Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

So sick of this error!!

Go to End

10 Posts   4124 Views


Forum Moderator, 4102 Posts

2 October 2009 at 4:30am

Yeah, that character has changed the way I code. :)

Glad I posted this.. This problem plagued me for over a year.


Community Member, 22 Posts

13 October 2011 at 8:25am

Edited: 13/10/2011 9:33am

This bug *might* also be responsible for odd login behavior and an add cookie / security issue that I've never seen before. When an end user is (incorrectly) given a url to something they shouldn't have access to, like a "?stage=Stage" URL, they try to hit it. After that point they cannot hit *any* page at all on the live site, without SS first trying to authenticate them. crazy! has anyone seen this before??

My client sent a newsletter out to 800 some people with bad URL's and now no one that clicked on them can see the site without clearing thier cookies. grr

with some help from simon_w and others on IRC, here's what fixed it:

in init()

public function init()
if( Session::get('loggedInAs') == null ) {

So basically, calling a url with ?stage=Stage sets some cookies, so that links work when your browsing the stage site. THat is desired. But in my edge case, that resulted in users repeatedly being authenticated even for ordinary urls. I'm not sure why code like this wouldn't be in core. Does anyone think I should file a bug? thoughts?

Go to Top