May 27, 2019 at 1:00 pm #18330
the problem I’m facing is this:
– if a user is changing the password on the profile form it takes very long until the browser gives up and shows:
“This page isn’t working
http://www.mydomainname.com redirected you too many times.
The browser tries to load /logout-complete page, which was once set as after logout redirect in the SWPM Settings, but now this setting is empty. The page actually loads as soon as I delete the browser cookies. Thus maybe there is just a cookie unset missing.
From the changelog of the plugin I saw that with version 3.6.1 that the user get’s logged out on password change. Also it says it forces logout on bad login hash. The log-auth.txt shows a lot of entries saying “SUCCESS: validate() – Bad Hash”. In general I have no problem with this procedure, but it shouldn’t cause too many redirects.
– the same happens, when I try to change a user password via the Woocommerce Account Details form while SWPM-Plugin is active. Without the SWPM-Plugin active the Woocommerce Form saves the password changes even without loggin out the user.
Right now, I’m not sure how to solve this problem. I was thinking about creating a custom password change form. However, it should work from the available forms (Woocommerce or SWPM).
Any suggestions what and where to adjust that it works as it should?
Btw, my server is running PHP 7.2 and the php error log is empty.
Appreciate your help. Thanks.
May 28, 2019 at 12:42 am #18333
- This topic was modified 1 month ago by Stephan.
Are you using the latest (3.8.x) version of SWPM?May 28, 2019 at 9:45 am #18334
I use SWPM 3.8.1
Just checked again, when the password is changed by a user, the password change email is sent and than the user get’s the “too many redirects” error.
As soon as the Browser Cache (the cookies) are cleared and the page is reloaded, it loads without any problems. I haven’t checked yet which cookies are set in the browser, but I still believe the issue has to do with the cookies.
StephanMay 31, 2019 at 9:53 am #18372
just checked the behavior again. The cause of too many redirects is related to the cookie “simple_wp_membership_sec_xxxxxxxxxx”. The cookie is not unset when the password is changed at the profile page or any other pages which allow to change the password (e.g. the Woocommerce Account Details page).
At the same time there is a WordPress Cookie, which is immediately unset, when the password change is happening.
Though, where do I have to change to code in Simple WP Membership to have the cookie unset?
Or are you updating the Plugin shortly?
Thanks for your help.
StephanMay 31, 2019 at 2:31 pm #18373
Okay, here are some more observations:
– at regular logout the cookie “simple_wp_membership_sec_xxxxxxxxxx” is unset. Though there is no error with too many redirects.
– if user password is changed, no messages appear that the user get’s logged out and the logout get’s stuck as the above cookie is not unset. Manual unset of the cookie during the appearing logout process avoids the too many redirects error.
I checked some functions, but couldn’t find where to unset the cookie when the password change is happening.
Any hint where to adjust the code is highly appreciated.
You must be logged in to reply to this topic.