I cannot use $session->login() to login as a specified user, and it doesn't return false or null.

[desbest]

I cannot use $session->login() to login as a specified user, and it doesn't return false or null.

Here is my code.

    try {
        echo "<br><h1>dauser[name] is </h1>".$dauser->name;
        echo "<br><h1>session[password] is </h1>".$session->password;

        $task = $session->login($dauser->name, $session->password);

        if ($task === false){ echo "failed to login"; }

        // $darealuser = $users->get($dauser->name); 
        // print_r($darealuser->getArray);
        // $users->setCurrentUser($darealuser);
        // $session->_user_id = $darealuser->id; 
    } catch(\Exception $e) {
        throw new WireException('Unable to login as user');
    }

The name and password is correct, as I have printed it on the page to check it.

I can enter a correct username and password, or an incorrect one, and it fails to login as the user, and it doesn't return true or false. The $session->login line fails to execute.

What is going on?

[DaveP]

$session->login() returns NULL on failure - see http://cheatsheet.processwire.com/session/properties-and-methods/session-login-name-pass/ rather than FALSE, so 

if ($task === false)

isn't the correct test.

[desbest]

I've changed my code to check if $task is null or not, but the task isn't completing and I don't know why. If the details are correct, why isn't the user being logged into?

 

Update

Now it is logging into my superuser account instead of the account I specify, when I use $session->login

I have displayed the variables on the web page I am using to login with the username and password, and it is logging into a completely different account that has a different username and password.

What is going on?

[DaveP]

It's only a hunch, but you're using $session->password. Password isn't normally a property of $session (it's a property of $user), so there's a chance that the $session object is being messed up by your setting it like that.

Try renaming that variable to something like 

echo "<br><h1>session[password] is </h1>".$dasession->password;

so that the $session isn't affected and see what happens.

[desbest]

I have changed the variable from $session->password to $session->dapassword and It still doesn't work. Also I am using $session->username which is different from the "name" field used for the user template.

 

$dauser = new User();
$dauser->pass =  $session->dapassword;
$dauser->name = $session->username;
$dauser->save();

try {
     echo "<br><h1>dauser[name] is </h1>".$dauser->name;
     // echo "<br><h1>dauser[pass] is </h1>".$dauser->pass;
     echo "<br><h1>session[name] is </h1>".$session->name;
     echo "<br><h1>session[dapassword] is </h1>".$session->dapassword;

        $task = $session->login($session->username, $session->dapassword); //use plaintext password
        if (!$task){ $notice = "Failed to login to your newly created user. Contact technical support."; }
    } catch(\Exception $e) {
        throw new WireException('Unable to login as user');
    }

 

The login details are correct but instead of logging into the user called "teststudent" with the correct password, it logs into my superuser account called "desbest".

What is going on and how do I fix it?

[adrian]

I just tested your exact code and it worked here. The only exception being that I defined the two session vars at the top.

$session->dapassword = 'abc123456789';
$session->username = 'testuser';

$dauser = new User();
$dauser->pass =  $session->dapassword;
$dauser->name = $session->username;
$dauser->save();

try {
     echo "<br><h1>dauser[name] is </h1>".$dauser->name;
     // echo "<br><h1>dauser[pass] is </h1>".$dauser->pass;
     echo "<br><h1>session[name] is </h1>".$session->name;
     echo "<br><h1>session[dapassword] is </h1>".$session->dapassword;

        $task = $session->login($session->username, $session->dapassword); //use plaintext password
        if (!$task){ $notice = "Failed to login to your newly created user. Contact technical support."; }
    } catch(\Exception $e) {
        throw new WireException('Unable to login as user');
    }

The only confusing thing is that you try to echo $session->name rather than $session->username so that it returned blank, but it logs me into the new user correctly.

Out of curiosity, does forceLogin() work?

[desbest]

forceLogin() does work but with my code, it logs into my "desbest" superuser account instead of the account I want the code to login into which is the user which has just been created.

My code for the signup.php template file is 643 lines long, and it looks like I'll have to give someone my entire website for them to run it on their computer and fix it and I might have to pay them to fix it. As when I isolate the code to its minimal form, it works,  but when I use my 643 lines long signup.php template file, it fails to work and I cannot see what is wrong with my code or if there's a bug with processwire.

Do you think I'll have to post a thread in the Jobs section of processwire?

[dotnetic]

Why don't you publish your signup.php code here? Maybe someone takes a look at it and finds the error. 

You could also post this in the jobs section.

[desbest]

Here it is.

https://gist.github.com/desbest/c09f0fecb117895857a74318216de026

If nobody can solve this in this thread, I'll have to post in the Jobs section.

[adrian]

29 minutes ago, desbest said:

Here it is.

https://gist.github.com/desbest/c09f0fecb117895857a74318216de026

If nobody can solve this in this thread, I'll have to post in the Jobs section.

Ok, I just tested your complete script and it works fine here. I submitted the form, followed the account confirmation email and it instantly logged me into that new account.

I don't know what's happening on your server to stop it from working as expected. Do you have debug mode on / Tracy installed?

 

 

[desbest]

It must be something to do with my server then.

I have debug mode off and I don't have Tracy Debugger.

I have no idea why it works when you test it but fails when I test it. What possible aspect of my server could be causing it not to work?

[adrian]

2 minutes ago, desbest said:

I have debug mode off and I don't have Tracy Debugger.

Well I would seriously suggest turning on debug mode at a minimum - there are probably errors not being reported that are causing the problem.

[desbest]

I have just turned debug mode on and have printed the output of debug mode, so I could see if the session variables are being set correctly.

It turns out the session variables are being set correctly, but still the account being logged into is my "desbest" superuser account instead of the "teststudent" account.

 try {
         // echo "<br><h1>dauser[name] is </h1>".$dauser->name;
         // echo "<br><h1>dauser[pass] is </h1>".$dauser->pass;
         echo "<br><h1>session[username] is </h1>".$session->username;
         echo "<br><h1>session[dapassword] is </h1>".$session->dapassword;

        // $session->set("dapassword", "testpassword");
        // $session->set("username", "teststudent");

        // $task = $session->login($session->username, $session->dapassword); //use plaintext password
         // $task = $session->login("$session->username", "$session->dapassword");
        $task = $session->forceLogin($session->username); 
        if (!$task){ $notice = "Failed to login to your newly created user. Contact technical support."; }
    } catch(\Exception $e) {
        throw new WireException('Unable to login as user');
    }

I have no idea why it's logging into a different account than what I specify, if I was logged out before going on the web page and showing debug mode says that the session variables are set to what they should be.

[adrian]

I am running out of ideas without testing on your server. I would still recommend installing Tracy first though - I am getting 130+ PHP notices and warnings from your code. Admittedly some are likely because my user template doesn't have all the fields yours does, but I am sure you will find you're still getting lots. Once those are fixed, it will be easier for someone to help debug the real problem.

[desbest]

I ran tracy and got rid of all the errors and I still get the same problem of it logging into my "desbest" account instead of the account I specify.

I have a related question. This page says to use $session->get() to get session variables.

If that is true, then how come when I use $session->get("username"); it comes up as blank but when I use $session->username it doesn't come up as blank?

[adrian]

It works both ways. Is it the missing closing " after username in your example, or is that just a typo here in the forum?

[desbest]

It was a typo on the forum. I've corrected it now.

It looks like I'll have to pay someone in the Jobs section to fix this, as what looks like should work as the variable is correct, the website is choosing something else than what is specified.

[Robin S]

1 hour ago, desbest said:

I still get the same problem of it logging into my "desbest" account instead of the account I specify

The login details for your superuser account must be coming from somewhere. One place they might be coming from is your browser in the form of a saved login. Do you get the same problem if you access this page from a different browser that has never been used to login to your superuser account?

In this line here...

if(/* !$user->isLoggedin() && */ $input->get->confirmcode && $input->get->confirmcode == $session->get("confirmcode")){

...I see that the check to make sure the user is not already logged in is commented out. So I wonder if you might already be logged in as superuser at this point.

Does your header or footer contain a login form that might be getting auto-filled with your superuser login details?

[desbest]

I'm making some progress.

I removed include("_header.php"); and include("_footer.php"); and now it logs into the right account.

I will have to find out which of the header or footer is causing the problem, and which line of those files.

Update

I think what caused the problem is at the end of _footer.php I had <?php to start some php code but I never used ?> to close the php code so it caused a quirk

 

2nd Update

I have fixed the problem. The cache became faulty so I deleted the templates/ folder that was inside the cache and now it works.

[adrian]

6 hours ago, desbest said:

I removed include("_header.php"); and include("_footer.php"); and now it logs into the right account.

Sometimes the best approach to debugging when you're not getting anywhere is to just exclude large chunks of code to narrow things down. It's process of elimination which may not seem elegant, but sometimes it's actually pretty quick.

6 hours ago, desbest said:

I had <?php to start some php code but I never used ?> to close the php code so it caused a quirk

Actually, leaving off the closing ?> is recommended, unless of course you have HTML after the php.