an On-Line installation!
Can you tell me how to change the config file to change that behaviour, please?
Or there's other way to make it?
A detail: I use Mozilla Firefox 0.8

Thanks in advance!

May 19, 2004 14:51

Here I go again.
Well, finally I changed the way that I handle domains on my localhost, actually I'm using something like:

http://www.sitename.local/

The base URL is:

$baseurl = 'http://www.evolution.local/evolution/blogs';

After reading your FAQs and other threads I guess that's the right path but the trouble remains the same!!!

I can Login from http://www.evolution.local/evolution/blogs/admin/ and everything looks great but each time that I try to move to other tab (Eg.: From Category to Users) I must to Re-Login!!!

I deleted the cookies and start again but it's the same.

Finally, if you think cookie carelessness is a better choice, you can change the cookie default conf in _advanced.php and let the cookies be set on a very broad range.

Can you explain a little bit about this?
As I'm testing b2evolution on a localhost, I don't care about the cookies Issue (or I must?)

This seems to be a common problem and there's no a certain answer, of course I read the FAQs and understand the point about this, but as you know sometimes managing cookies on localhosts could be a little messy ...

Looking forward for your Help

Thanks in advance

May 19, 2004 22:42

No answers here ... ? :(

Any tip?

Sep 13, 2004 21:17

for my blog i just removed www. from the beginning of the web adress

Sep 26, 2004 00:09

fplanque wrote:

I keep repeating this over and over... :P

b2evolution is one of the rare applications that will specify the cookie DOMAIN and the cookie PATH when trying to set a cookie. Most apps don't and let the browser handle it as it likes...

Specifying the DOMAIN and PATH forces you to actually be on that URL for the cookie to be set.

Now why do we do that? The main reason is that it will allow you to run multiple instances of b2evolution in different folders of the same website. (even different versions). Another reason is security. This restriction prevents several different cookie stealing attacks.

Finally, if you think cookie carelessness is a better choice, you can change the cookie default conf in _advanced.php and let the cookies be set on a very broad range.

I'm trying to set it up for intranet use via the URL http://intranet/blogs

we don't care about security because it won't be accessible from the internet, only from inside our network or via vpn.

Can you please tell me more about "change the cookie default conf in _advanced.php and let the cookies be set on a very broad range" specifically which variable to change and what changes need to be made to it.

looks like well designed and well written stuff, looking forward to getting past this hurdle to get to work with it.

TIA

Dec 29, 2004 23:00

First, set your base url to "intranet".

Open up blogs/conf/_advanced.php

Look for this line

$cookie_domain = ($basehost == 'localhost') ? '' : '.'. $basehost;

Set it to this:

$cookie_domain = ($basehost == 'localhost'||$basehost == 'intranet') ? '' : '.'. $basehost;

or, you can just screw the whole 'domain' thing altogether, and set it to:

$cookie_domain = '';

You'll also want to turn of pings in the blog settings, so that you don't waste the ping hosts' time looking for a host that doesn't exist.


Form is loading...

b2evolution CMS – This forum is powered by b2evolution CMS, a complete engine for your website.