WordPress MU

wpmu-2006-07-06
Tested under: IE 6 and Firefox 1.0.4

Users can't logout, if they click on logout option inside dashboard they are redirected again inside the dashboard.

Someone has the same problem? If yes we need to wirte about it in TRAC

There have been reports that this has happened before but I haven't seen it and it hasn't been debugged by the people who had the problem AFAIK.

Please debug wp-login.php and associated functions and figure out why it's happening!

I think the problem is in wp_clearcookie() function. Can you please give me more information on how to debug it?

This has been reported here: http://trac.mu.wordpress.org/ticket/61
Did you login through the main blog as well? Are you using the subdir option?

I'm using vhosts.

If user make the login via main page users can't logout.
If user make the login via his blog url he can logout correctly.

When a user logs in via the main page they should be redirected to their own blog where they (currently) have to login again because it's a different hostname.
When the user logs in, does the browser redirect to their own blog's dashboard?

Via the main page: http://mysite.com/wp-login.php

Users are redirected directly to their own dashboard. No re-login is requested

I have the same problem if I use IE. Firefox is working fine...firefox will redirect user to the user's login page if user is login from main page, so user is ok to logout...but IE will redirect user to user's dashboard if user login from main page, and user can't logout...

If you have trouble with the logout, you may try to replace your wpmu-functions.php with my modified one which I've attached to ticket 61:
http://trac.mu.wordpress.org/ticket/61

It defently solved all my problems (together with changeset 640: http://trac.mu.wordpress.org/changeset/640 ); which you can read about in the ticket.

nkvn - please try to debug it. I created a blog on my test server and logged in through the main blog, I was able to logout too. All through MSIE.
How to debug? watch your access logs and note what URLs are called.
Go into wp-admin/menu.php and near the bottom of the file, print_r or error_log() the $newblog variable.
Examine the cookies in your browser, there should be wordpressuser and wordpresspass cookies for the hostnames on your site.
Check wp_blogs, wp_site and the options table for your blog(s). The siteurl and home options should match the urls of your blogs.

ok, i have a fix for that, in ANY situation... and i will not provide this in the trak or the dev forum... too lazy to register:

open wp-login.php, and change this (line 25):

***********************************************

case 'logout':

wp_clearcookie();

***********************************************

to this:

***********************************************

case 'logout':

# version to logout everybody within the website, not only admins...
# the default have flaws... this one NOT!
# wp_clearcookie();

# php.net: http://ca.php.net/manual/en/function.setcookie.php#68350
function getDomain() {
if ( isset($_SERVER['HTTP_HOST']) )
{
$dom = $_SERVER['HTTP_HOST']; // Get domain
// Strip www from the domain
if (strtolower(substr($dom, 0, 4)) == 'www.') { $dom = substr($dom, 4); }
// Check if a port is used, and if it is, strip that info
$uses_port = strpos($dom, ':');
if ($uses_port) { $dom = substr($dom, 0, $uses_port); }
// Add period to Domain (to work with or without www and on subdomains)
$dom = '.' . $dom;
}
else
{
$dom = false;
}
return $dom;
}
// Get domain without www and any port (if present)
$domain = getDomain();
$expire = time() - 1;

// Set the cookie
setcookie(USER_COOKIE, ' ', $expire, '/', $domain);
setcookie(PASS_COOKIE, ' ', $expire, '/', $domain);


***********************************************

this will make all cookies related to this domain to be deleted...

This last fix seemed to work the first time I signed out then I logged back in and couldn't signout again.

Wierd.

charlie_c

I have applied the code showed above and it had same effect as you write about. but then I just put after this code previously deleted wp_clearcookie(); and it seems to work ok for me. (using blog with subdirectories since my domain have more services than just blogs)