Return User - Cookie Problem

[garkok]

I may have seem to bump to a small bug. If you declare a 'cookie_prefix' in codeigniter default settings, Aauth would not recognize it and bypass the default check.

Please check public function is_loggedin(). About line 314 and line 317 there seems to be a problem.

Hovewever, if we change these lines like these
Line 314: if( ! $this->CI->input->cookie($this->CI->config->item('cookie_prefix').'user', TRUE) ){
Line 317: $cookie = explode('-', $this->CI->input->cookie($this->CI->config->item('cookie_prefix').'user', TRUE));

Problem seems to be solved. Maybe create a cookie variable/object at the top and request from CI to arrange the variables?

[REJack]

Hi @garkok,
this is not a bug from Aauth, its a default behavior from CI's Input Class that Aauth uses.

Unlike the Cookie Helper function get_cookie(), this method does NOT prepend your configured $config['cookie_prefix'] value. //Input Class Docs

I'll use the Cookie Helper or your fix for v3.

[garkok]

Hi @REJack,

When does Aauth delete delete remember_exp on database? For some reason, yesterday my website was working fine. Today morning, when I logged back in, I noticed; even though my "remember me" cookie is there the system insisted on logging me back. Then, I noticed that the remember_exp is set to NULL in db.

Nevermind, I found out it is on line 326. Why it is failing to get result from previous lines is beyond me though. Even though the cookie is present, there seems to be problem of checking the times and remember_expression.

Can you check it out? I'm at my wits end for this issue. If I am forced to log back ever day where is the use of remember me? :P

[REJack]

Hi @garkok,

I will take a look over it later.

[REJack]

I've checked the code but i can't reproduce the error, the IF in L326 removes only the remember_exp if user_id & remember_exp isn't found.

Tested with latest Firefox, do you use an another Browser that cause this problem?

[garkok]

Well... I believe it is something with Chrome being open on the check site. It is very, very weird issue. It is probably about session (cached in chrome) staying behind in chrome, and Chrome trying to open from cache. Hence, and I believe, Aauth is trying to force remove cookie, but failing, since the headers are assumed to be already sent.

It is a very odd issue, Some conditions:

• At least session timeout (declared by probably shared hosting) should be met.
• Chrome should cache the website
• Probably couple of hours should be passed.

It is one of the voodou magic of Chrome. Today, it worked, but I entered to check module (HMVC module checking Aauth ->is_loggedin() at construct) and it was all good and dandy.

PS: I hate forced to be using shared hosting.

[REJack]

I'll try this in Chrome later, maybe i can reproduce it 😄