vdario
Forum Replies Created
-
Forum: Developing with WordPress
In reply to: Read wordpress user_id from wordpress cookieThanks for your reply. That worked but it is insecure, as someone could forge a cookie. I have added this as the last step to verify the hash.
// get user password for cookie validation $query = $wordpress_db->prepare("SELECT * FROM <code>wp_users</code> WHERE <code>user_login</code> = %s", $username); $output = $wordpress_db->get_results($query, ARRAY_A); $current_user = (object) array('ID' => $output[0]['ID']); $pass_frag = substr($output[0]['user_pass'], 8, 4); $algo = 'sha256'; $user_pass = $output[0]['user_pass']; $scheme = 'logged_in'; $key = hash_hmac('md5', $username . '|' . $pass_frag . '|' . $expiration . '|' . $token, generate_salt($scheme)); $hash = hash_hmac($algo, $username . '|' . $expiration . '|' . $token, $key);I tired in incognito and I got the same error.
If you want to have a look, I am happy to do a remote session so you can run tests in my dev environment.
actually not. It didn’t fix it. By removing those files I cannot see the 404 error on the console anymore.
However if I disable the plugin I keep getting the usual error.
I managed to remove it manually. Other than removing the plugin I removed the following files on the root folder:
-pwa-manifest.json
-pwa-register-sw.js
-pwa-sw.jsI suppose that the whole issue happened when I changed server name. Maybe the plugin does not detect the change?
Thanks,
DarioHi Magazine3,
My website is https://worthmap.com/
I have started another temporary instance of WorthMap on https://docker.worthmap.com where I am running the exact same code but with the plugin folder removed (so the login does not work). You can click on the “login” button and you will see the error yourself.
Error: Cookies are blocked due to unexpected output. For help, please see this documentation or try the support forums.Also, I just noticed that there is a js error on the regular website. You can see it using the standard developer console of Google Chrome.
This is a cut and paste of such error. Note that it mention “devfe” that is an old development server that does not even exist anymore:
var swsource = "https://devfe/pwa-sw.js"; function PWAforwpreadCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(";"); for(var i=0;i < ca.length;i++) { var c = ca[i]; while (c.charAt(0)==" ") c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; } if("serviceWorker" in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register(swsource, {scope: 'https://devfe/'}).then(function(reg){ console.log('Congratulations!!Service Worker Registered ServiceWorker scope: ', reg.scope); }).catch(function(err) { console.log('ServiceWorker registration failed: ', err); }); var deferredPrompt; window.addEventListener('beforeinstallprompt', (e) => { e.preventDefault(); deferredPrompt = e; if(deferredPrompt != null || deferredPrompt != undefined){ var a2hsviashortcode = document.getElementsByClassName("pwaforwp-add-via-class"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="inline-block"; } } var a2hsviashortcode = document.getElementsByClassName("pwaforwp-sticky-banner"); var isMobile = /iPhone|iPad|iPod|Android/i.test(navigator.userAgent); if(a2hsviashortcode !== null && checkbarClosedOrNot() && (typeof pwa_cta_assets !== 'undefined') && (pwa_cta_assets.a2h_sticky_on_desktop_cta==1 || isMobile)){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="flex"; } } } }); function checkbarClosedOrNot(){ var closedTime = PWAforwpreadCookie("pwaforwp_prompt_close") if(closedTime){ var today = new Date(); var closedTime = new Date(closedTime); var diffMs = (today-closedTime); var diffMins = Math.round(((diffMs % 86400000) % 3600000) / 60000); // minutes if(diffMs){//diffMins<4 return false; } } return true; } // Safari 3.0+ "[object HTMLElementConstructor]" var isSafari = /constructor/i.test(window.HTMLElement) || (function (p) { return p.toString() === "[object SafariRemoteNotification]"; })(!window['safari'] || (typeof safari !== 'undefined' && safari.pushNotification)); if( isSafari ){ var a2hsviashortcode = document.getElementsByClassName("pwaforwp-add-via-class"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="inline-block"; } } var a2hsviashortcode = document.getElementsByClassName("pwaforwp-sticky-banner"); var isMobile = /iPhone|iPad|iPod|Android/i.test(navigator.userAgent); if(a2hsviashortcode !== null && checkbarClosedOrNot() && (typeof pwa_cta_assets !== 'undefined') && (pwa_cta_assets.a2h_sticky_on_desktop_cta==1 || isMobile) ){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="flex"; } } } var a2hsviashortcode = document.getElementsByClassName("pwaforwp-add-via-class"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].addEventListener("click", addToHome); } } window.addEventListener('appinstalled', (evt) => { var a2hsviashortcode = document.getElementsByClassName("pwaforwp-add-via-class"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="none"; } } var a2hsviashortcode = document.getElementsByClassName("pwaforwp-sticky-banner"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="none"; } } var addtohomeBtn = document.getElementById("pwaforwp-add-to-home-click"); if(addtohomeBtn !==null){ addtohomeBtn.style.display="none"; } }); function addToHome(){ if(!deferredPrompt){return ;} deferredPrompt.prompt(); deferredPrompt.userChoice .then((choiceResult) => { if (choiceResult.outcome === "accepted") { document.getElementById("pwaforwp-add-to-home-click").style.display = "none"; var a2hsviashortcode = document.getElementsByClassName("pwaforwp-add-via-class"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="none"; } } var a2hsviashortcode = document.getElementsByClassName("pwaforwp-sticky-banner"); if(a2hsviashortcode !== null){ for (var i = 0; i < a2hsviashortcode.length; i++) { a2hsviashortcode[i].style.display="none"; } } console.log("User accepted the prompt"); } else { console.log("User dismissed the prompt"); } deferredPrompt = null; }); } window.addEventListener("offline", pwaforwpOnNetworkChange); function pwaforwpOnNetworkChange(event) { if (!navigator.onLine) { var a2hsdesk = document.getElementById("pwaforwp-add-to-home-click"); if(a2hsdesk !== null){ a2hsdesk.style.display = "none"; } var html = '<style class="pwa-offmsgwrcss">.pwa-offmsgwr{background: #323232;color: #f1f1f1;display: table;position: fixed;box-sizing: border-box;box-shadow: 0 2px 4px 0 #000;bottom: 0;left: 0;width: 100%;font-size: 14px;padding: 0;transition: transform .15s cubic-bezier(.17,.67,.39,.95);transform: translateY(200%);z-index: 1000;will-change: transform;}.pwa-offmsgwr table{margin:0px}.pwa-offmsgwr.active{transform: translateY(0);}.pwa-offmsgwr .tdcl{padding: 15px;}.pwa-offmsgwr .span{display: table-cell;vertical-align: middle;}</style><div class="pwa-offmsgwr active"><table width="100%"><tbody><tr><td class="tdcl"><span>You are currently offline</span></td></tr><tr></tr></tbody></table></div>'; if(document.getElementsByClassName('pwa-offmsgwrcss').length==0){ document.body.innerHTML += html; } setTimeout(function(){ if(document.getElementsByClassName('pwa-offmsgwrcss').length){ document.getElementsByClassName('pwa-offmsgwrcss')[0].remove(); } if(document.getElementsByClassName('pwa-offmsgwr').length){ document.getElementsByClassName('pwa-offmsgwr')[0].remove();} }, 3000); }else{ if(document.getElementsByClassName('pwa-offmsgwrcss').length){document.getElementsByClassName('pwa-offmsgwrcss')[0].remove(); document.getElementsByClassName('pwa-offmsgwr')[0].remove();} } } if( window.matchMedia('(display-mode: standalone)').matches ){ var appContent = document.getElementsByClassName('pwaforwp-app-contents'); for(var i=0; i<appContent.length; i++){ appContent[i].style.display = 'block'; } } }); }
`Thanks for helping,
DarioI tried. Deleted cookies, tried from a different browser, restart the web server. Nothing works unless I have the plugin installed and active.
If I move the pwa plugin outside of the plugins folder, WordPress stops working. However if I put it back, it starts working again.
If I disable the plugin, I am logged out and I must restore the DB to make it work again because I cannot login anymore.
If I delete all the plugin, it still does not work.
If I remove the themes folder, it still does not work.
This is the part of wp-login.php that stops the login process:
if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) { if ( headers_sent() ) { $user = new WP_Error( 'test_cookie', sprintf( /* translators: 1: Browser cookie documentation URL, 2: Support forums URL. */ __( '<strong>Error</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.' ), __( 'https://wordpress.org/support/article/cookies/' ), __( 'https://wordpress.org/support/forums/' ) ) ); }thanks,
DarioIt works as a charm. Thanks, Thanks, Thanks π