[deadlyhifi]

I upgraded my forum to 1.0 and at the same time converted my WP into WPMU. It was a bit of a mammoth task to be honest. I inadvertently changed the cookie values in this upgrade.

My problem now is many of my users are getting to the forum with their old cookies intact. Logging in, and, because the old cookie with the wrong value is being read accepting their details but keeping them logged out.

Is there anything I can do to force deletion of their old cookies when they visit the site. I’ve put instructions up on how to delete their old cookies, but it’s a bit lame and making me look pretty bad

[_ck_]

If the old cookie has a different name than the new cookie that’s easy, make a plugin to set the time for it in the past.

If it’s the same cookie name old and new, and it’s a problem of the hash for the value inside being wrong, there is nothing you can do.

If you can detect when a cookie is being sent but failing to authorize you could delete the cookie like the first method I mentioned. You’d have to replace a function or two from pluggable.php

[deadlyhifi]

Thanks _ck_. I’m sure it’s easy when you know how.

The cookie now has a different name.

my old cookies are:

$bb->authcookie = ‘wordpress_REPLACEDcabef’;

$bb->secure_auth_cookie = ‘wordpress_sec_REPLACEDcabef’;

$bb->logged_in_cookie = ‘wordpress_logged_in_REPLACEDcabef’;

I was messing with

setcookie('wordpress_logged_in_REPLACEDcabef','',time()-3600)

just placing in the head of my page but I get a headers already sent message.

[_ck_]

If the new cookie has a different name, you should not be having a problem because bbpress should not even be looking at the old cookie?

You are getting a header error because you would have to put it at the very, very top of header.php before doctype – if that doesn’t work, you’d have to add it via a mini-plugin, put it into a file called function.php in your template folder

add_action('bb_send_headers','delete_old_cookie');

function delete_old_cookie() {

setcookie('wordpress_logged_in_REPLACEDcabef','',time()-3600);

}

[deadlyhifi]

yeah, the cookie has a completely different name. Thats why I don’t understand the issue, but users are reporting they can’t log in unless they clear their cookies. thanks for your replies anyway, will give this a go.

[_ck_]

I think somehow you have the same cookie name but a new hash, meaning the contents are different while the name is the same. That would make it look like it’s attempting login but fail until the cookie is deleted.

[deadlyhifi]

They definitely have a different name.

wordpress_logged_in_TWOdifferentVALUES

tried to do the clear cookies thing in a function but, even though it’s running correctly, the cookie reset is getting ignored. Can’t figure out why

[_ck_]

Is it possible you have lost the proper integration and WP is making one cookie name and bbPress is making the other?

[deadlyhifi]

mmm, just noticed that cookies with _utma, _utmb etc. state they come from

.MYWEBSITE.com

whereas the “wordpress_logged_in_NUMBER” states it’s website as

www.MYWEBSITE.com (without the http this forum is auto adding it)

could the fact that it has www at the start be the issue?

My test site, on a subdomain, shares the same source – but then because its a subdomain it doesn’t have the www at the start.

thanks for your continued replies ck.

[johnhiler]

_utma and _utmb are from Google Analytics!

http://helpful.knobs-dials.com/index.php/Utma,_utmb,_utmz_cookies

[deadlyhifi]

ooh, that’s good to know. That’s not the explanation then. oh well. Maybe it will all blow over