Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
Ask a Question

Possible logout bug with shared user base

+1 vote
1.0k views
in Q2A Core by

On my site I have 3 Q2A installations sharing the same user base. When I log in to any of the 3 sections, it logs me in to all sections. However, when I log out of either of the 3 sections, it only logs me out of that section! I stay logged in on the other 2. This happens on IE, Firefox and Chrome so it's not just one browser.

On the main site I have this in the config:

define('QA_MYSQL_TABLE_PREFIX', 'qa_');

And on the meta site I have:

define('QA_MYSQL_TABLE_PREFIX', 'qameta_');
define('QA_MYSQL_USERS_PREFIX', 'qa_');

I checked the cookies. When I am logged in I have 2 cookies: qa_session and qa_noticed. When I log out of one section the qa_session cookie is gone, qa_noticed is still there. There is also a PHPSESSID cookie which is always present. The only other cookies are Google Analytics ones (__utma etc).

Why is this happening? If the qa_session cookie is gone I would assume there is no way for Q2A to know which user is logged in.

 

Q2A version: 1.5.2
by
Just to add, if I close the browser then reopen it, it *does* log out of all sections. I'm guessing that Q2A is still reading the PHPSESSID cookie even if there is no qa_session cookie.
by
I will look into this as part of the Q2A 1.5.4 release.

1 Answer

0 votes
by

OK, I think I got to the bottom of this. In qa-app-users.php, please try replacing:

return md5(QA_FINAL_MYSQL_HOSTNAME.'/'.QA_FINAL_MYSQL_USERNAME.'/'.
QA_FINAL_MYSQL_PASSWORD.'/'.QA_FINAL_MYSQL_DATABASE.'/'.QA_MYSQL_TABLE_PREFIX);
 
... with ...
 
$prefix=defined('QA_MYSQL_USERS_PREFIX') ? QA_MYSQL_USERS_PREFIX : QA_MYSQL_TABLE_PREFIX;
 
return md5(QA_FINAL_MYSQL_HOSTNAME.'/'.QA_FINAL_MYSQL_USERNAME.'/'.
QA_FINAL_MYSQL_PASSWORD.'/'.QA_FINAL_MYSQL_DATABASE.'/'.$prefix);
 
I think that should resolve the problem?
by
Yes, that fixes it for me, thanks!

P.S. are you still living in Tel Aviv? How are things over there?
by
Yep, still here. By chance we were on holiday abroad for the weekend so missed most (but not all) of the incoming missiles. As someone who grew up in London let's just say it was a new experience. Hopefully all the people in the region can enjoy quiet for as long as possible...
by
Glad to hear it. I can't begin to imagine what it's like...
by
To be honest Tel Aviv was not so bad. We have 90 seconds warning, bomb shelters in most buildings, and an effective anti-missile system in Iron Dome. The people of Gaza and southern Israel bore the real brunt. The main concern here was not to freak out your kids.
Snow Theme by Q2A Market
Powered by Question2Answer
...