I'm exactly the same as Fuzz10. Tried and tested the same. Client also getting increasingly annoyed.
We've moved the forum!
Please use forum.silverstripe.org for any new questions
(announcement).
The forum archive will stick around, but will be read only.
You can also use our Slack channel
or StackOverflow to ask for help.
Check out our community overview for more options to contribute.
Umm, I'm a little stumped to be honest. This isn't something I've come across before, except when people have put "_" characters in domain names, which muck up session cookies in IE.
* Have you tried different browsers? Do you get any different results?
* Can you send me details of how to get to your sites at sam [at] siverstripe [dot] com, so I can have a look myself?
Hey Sam,
Sorry for late reply. I ended up moving my site to a new hosting company. I couldn't find a fix for over a month and my client was getting very mad to say the least. The problem did occur in both IE and Firefox. I wasn't able to test on any other platform.
I believe it has something to do with installing on a sub-directory. Perhaps the guys at Silverstripe can take a look when they get a spare moment... i'm sure many other people will encounter this same problem.
Thanks for following up :)
I've had exactly the same problem - also in the "php 5 installation error" thread.
After numerous reinstallations and hanging at the PHP 5 is required during installation, I came back to the install after dinner, restarted the browser and was pleased (and confused) to see the ss232 installed and the homepage running.
Yay - I thought - but prematurely.
When clicking on "the CMS" link from the homepage and loggin in with the admin credentials I get the following page (ss1.png).
Refresh.. refresh..refresh..refresh.. nothing..
Type in /mysite.com/admin and I get the Admin interface again (ss2.png)
Click on the security tab and it goes back to the login screen (ss3.png)
Very wierd!
So, one year later (almost to the day), and I've got the same problem. To sum it up, I installed SS 2.4.0, onto a Rackspace cloud server. I currently have 3 other SS installs on the same cloud, different domains, and they work just fine (they are v. 2.3.4).
Here is my long story summed up as best as possible.
Installed v 2.3.4 just like the other three sites I have on the cloud.
Everything installed fine.
Tried to log in - worked (sort of). I was presented with the CMS, and couldn't save any forms, then was redirected to the login page again.
I tried, reinstalling, pulling hair out, avoiding the boss, etc.
Installed v 2.4.0
Same problem as above.
Followed Sam's suggestions in this post - no workie.
Tried the suggestions in this post: http://silverstripe.org/installing-silverstripe/show/285523#post285523 - No workie.
Like Briohny, my client is getting mad, as well as my boss.
Firebug is giving me the errors of "NOTLOGGEDIN" and "SecurityID doesn't match, possible CSRF attack."
Here is my setup:
PHP 5.2.13
MySQL 5+
working in the root directory (always have been)
user has full admin rights
I have tested and have this problem on Safari, Firefox (pc and mac) IE, 7 & 8, so its not a browser problem.
I'm at a total loss here. What finally worked for any of you to get this working?
to whom it may concern. I've been chatting with rackspace tech support for over an hour, and basically hosting sites have a common folder for all virtual private servers to hold session files.
So if you are having issues you can add the following to the bottom of your .htaccess file and take control of your own sessions:
php_value session.gc_probability 1
php_value session.gc_divisor 100
php_value session.gc_maxlifetime 3600
php_value session.save_path /mnt/stor1/123456/example.com/web/sessions
my session save path is outside my content folder that holds the web files, so it can't be accessed from the www.
Here is a link explaining the above.
http://cloudsites.rackspacecloud.com/index.php/Why_are_my_PHP_sessions_not_working%3F
I just upgraded a site to 2.4.0 and i am getting this error only in my statically published index.php page.
my staticPublisher outputs php files to the cache folder. all pages that are statically published are written correctly with the exception of the index.php page. this page only says "NOTLOGGEDIN:" with a few headers
<?php
/**
* This is a system-generated PHP script that performs header management for the statically cached content given below.
*/
define('MAX_AGE', '0');
define('LAST_MODIFIED', '2010-07-20 00:27:11');
if(MAX_AGE > 0) {
header("Cache-Control: max-age=" . MAX_AGE);
header("Pragma:");
} else {
header("Cache-Control: no-cache, max-age=0, must-revalidate");
}
header("Expires: " . gmdate('D, d M Y H:i:s', time() + MAX_AGE) . ' GMT');
header("Last-modified: " . gmdate('D, d M Y H:i:s', strtotime(LAST_MODIFIED)) . ' GMT');
if(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
if(strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= strtotime(LAST_MODIFIED)) {
header("Last-modified: " . gmdate('D, d M Y H:i:s', strtotime(LAST_MODIFIED)) . ' GMT', true, 304);
exit;
}
}
?>
NOTLOGGEDIN:
i tried flushing the cache, (?flush=all), and logging out & logging back in.
i wanted to email the backtrace but dont see any method to do that in the 2.4.0 Security class.
how can i debug this?
thanks, any help would be great,
-Chris
Just wanted to say thanks to moloko man for his response on this topic regarding rackspace hosting ... was completely driving me crazy, and was struggling to find this solution.
For the sake of hopefully helping future searches, The issues I had either gave me the message
"securityid doesn't match, possible csrf attack"
or I would get messages telling me to log back in when I was trying to create new users. This was all in the admin on 2.42 ... on the rackspace cloud.
thanks again,
Mike