Hi, I have the Frontend User Management module installed within CMSMS which is connected to the Self Registration Module.
I have used the modules to create a login section to a website where users can then access protected pages.
The system had been working correctly, however recently this stopped working as it used to after installing updates. I have added in the {cge_form_csrf} tags which have been mentioned in other forum posts.
The issue that I am experiencing is that when I first register and confirm the registration, I am logged in and all works correctly. However, when I then log out and try to log in again, I cannot log in and get redirected to the login form.
Would appreciate any help. Thanks in advance.
System Information:
----------------------------------------------
Cms Version: 2.2.8
Installed Modules:
AdminSearch: 1.0.4
CGCalendar: 2.5.1
CGExtensions: 1.61.2
CGSimpleSmarty: 2.1.8
CGSnapshot: 1.3
CGTiny: 1.2.8
CGTweet: 1.3.2
CMSContentManager: 1.1.6
CMSMailer: 6.2.14
CmsJobManager: 0.1.3
CustomContent: 1.10
DesignManager: 1.1.4
ECB2: 1.3.1
FileManager: 1.6.7
FilePicker: 1.0.3
FormBrowser: 0.5
FormBuilder: 0.8.1.6
FrontEndUsers: 2.12.1
JMFilePicker: 1.0.1
LISE: 1.3.1
LISEAccreditations: 1.3.1
LISECareers: 1.3.1
LISEHistory: 1.3.1
LISETraining: 1.3.1
MenuManager: 1.50.3
MicroTiny: 2.2.2
ModuleManager: 2.1.4
Navigator: 1.0.9
News: 2.51.4
Search: 1.51.5
SelfRegistration: 1.14.2
SiteMapMadeSimple: 1.2.8
Uploads: 1.25.8
Config Information:
php_memory_limit:
max_upload_size: 16000000
url_rewriting: mod_rewrite
page_extension: /
query_var: page
auto_alias_content: true
locale:
set_names: true
timezone: Europe/London
permissive_smarty: true
Php Information:
phpversion: 5.6.38
md5_function: On (True)
json_function: On (True)
gd_version: 2
tempnam_function: On (True)
magic_quotes_runtime: Off (False)
E_ALL: 32759
E_STRICT: 2048
E_DEPRECATED: 8192
test_file_timedifference: No time difference found
test_db_timedifference: No time difference found
create_dir_and_file: 1
memory_limit: 128M
max_execution_time: 30
register_globals: Off (False)
output_buffering: On
disable_functions:
open_basedir:
test_remote_url: Success
file_uploads: On (True)
post_max_size: 8M
upload_max_filesize: 16M
session_save_path: /var/cpanel/php/sessions/ea-php56 (1733)
session_use_cookies: On (True)
xml_function: On (True)
xmlreader_class: On (True)
check_ini_set: On (True)
curl: On
Performance Information:
allow_browser_cache: Off (False)
browser_cache_expiry: 60
php_opcache: On (True)
smarty_cache: Off (False)
smarty_compilecheck: Off (False)
auto_clear_cache_age: On (True)
Server Information:
Server Software: Apache
Server Api: cgi-fcgi
Server Os: Linux 2.6.32-896.16.1.lve1.4.54.el6.x86_64 On x86_64
Server Db Type: MySQL (mysqli)
Server Db Version: 5.5.59
Server Db Grants: Found a "GRANT ALL" statement that appears to be suitable
Permission Information:
tmp: /data06/quadras/public_html/tmp (0755)
tmp_cache: /data06/quadras/public_html/tmp/cache (0755)
templates_c: /data06/quadras/public_html/tmp/templates_c (0755)
modules: /data06/quadras/public_html/modules (0755)
uploads: /data06/quadras/public_html/uploads (0755)
File Creation Mask (umask): /data06/quadras/public_html/tmp/cache (0755)
config_file: 0444
----------------------------------------------
Frontend User Management Login Issues
Re: Frontend User Management Login Issues
check the location of the csrf tag in the feu login template, and make sure you're editing the correct template. I think the tag needs to be after the form_start tag.
Not getting the answer you need? CMSMS support options
Re: Frontend User Management Login Issues
Thanks DIGI3, this is my code in the FEU login form:
{if isset($alt_loginform)}
<div class="row" id="altlogin">{$alt_loginform}</div><br/>
{/if}
<fieldset id="loginform">
{$startform}{cge_form_csrf}
{*
* a simple honeypot captcha....if this field has a value after submit an error will be thrown
* deleting this field will simply disable the honeypot.
* it is important that the field be hidden with CSS rather than using a hidden input field.
*}
<input type="text" name="{$actionid}feu__data" value="" style="display: none;"/>
{if $error}
<div class="alert alert-danger">
{$error}
<br/><a href="{cms_selflink href='welcome'}">Download Portal - Home</a>
</div>
{/if}
<div class="form-group">
<label for="feu_username">*{$prompt_username}:</label>
<input class="form-control" type="{if $username_is_email}email{else}text{/if}" id="feu_username" name="{$fldname_username}" value="{$username}" size="{$username_size}" maxlength="{$username_maxlength}" {if !$username_is_email}autocorrect="off" autocapitalize="off"{/if} required/>
</div> <!-- /.form-group -->
<div class="form-group">
<label for="feu_password">*{$prompt_password}:</label>
<input class="form-control" type="password" id="feu_password" name="{$fldname_password}" value="{$password}" size="{$password_size}" maxlength="{$password_maxlength}" required/>
</div> <!-- /.form-group -->
{if isset($captcha)}
<div class="captcha">
{$captcha}
<div class="form-group">
<label for="captcha">{$captcha_title}</label>
{if $need_captcha_input}
<input type="text" name="{$actionid}feu_input_captcha" size="10" class="form-control" id="captcha"/>
{/if}
</div> <!-- /.form-group -->
</div> <!-- /.captcha -->
{/if}
{if isset($prompt_rememberme)}
<div class="checkbox">
<label><input type="checkbox" name="{$actionid}feu_rememberme" value="1" {if $rememberme==1}checked{/if}/> {$prompt_rememberme}</label>
</div>
{/if}
<div class="btn-group">
<button class="btn btn-default" name="{$actionid}feu_submit">{$FrontEndUsers->Lang('login')}</button>
{if isset($url_lostun) || isset($url_forgot)}
{if isset($url_forgot)}
<a href="{$url_forgot}" title="{$FrontEndUsers->Lang('info_forgotpw')}" class="btn btn-default">{$FrontEndUsers->Lang('forgotpw')}</a>
{/if}
{if isset($url_lostun)}
<a href="{$url_lostun}" title="{$FrontEndUsers->Lang('info_lostun')}" class="btn btn-default">{$FrontEndUsers->Lang('lostusername')}</a>
{/if}
{/if}
</div> <!-- /.btn-group -->
{cge_form_csrf}{$endform}
</fieldset>
{if isset($alt_loginform)}
<div class="row" id="altlogin">{$alt_loginform}</div><br/>
{/if}
<fieldset id="loginform">
{$startform}{cge_form_csrf}
{*
* a simple honeypot captcha....if this field has a value after submit an error will be thrown
* deleting this field will simply disable the honeypot.
* it is important that the field be hidden with CSS rather than using a hidden input field.
*}
<input type="text" name="{$actionid}feu__data" value="" style="display: none;"/>
{if $error}
<div class="alert alert-danger">
{$error}
<br/><a href="{cms_selflink href='welcome'}">Download Portal - Home</a>
</div>
{/if}
<div class="form-group">
<label for="feu_username">*{$prompt_username}:</label>
<input class="form-control" type="{if $username_is_email}email{else}text{/if}" id="feu_username" name="{$fldname_username}" value="{$username}" size="{$username_size}" maxlength="{$username_maxlength}" {if !$username_is_email}autocorrect="off" autocapitalize="off"{/if} required/>
</div> <!-- /.form-group -->
<div class="form-group">
<label for="feu_password">*{$prompt_password}:</label>
<input class="form-control" type="password" id="feu_password" name="{$fldname_password}" value="{$password}" size="{$password_size}" maxlength="{$password_maxlength}" required/>
</div> <!-- /.form-group -->
{if isset($captcha)}
<div class="captcha">
{$captcha}
<div class="form-group">
<label for="captcha">{$captcha_title}</label>
{if $need_captcha_input}
<input type="text" name="{$actionid}feu_input_captcha" size="10" class="form-control" id="captcha"/>
{/if}
</div> <!-- /.form-group -->
</div> <!-- /.captcha -->
{/if}
{if isset($prompt_rememberme)}
<div class="checkbox">
<label><input type="checkbox" name="{$actionid}feu_rememberme" value="1" {if $rememberme==1}checked{/if}/> {$prompt_rememberme}</label>
</div>
{/if}
<div class="btn-group">
<button class="btn btn-default" name="{$actionid}feu_submit">{$FrontEndUsers->Lang('login')}</button>
{if isset($url_lostun) || isset($url_forgot)}
{if isset($url_forgot)}
<a href="{$url_forgot}" title="{$FrontEndUsers->Lang('info_forgotpw')}" class="btn btn-default">{$FrontEndUsers->Lang('forgotpw')}</a>
{/if}
{if isset($url_lostun)}
<a href="{$url_lostun}" title="{$FrontEndUsers->Lang('info_lostun')}" class="btn btn-default">{$FrontEndUsers->Lang('lostusername')}</a>
{/if}
{/if}
</div> <!-- /.btn-group -->
{cge_form_csrf}{$endform}
</fieldset>
Re: Frontend User Management Login Issues
I don't think you need the tag in there twice, but not sure that would cause the problem.
Perhaps try a new template from prototype, add the csrf tag if it isn't there, and make sure to test in a clean browser/incognito mode.
Perhaps try a new template from prototype, add the csrf tag if it isn't there, and make sure to test in a clean browser/incognito mode.
Not getting the answer you need? CMSMS support options
Re: Frontend User Management Login Issues
Thanks for the response DIGI3, I've tried replacing the login template with the prototype and inserted the csrf tag, but still get redirected to the login screen.
Do you have any other ideas? The redirect to page in the shortcode for the module is the correct page to redirect to, but it doesn't appear to work correctly.
Thanks.
Do you have any other ideas? The redirect to page in the shortcode for the module is the correct page to redirect to, but it doesn't appear to work correctly.
Thanks.
