WordPress.org

Ready to get started?Download WordPress

Forums

WP-Members
[resolved] Cookie not set correctly - user gets logged out when browser is quit (6 posts)

  1. kerfuffle
    Member
    Posted 3 years ago #

    The plugin is superb - but I seem to have a hit a problem.

    If a user logs in through the wp-members form (checking remember me), the cookie is set differently than if they logged in through wp-admin (checking remember me) with the result being that if the user quits the browser, they have to log back in.

    In other words, it doesn't remember them.

    Any ideas?

    Thanks

    C

    http://wordpress.org/extend/plugins/wp-members/

  2. Chad Butler
    Member
    Plugin Author

    Posted 3 years ago #

    I'm not sure on that one, but I am finalizing a new release, so I'll take a look and if we can work in a fix for this release, I'll get it in there.

  3. eserrano
    Member
    Posted 2 years ago #

    I think I found it. At first I thought that it was some kind of cookie conflict related to the usage of the deprecated function wp_setcookie instead of wp_set_auth_cookie, so I went ahead and updated it replacing:

    wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);

    by:

    $theUser = get_userdatabylogin($user_login);
    wp_set_auth_cookie($theUser->ID, $rememberme);

    inside wp-members-core.php. But I had no luck with that, as the user wouldn't be kept logged in.

    So then I thought about the $rememberme variable. I couldn't find where it was set. So maybe I was missing something, but $rememberme just didn't seem to be set.

    Since we had already taken the given value of the rememberme option from the user input, just a couple of lines above all that:

    $creds['remember'] = $_POST['rememberme'];

    I decided to use that value when setting the remember me cookie. So the resulting code was:

    $theUser = get_userdatabylogin($user_login);
    wp_set_auth_cookie($theUser->ID, $creds['remember']);

    And it worked! The logged user can be remembered from now on.

    Maybe the form could also use some esc_attr-style parameter sanitization for security reasons, but other than that, the fix should work perfectly.

    By the way, it is a great plugin, Chad.

  4. Chad Butler
    Member
    Plugin Author

    Posted 2 years ago #

    Thanks @eserrano! Glad you are liking the plugin!

    I've actually got a fix for the issue in the upcoming 2.7.1 update (which is primarily a fix release for a couple of issues). The fix is essentially the same - the cookie was not being set with the correct rememberme value. In wp_setcookie, it should be set as 'true' and it was being passed as 'forever'.

  5. spectrus
    Member
    Posted 2 years ago #

    Edit: Never mind, please disregard.

  6. spectrus
    Member
    Posted 2 years ago #

    Hi,

    What does the line 438 in wp-members-core.php do?

    if( ! $using_cookie )

    Searching for this variable elsewhere in the plugin code returns nothing.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags