WordPress.org

Ready to get started?Download WordPress

Forums

Login With Ajax
[resolved] Forced SSL Logins Broken. (10 posts)

  1. david92ng
    Member
    Posted 1 year ago #

    When I set forced SSL Logins to true, the widget would put a empty red bar with no error message in it when someone attempts to sign in. It does not matter if the password is right or wrong. Same response. I could logon to wp-admin directly fine. Not sure if it's a coding issue or if its my site.

    Using WordPress 3.5
    Login with ajax 3.0.4.1 (broken with default and modal)

    Any suggestions?

    http://wordpress.org/extend/plugins/login-with-ajax/

  2. david92ng
    Member
    Posted 1 year ago #

    Love your plugin btw, works perfectly with varnish and w3cache!!!

  3. yosh
    Member
    Posted 1 year ago #

    I can confirm the same error. Without SSL, there is text in the red box in the widget when someone does something like enter a bad password. With SSL, no text.

  4. david92ng
    Member
    Posted 1 year ago #

    I thought I fixed the problem when I reinstalled the SSL certificate. I can confirm i can use ssl properly on other sites. when you force SSL logins over http, the error occurs. However once you go to https, it redirects fine. Going to take a look at the code later.

  5. thinkero
    Member
    Posted 1 year ago #

    the problem persists. the login module returns an invalid response when the visitor try to connect via Login with Ajax on an http page (via shortcode). Any feedback from the dev?

  6. thinkero
    Member
    Posted 1 year ago #

    workaround to escape this:

    in the login-with-ajax.php change the

    line $loginResult = wp_signon();
    with

    $creds['user_login'] = $_REQUEST['log'];
    $creds['user_password'] = $_REQUEST['pwd'];
    $creds['remember'] = $_REQUEST['rememberme'];
    $loginResult = wp_signon( $creds, true );

  7. david92ng
    Member
    Posted 1 year ago #

    I forgot to report back.

    The problem was that it would work on normal http when installed normally but when you force https logins, it would not work on normal http anymore. So you ether have to use https for the entire site or just forget about ssl logins.

    The workaround: install WordPress HTTPS plugin and force exclusively some pages to work with ssl. Then create a login page and put the login script there.

    Since I liked the fact it works with buddypress and I was mostly interested in the profile picture and logout function when logged in. I used a wordpress dynamic widgets to make it so that ajax plugin will only show when logged in on every page and will only ask for login information on the secure login page.

    Note that the code is kinda in a mess and im not sure if the dev is maintaining it. However I cant find anything else that worked better.

  8. david92ng
    Member
    Posted 1 year ago #

    @thinkero

    what do you mean by escaped? I cant really try it at the moment.

  9. thinkero
    Member
    Posted 1 year ago #

    I'm meanin I resolved the login with ajax on http, maintaining force ssl for login.

    $creds['user_login'] = $_REQUEST['log'];
    $creds['user_password'] = $_REQUEST['pwd'];
    $creds['remember'] = $_REQUEST['rememberme'];
    $loginResult = wp_signon( $creds, true );

  10. Marcus
    NetWebLogic Support
    Plugin Author

    Posted 1 year ago #

    @david92ng

    firstly, sorry for the late reply!

    secondly, thanks for the feedback, I'll look into figuring out a way to get LWA working with just admin-forced ssl.

    regarding the SSL certificate validity, this I don't think is something that can be fixed.... it's just the way JS works, you need a valid certificate for this to work.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.