• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Problem with external_login and ReturnUrl

L

lbarbieri

Guest
I was trying to use the external_login.php script and I ran into a weird problem.
It's about the ReturnUrl parameter used to go to a specific page after a successful login: if I log in using the administrator account, everything works fine; for any other user, the parameter is ignored and I am brought to the Wizard.
I tried with simpler return URLs, down to www.google.com, but nothing changed. Also, I tried with and without parameter "urlencoding". In both cases, it works for admin and no one else.
Of course I am not using any other parameter that could (according to the Developer Guide) prevent this mechanism from working, i.e. SiteID and ShowAdmin.
Example: http://mysite/external_login.php?Login=username&Password=password&ReturnUrl=http://www.google.com
Any suggestion? Am I doing something wrong?

Thanks in advance.
 
I had forgotten to put the "http://" in my example, sorry. But it is present in my real code and it does not help.
Worse, I have clicked on your links and the second one does not work. If it works for you...now I am really perplexed.
Following are the response HTTP headers I get for first and second link.

Admin
HTTP/1.x 302 Found
Date: Thu, 16 Oct 2008 08:04:40 GMT
Set-Cookie: s_vi=[CS]v1|48F6F59800002A09-A3A093500003389[CE]; Expires=Tue, 15 Oct 2013 08:04:40 GMT; Domain=swsoft.122.2o7.net; Path=/
Location: http://swsoft.122.2o7.net/b/ss/swsc...-In;Flip4Mac Windows Media Plugin 2.2 ;&AQE=1
X-C: ms-3.7.1
Expires: Wed, 15 Oct 2008 08:04:40 GMT
Last-Modified: Fri, 17 Oct 2008 08:04:40 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
Etag: "48F6F598-2A09-7DF899C2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www253
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain

Trust
HTTP/1.x 302 Found
Date: Thu, 16 Oct 2008 08:04:40 GMT
Set-Cookie: s_vi=[CS]v1|48F6F59800002A09-A3A093500003389[CE]; Expires=Tue, 15 Oct 2013 08:04:40 GMT; Domain=swsoft.122.2o7.net; Path=/
Location: http://swsoft.122.2o7.net/b/ss/swsc...-In;Flip4Mac Windows Media Plugin 2.2 ;&AQE=1
X-C: ms-3.7.1
Expires: Wed, 15 Oct 2008 08:04:40 GMT
Last-Modified: Fri, 17 Oct 2008 08:04:40 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
Etag: "48F6F598-2A09-7DF899C2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www253
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain
 
Second link does not work for me as well. But it definitely worked. I created new test user and it works again. It looks like it works only for new users. Try to create new user and try to check it. Let me know about the results. Just to make sure that it is so.
 
Well, at least there is something strange, it is not just me.
Now I wonder for how long a user remains "new". Did the link for your new user work the second time you clicked on it? Or do you have to do something on that user to make it look "old" to SiteBuilder?
Aside from this, I tried with a brand new user too and the link did not work, not even the first time.
http://servizi.vadoinrete.it/extern...testreturnurl&ReturnUrl=http://www.google.com
The same exact link, with the admin parameters, works.
:(
 
I have just tried something. In a virtual machine we use for developing (and where we have R/W access to the SiteBuilder database), I changed the role of a user from siteowner to admin. The external_login script started working in the expected way. I changed the role back to siteowner and the script stopped working (with regard to the ReturnUrl parameter, of course).
This happened with the last user I have created, and with the very first one, which is as old as the admin user.
 
I have made some more tests with Site owner and Reseller but could not reproduce this behaviour. I used demo site on Parallels. You can try to check it there. It seems the problem with 4.2 version which you use. It is suggested to make upgrade to latest one, so you can try to perform upgrade and check this situation one more time.
 
From what I understand, you used the latest version for your test. Wouldn't it be possible for you to try with version 4.2, and if a bug actually exists, see if you can fix it? After all, this forum is dedicated to that version. And an upgrade is not an easy step to do. Our procedure is in use by many users and we would prefer not to take the chance to mess or lose their web sites. Unless you can guarantee that everything would go fine.
I would even debug the code myself if I could, but your PHP is encrypted, therefore I can only ask you.
 
I have checked this case on Sitebuilder 4.2 installation and it looks like this functionality does not work in regards to Site owner, as you said. I tried to create new site owner under admin user and under reseller but none of them worked as expected.
Anyway, I suggest you to accomplish upgrade to latest version. Before making update you should create full Sitebuilder backup, just in case (dump Sitebuilder database and Sitebuilder root directory). Upgrade procedure from 4.2 to 4.5 version should go smoothly and there should not be any troubles with that. New version has some additional features and include fixes for some known issues from 4.2 version (including this one with external_login.php).
Some more details related to 4.5 version you can get here: http://www.parallels.com/en/sitebuilder/
Upgrade instructions can be found in installation guide: http://www.parallels.com/en/sitebuilder/docs
 
Thanks so much. We will consider an upgrade then. While keeping crossed our fingers. :)
 
You must log in or register to reply here.

Similar threads

X
Issue Fail2ban parameters
Replies
0
Views
510
xemorytr
X
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
663
Lenny
Lenny
T
Issue Huge performance issues
Replies
11
Views
2K
mow
M
V
Issue Problems with Plesk generic page showing after restore and problem logging into Plesk with user name and password.
Replies
1
Views
1K
vtaero
V
J
Issue Unable to Access Webmail through Plesk after service changed hands.
Replies
3
Views
2K
Peter Debik
P
Back
Top