1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Problem with external_login and ReturnUrl

Discussion in 'Sitebuilder 4.2 for Linux' started by lbarbieri, Oct 15, 2008.

  1. lbarbieri

    lbarbieri Guest

    0
     
    I was trying to use the external_login.php script and I ran into a weird problem.
    It's about the ReturnUrl parameter used to go to a specific page after a successful login: if I log in using the administrator account, everything works fine; for any other user, the parameter is ignored and I am brought to the Wizard.
    I tried with simpler return URLs, down to www.google.com, but nothing changed. Also, I tried with and without parameter "urlencoding". In both cases, it works for admin and no one else.
    Of course I am not using any other parameter that could (according to the Developer Guide) prevent this mechanism from working, i.e. SiteID and ShowAdmin.
    Example: http://mysite/external_login.php?Login=username&Password=password&ReturnUrl=http://www.google.com
    Any suggestion? Am I doing something wrong?

    Thanks in advance.
     
  2. Dmitry Frantsev

    Dmitry Frantsev Golden Pleskian

    28
    57%
    Joined:
    Sep 19, 2005
    Messages:
    1,911
    Likes Received:
    0
  3. lbarbieri

    lbarbieri Guest

    0
     
    I had forgotten to put the "http://" in my example, sorry. But it is present in my real code and it does not help.
    Worse, I have clicked on your links and the second one does not work. If it works for you...now I am really perplexed.
    Following are the response HTTP headers I get for first and second link.

    Admin
    HTTP/1.x 302 Found
    Date: Thu, 16 Oct 2008 08:04:40 GMT
    Set-Cookie: s_vi=[CS]v1|48F6F59800002A09-A3A093500003389[CE]; Expires=Tue, 15 Oct 2013 08:04:40 GMT; Domain=swsoft.122.2o7.net; Path=/
    Location: http://swsoft.122.2o7.net/b/ss/swsc...-In;Flip4Mac Windows Media Plugin 2.2 ;&AQE=1
    X-C: ms-3.7.1
    Expires: Wed, 15 Oct 2008 08:04:40 GMT
    Last-Modified: Fri, 17 Oct 2008 08:04:40 GMT
    Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
    Pragma: no-cache
    Etag: "48F6F598-2A09-7DF899C2"
    Vary: *
    P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
    xserver: www253
    Keep-Alive: timeout=15
    Connection: Keep-Alive
    Transfer-Encoding: chunked
    Content-Type: text/plain

    Trust
    HTTP/1.x 302 Found
    Date: Thu, 16 Oct 2008 08:04:40 GMT
    Set-Cookie: s_vi=[CS]v1|48F6F59800002A09-A3A093500003389[CE]; Expires=Tue, 15 Oct 2013 08:04:40 GMT; Domain=swsoft.122.2o7.net; Path=/
    Location: http://swsoft.122.2o7.net/b/ss/swsc...-In;Flip4Mac Windows Media Plugin 2.2 ;&AQE=1
    X-C: ms-3.7.1
    Expires: Wed, 15 Oct 2008 08:04:40 GMT
    Last-Modified: Fri, 17 Oct 2008 08:04:40 GMT
    Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
    Pragma: no-cache
    Etag: "48F6F598-2A09-7DF899C2"
    Vary: *
    P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
    xserver: www253
    Keep-Alive: timeout=15
    Connection: Keep-Alive
    Transfer-Encoding: chunked
    Content-Type: text/plain
     
  4. Dmitry Frantsev

    Dmitry Frantsev Golden Pleskian

    28
    57%
    Joined:
    Sep 19, 2005
    Messages:
    1,911
    Likes Received:
    0
    Second link does not work for me as well. But it definitely worked. I created new test user and it works again. It looks like it works only for new users. Try to create new user and try to check it. Let me know about the results. Just to make sure that it is so.
     
  5. lbarbieri

    lbarbieri Guest

    0
     
    Well, at least there is something strange, it is not just me.
    Now I wonder for how long a user remains "new". Did the link for your new user work the second time you clicked on it? Or do you have to do something on that user to make it look "old" to SiteBuilder?
    Aside from this, I tried with a brand new user too and the link did not work, not even the first time.
    http://servizi.vadoinrete.it/extern...testreturnurl&ReturnUrl=http://www.google.com
    The same exact link, with the admin parameters, works.
    :(
     
  6. lbarbieri

    lbarbieri Guest

    0
     
    I have just tried something. In a virtual machine we use for developing (and where we have R/W access to the SiteBuilder database), I changed the role of a user from siteowner to admin. The external_login script started working in the expected way. I changed the role back to siteowner and the script stopped working (with regard to the ReturnUrl parameter, of course).
    This happened with the last user I have created, and with the very first one, which is as old as the admin user.
     
  7. Dmitry Frantsev

    Dmitry Frantsev Golden Pleskian

    28
    57%
    Joined:
    Sep 19, 2005
    Messages:
    1,911
    Likes Received:
    0
    I have made some more tests with Site owner and Reseller but could not reproduce this behaviour. I used demo site on Parallels. You can try to check it there. It seems the problem with 4.2 version which you use. It is suggested to make upgrade to latest one, so you can try to perform upgrade and check this situation one more time.
     
  8. lbarbieri

    lbarbieri Guest

    0
     
    From what I understand, you used the latest version for your test. Wouldn't it be possible for you to try with version 4.2, and if a bug actually exists, see if you can fix it? After all, this forum is dedicated to that version. And an upgrade is not an easy step to do. Our procedure is in use by many users and we would prefer not to take the chance to mess or lose their web sites. Unless you can guarantee that everything would go fine.
    I would even debug the code myself if I could, but your PHP is encrypted, therefore I can only ask you.
     
  9. Dmitry Frantsev

    Dmitry Frantsev Golden Pleskian

    28
    57%
    Joined:
    Sep 19, 2005
    Messages:
    1,911
    Likes Received:
    0
    I have checked this case on Sitebuilder 4.2 installation and it looks like this functionality does not work in regards to Site owner, as you said. I tried to create new site owner under admin user and under reseller but none of them worked as expected.
    Anyway, I suggest you to accomplish upgrade to latest version. Before making update you should create full Sitebuilder backup, just in case (dump Sitebuilder database and Sitebuilder root directory). Upgrade procedure from 4.2 to 4.5 version should go smoothly and there should not be any troubles with that. New version has some additional features and include fixes for some known issues from 4.2 version (including this one with external_login.php).
    Some more details related to 4.5 version you can get here: http://www.parallels.com/en/sitebuilder/
    Upgrade instructions can be found in installation guide: http://www.parallels.com/en/sitebuilder/docs
     
  10. lbarbieri

    lbarbieri Guest

    0
     
    Thanks so much. We will consider an upgrade then. While keeping crossed our fingers. :)
     
Loading...