Bug #19879
closed
after upgrade from 4.1.7 to 4.1.8 feusers and beusers have to clear there cookie cache before they can login
0%
Description
We upgraded several sites to the new versions 4.1.8 and 4.2.4
And we habe the problem that after the upgrade the frontend users and backend users cannot login. But if they clear all cookies they can login.
But you can not say hunderts of users, please clear your cookie before!
Help wanted!!!
(issue imported from #M10216)
Files
Updated by
Updated by Sebastian Enders about 15 years ago
I am sorry!
The bugfix of 0010205 doesn't help!
I have to switch back to 4.1.7! :-(
Updated by Michael Stucki about 15 years ago
Still it is the same problem, so there is no need to reopen this issue. Please report to #19867 and especially try my latest patch (posted 10 minutes ago) to see if that works better...
- michael
Updated by Benjamin Hoft about 15 years ago
We have also problems with the 4.1.8 Version of typo3
There are 3 cookies created with expire date of 2010?
e.g.
Name be_typo_user
Value 5b67a8fff6b747e5ef69a16cca059cca
Path /
Secure No
Expires Sat, 23 Jan 2010 09:52:47 GMT
also fe_typo_user and PHPSESSID
After I login in the BE and browse in the FE and logout in the BE those cookies still there. And if I now close all my browser windows and try to login with a new one those cookies with expire date of 2010 will cause that the login doesn't work.
I wonder why those cookies aren't set to expire on 'At End Of Session' instead of 1 Year later ?
Updated by Michael Stucki about 15 years ago
How come your be_typo_user cookie is valid for 3 years? That can't be normal, please investigate the reason for this first.
Updated by Benjamin Hoft about 15 years ago
I have found out what the troublemaker of my 1 year expire cookies is.
Its the script cookies.js from the efa font size script ...
I wonder how long this was there, but it seems that with the new typo3 version this script causes some major trouble.
btw this script can still be found here:
http://www.t3net.de//fileadmin/scripts/cookies.js
also with tutorials
http://www.t3net.de/dokumentation/extension-tutorials/efa-fontsize-script.html
I got my from a complete yaml installation
Updated by Philipp Idler about 15 years ago
I think you're right.
I also have yaml installed. I dropped the constant pageHeaderData declared at yaml's constants template and cleared the cache/cookies.
After doing that, the cookie's lifetime was set to "at the end of the session".
Updated by Helmut Hummel about 15 years ago
Yeah, just found out the same after doing some testing.
I fixed the cookie.js for us by not letting it touch ?e_typo_user and PHPSESSID "cookies".
I attached the fixed cookies.js here and close this report, since TYPO3 behaves perfectly right in this case.
Updated by Helmut Hummel about 15 years ago
I'm glad TYPO3 behave perfectly right and does not accept the faulty cookies,
Updated by Helmut Hummel about 15 years ago
Sorry for uploading the wrong file. Now I changed it with a version Albert van der Veen suggested. It only changes the efaSize cookie and leaves all others alone...
Updated by Helmut Hummel about 15 years ago
Leave it as resolved for the time beeing
Updated by