Hello,
one of the sites I’ve published on OJS 3.0.2 has a strange error - after logging in, user is unable to log out. Clicking logout either on frontend or backend results in redirect to submissions dashboard. It’s strange that once logged in - it’s impossible to get to User account settings - user profile or any other settings in “Users & Roles” redirect instantly to submission dashboard. “Expire user sessions” also redirects to backend dashboard.
Setting debugging on doesn’t produce any errors. Any ideas?
Hi @szmigieldesign,
This is likely a cookie problem. I’d suggest flushing your browser’s cookies. Another possible solution is setting the cookie path in your config.inc.php
explicitly, in case some combination of server tools is causing OJS to set it incorrectly.
Regards,
Alec Smecher
Public Knowledge Project Team
Thanks @asmecher.
Should cookie path be relative (just /) or absolute server path to OJS document root?
Hi @szmigieldesign,
It’s generally good practice to scope it as specifically as possible, thus the OJS document root. However, if you have two OJSSID
cookies (this is the default name of the cookie per config.inc.php
) at different paths, they may interfere – so ensure that you don’t have any extras lying around.
Regards,
Alec Smecher
Public Knowledge Project Team
Hm,
I’ve changed session cookie name and cleared the cache and the problem persists. Chrome’s console reports cookie path as “/”.
@asmecher, this is strange as I have two separate sites that originally started as one OJS installation with two journals which were then split onto separate installations and reside on separate domains. Pinging those domains gives me the same IP indicating it’s the same server. However, on one instance (journal A), there is no problem with logout situation (but there was a problem with Access-Control-Allow-Origin policy that was breaking icon fonts), but on the second instance (Journal B) I can’t log out.
I’ve sniffed the cookies with developer console and they look identical in both cases with “domain” being “.domain” and “path” being “/”. Nothing changed after I’ve changed their IDs. The problem still persists on journal B.
Can it be something else than cookies? However, clearing the cookie in the browser logs me out correctly and I have to log in again - but I still can’t access user administration area in OJS dashboard.
Ok, it seems that it’s fixed.
- I’ve changed cookie ID for both sites to be unique.
- I’ve added rewrites from www to non-www to htaccess.
- I’ve cleaned both OJS and browser cache.
Once again - thanks @asmecher for super-quick insight and suggestions.
Hi @szmigieldesign,
Great! It sounds like this was a cookie collision.
Regards,
Alec Smecher
Public Knowledge Project Team