Doubt About Sessions

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Doubt About Sessions

Post by Tarantino »

Hi there,

after many years on phpBB I still doesn't understand how Session works.

I was on 3.0, upgrade to 3.2 (same settings), on 3.0 no problems, on 3.2.1 my users are telling me that after some time they need to login again. So everyday they need to login. And they said they've ticked the option that says "Remember me". But still everyday they still need to login, why?
Which settings (because maybe its way more then 3 settings that can influence on this)

Thanks in advance!
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26520
Joined: Fri Aug 29, 2008 9:49 am

Re: Doubt About Sessions

Post by Mick »

Please post a link to your board.

Have you any idea what equipment the users with problems are using?
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Re: Doubt About Sessions

Post by Tarantino »

I don't know what equipment they use. If your question is if they use mobile/dekstop/portable. Does that matter? Why?

But no matter the equipment, if they use always the same equipment it shouldnt logout the user. And for what they've said it was always in the same equipment.

Is this a cookie problem? I'm using https, and with cookie secure enabled. All well configured as phpBB tutorials says.

"Remember me" is enabled at acp.

"Remember Me login key expiration length (in days)" This option is 0= disabled, but I don't know what this does? Anyone knows?


"Session IP validation:" - I'm using ABC

"Validate browser:" - Enabled

"Validate X_FORWARDED_FOR header:" - Disabled

"Validate Referrer:" - None

"Validate upload certificate:" - No

"Session length:" - 3600


Thanks
Last edited by Tarantino on Mon Jan 22, 2018 12:18 am, edited 1 time in total.
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52768
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: Doubt About Sessions

Post by stevemaury »

Mick wrote: Sun Jan 21, 2018 1:52 pm Please post a link to your board.
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Re: Doubt About Sessions

Post by Tarantino »

User avatar
Noxwizard
Support Team Leader
Support Team Leader
Posts: 10551
Joined: Mon Jun 27, 2005 8:41 pm
Location: Texas, USA
Name: Patrick Webster
Contact:

Re: Doubt About Sessions

Post by Noxwizard »

You have secure cookies enabled, but you allow both HTTP and HTTPS access to your site. Anyone visiting over HTTP will not have cookies set and if they came from the HTTPS version of your site, they will lose their cookies and get logged out. You can only enable secure cookies if your site is only accessible over HTTPS.
[Support Template] - [Read Before Posting] - [phpBB Knowledge Base]
Do not contact me for private support, please share the question in our forums.
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Re: Doubt About Sessions

Post by Tarantino »

This is a copy of it I've forgot to add the htaccess rule. Since I'm trying to figure out on this demo first. So I can do changes on the main one. But even with the force https the problem exist. And I dont know why.

I'm using this

Code: Select all

#FORCE SSL
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I've fixed on the demo. Thanks for the tip.

Is there anything still wrong?
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26520
Joined: Fri Aug 29, 2008 9:49 am

Re: Doubt About Sessions

Post by Mick »

Isn't that a 3.1 board?
Tarantino wrote: Sun Jan 21, 2018 2:21 pmIf your question is if they use mobile/dekstop/portable. Does that matter? Why?
All information is important. If there were a pattern to tie down what the issue could be, like iPads or desktops for instance, then maybe that would help to find what the problem is.
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Re: Doubt About Sessions

Post by Tarantino »

The demo is still at 3.1, the problem still exist on 3.2. I've been waiting for a stable release without problems to migrate from 3.0, but this bug (dunno if its really a bug or a problem in configuration) even on 3.2.1 is still present. Can't figure out why. If you can help on this demo, you'll help me on the final result. On 3.0 I didnt had this problem.

DO you see any problem on the cookies? Or the cookies are just fine?

PS: Demo updated to 3.2.2, let see if this solves the problem.
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26520
Joined: Fri Aug 29, 2008 9:49 am

Re: Doubt About Sessions

Post by Mick »

Tarantino wrote: Sun Jan 21, 2018 8:17 pmDO you see any problem on the cookies? Or the cookies are just fine?
The cookies are fine but you seem to have some kind of redirection going on because clicking https://goo.gl/upvMdR ends up at REMOVED DIRECT LINK that may be an issue. Knowledge Base - Fixing incorrect cookie settings may help.
Last edited by bonelifer on Mon Jan 22, 2018 12:38 am, edited 1 time in total.
Reason: Removed direct link at domain owners request
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
Tarantino
Registered User
Posts: 874
Joined: Sat Feb 18, 2012 1:51 pm

Re: Doubt About Sessions

Post by Tarantino »

I didnt put my url because I dont want spam. So please remove from your post. Thank you for understanding.

I've all cookies well setup as per those instrunctions, I know that KB for years.
Post Reply

Return to “[3.2.x] Support Forum”