I'm trapped in a “You are already logged in” loop

7 posts by 2 authors in: Forums > CMS Builder
Last Post: October 25, 2015   (RSS)

By gkornbluth - October 4, 2015

Hi All,

I’m trapped in a “You are already logged in” loop and I could use some help.

I’m attempting to update the expiration date of a user after a renewal payment on a CMSB 2.64 site using website membership V1.10.

The Post Login Global is set to

$GLOBALS['WEBSITE_LOGIN_POST_LOGIN_URL']  = 'http://www.mysite.com/members-only.php';


After the payment, the user is directed to a page with that requires a current user with

<?php
if (!$CURRENT_USER) { websiteLogin_redirectToLogin(); }  ?>


and then is supposed to update the expiresDate of the CURRENT_USER’s account.

with this code:

<?php
  mysqlStrictMode(false);
 mysql_query("UPDATE `{$TABLE_PREFIX}accounts`    
       SET  expiresDate = expiresDate + INTERVAL 1 YEAR    
   WHERE num = '".mysql_escape( $CURRENT_USER['num'] )."'")  
       or die("MySQL Error:<br/>\n". htmlspecialchars(mysql_error()) . "\n");  
        $userNum = mysql_insert_id();  
    // redirect after a successful update  
    header("Location: renewal-confirmation.php");
 ?>


Then there’s the login page that also looks for a current users with:

if (@$CURRENT_USER  ) { $errorsAndAlerts .= "You are already logged in!<br /><br /><a class='special-link' href='{$GLOBALS['WEBSITE_LOGIN_POST_LOGIN_URL']}'>Click/Tap here to continue</a><br /> or<br /><a class='special-link' href='?action=logoff'>Click/Tap here to Log Off</a><br/>\n"; }

Near as I can figure, the 2 if statements are putting me into the loop, but I can’t figure a way out of the dilemma.

The complete pages are attached.

Thanks,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By Daryl - October 6, 2015 - edited: October 6, 2015

Hi Jerry,

Can you confirm if I correctly understand what's happening:
When the user directed to "renewal_thanks.php" page, they get redirected to the login page because "renewal_thanks.php" requires $CURRENT_USER. 
After logging in, instead of going back to "renewal_thanks.php" page, the user is redirected to "http://www.mysite.com/members-only.php"  page. 
And that's where the "You are already logged in" loop between login page and members-only page. Is that correct?
Is the members-only page is set as $GLOBALS['WEBSITE_LOGIN_PROFILE_URL'] as well?

If that's the case, can you try to add the code below on top of the members-only page before loading the viewers function and let me know if that resolves the issue?

$GLOBALS['WEBSITE_MEMBERSHIP_PROFILE_PAGE'] = true; 

Anyway, looks like the user needs to be logged in when directed to "renewal_thanks.php" page as you're using $CURRENT_USER['num'] for updating the expiresDate. 

Is there a reason why the user is not logged in before getting redirected to "renewal_thanks.php" in the first place?

$GLOBALS['WEBSITE_MEMBERSHIP_PROFILE_PAGE'] = true; 

Daryl Maximo
PHP Programmer - interactivetools.com

By gkornbluth - October 7, 2015 - edited: October 7, 2015

Hi Daryl,

Thanks for tackling this.

Sorry for the lag in responding, I was out of the office this morning.

Yes you are correct in understanding the process

No the members-only page is NOT set as $GLOBALS['WEBSITE_LOGIN_PROFILE_URL']  The Profile page is a totally different page.

__________________

As I mentioned above, here’s the process the way it's supposed to work.

1) A member tries to log in, and if their membership has expired, they are taken to a mandatory PayPal renewal payment page (or they can choose to go through a voluntary PayPal renewal payment page)

2) the member then pays their renewal dues using PayPal.

3) On successful payment PayPal automatically redirects to the renewal thanks page.

4) The renewal thanks requires them to log in (so the system knows who they are) and then after a successful login, their account record expiresDate field is automatically updated without their further intervention.
________________

I thought that the system would automatically re-direct the user back to the renewal thanks page after they logged in, since it was the last page requested (by PayPal)

If that's not so, could PayPal direct them to a special log in page that automatically  redirected to the renewal thanks page after they logged in  which updated their expiresDate without further user intervention

Would I accomplish the redirect from that special login page with a new $global in the Website Membership plugin perhaps? (Not sure how to do that...)

Best,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By Daryl - October 9, 2015

Hi Jerry,

Would you mind if I take a closer look by submitting a second level support request?

You can find the form here: https://www.interactivetools.com/support/email_support_form.php

Thanks,

Daryl Maximo
PHP Programmer - interactivetools.com

By gkornbluth - October 10, 2015

Hi Daryl,

Thought I should mention it.

I was convinced that I solved the issue, but my client informs me that they are sometimes redirected to the home page after logging in when they should be taken to the WEBSITE_LOGIN_POST_LOGIN_URL members-only page

Hope that helps...

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By gkornbluth - October 25, 2015

Hi all,

The solution to this issue proved to be very illusive but it's now solved, and I hope that this will save someone a whole heap of time and frustration.

After a lot of suggestions from both Daryl and Damon, I ended up setting up a parallel test site with an identical set of plugins and modifications, also running CMSB V 2.64. 

For some yet unknown reason, even with the plain vanilla sample member_login form, the test site did not exhibit the "loop" issue.

After comparing and conforming all the CMSB and viewer files on the 2 sites (using WinMerge), here's what I found:

The one small change that actually fixed the issue was in the website membership plugin (V1.10) itself.

There, the  $GLOBALS['WEBSITE_LOGIN_LOGIN_FORM_URL']  had the full URL entered on the non-working live site, and a relative URL entered on the working test site.

When I changed the full URL in $GLOBALS['WEBSITE_LOGIN_LOGIN_FORM_URL']  = 'http://www.my-site.com/member_login.php';   to a relative URL: $GLOBALS['WEBSITE_LOGIN_LOGIN_FORM_URL']  = '/member_login.php';

The loop issue and the misdirects after login issues that my client had mentioned all disappeared.

And just to be sure, every time I changed the relative URL back to a full URL, the issue returned.

I'm still curious as to why that made a difference, but there you have it...

Best,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php