Skip to:
Content
Pages
Categories
Search
Top
Bottom

1.0a2 + 2.6x cookies: so close!

  • It’s like trying to open the wrapper on a new CD you’re dying to listen to…if I can just get it open without using a hammer…

    This is a thread. There are many threads like this thread. This thread is my thread.

    Follow the cookie path please. Visit with the config file settings. See the pattern and you will bend the spoon. Then let me eat ice-cream with that spoon, please.

    Paths:

    WP: http://mydomain.org/
    bbPress: http://mydomain.org/forum/

    Apache version 1.3.41 (Unix)
    PHP version 5.2.5
    MySQL version 5.0.51a-community
    Architecture i686
    Operating system Linux

    #########################################
    bb-config.php:

    // URI’s

    $bb->wp_siteurl = ‘http://mydomain.org’; // No trailing slash

    $bb->wp_home = ‘http://mydomain.org’;

    // Cookie Scope

    $bb->cookiedomain = ”;

    $bb->cookiepath = ”;

    $bb->sitecookiepath = ”;

    $bb->admin_cookie_path = ‘/forum/bb-admin’;

    $bb->core_plugins_cookie_path = ‘/forum/bb-plugins’;

    $bb->user_plugins_cookie_path = ‘/forum/my-plugins’;

    $bb->wp_admin_cookie_path = ‘/wp-admin’;

    $bb->wp_plugins_cookie_path = ‘/wp-content/plugins’;

    // The name of the cookies

    $bb->authcookie = ‘wordpress_blah3_blah5_blah8’;

    $bb->secure_auth_cookie = ‘wordpress_sec_blah3_blah5_blah8’;

    $bb->logged_in_cookie = ‘wordpress_logged_in_blah3_blah5_blah8’;

    define(‘BB_AUTH_KEY’, ‘ahhpushit’);

    define(‘BB_SECURE_AUTH_KEY’, ‘pushpushit’);

    define(‘BB_LOGGED_IN_KEY’, ‘realgood’);

    define(‘BB_AUTH_SALT’, ‘andpepper’);

    define(‘BB_LOGGED_IN_SALT’, ‘arehere’);

    #########################################

    wp-config.php:

    define(‘AUTH_KEY’, ‘ahhpushit’);

    define(‘SECURE_AUTH_KEY’, ‘pushpushit’);

    define(‘LOGGED_IN_KEY’, ‘realgood’);

    define(‘AUTH_SALT’, ‘andpepper’);

    define(‘LOGGED_IN_SALT’, ‘arehere’);

    $wp->authcookie = ‘wordpress_blah3_blah5_blah8’;

    $wp->secure_auth_cookie = ‘wordpress_sec_blah3_blah5_blah8’;

    $wp->logged_in_cookie = ‘wordpress_logged_in_blah3_blah5_blah8’;

    // bbPress WP integration

    define(‘COOKIE_DOMAIN’, ”);

    define(‘COOKIEPATH’, ”);

    #########################################

    1)Clear all cookies

    #########################################

    2) Log into bbPress: (mydomain.org/forum/): role 'member':

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    #########################################

    3) Visit WP site: (not logged in)

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    PHPSESSID => /

    various 3rd party cookies from picasa etc

    #########################################

    4) Visit wp-login.php: (not logged in)

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    PHPSESSID => /

    wordpress_test_cookie => /

    #########################################

    5) Log into wp-login.php as 'subscriber' user (same user as bbPress) which puts me /wp-admin/

    wordpress_logged_in_URIHASH => /

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    PHPSESSID => /

    wordpress_test_cookie => /

    #########################################

    6) 'Visit site' from wp-admin

    wordpress_logged_in_URIHASH => /

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    PHPSESSID => /

    wordpress_test_cookie => /

    #########################################

    7) Click on '//mySite.org/forum' link on main site (bbPress install dir)
    Forum's first page displays: No extra cookies made. These cookies are from WP in the previous step:

    wordpress_logged_in_URIHASH => /

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    PHPSESSID => /

    wordpress_test_cookie => /

    #########################################

    8) Log out from bbPress:

    wordpress_logged_in_URIHASH => /

    wordpress_test_cookie => /

    PHPSESSID => /

    STILL LOGGED INTO bbPress!

    #########################################

    9) Visit wp site

    wordpress_logged_in_URIHASH => /

    wordpress_test_cookie => /

    PHPSESSID => /

    #########################################

    10) Logout from WP site: (wp-login.php?loggedout=true)

    wordpress_test_cookie => /

    PHPSESSID => /

    #########################################

    11) Visit forum site.

    logged out.

    #########################################
    12) Clear all cookies

    #########################################

    13) Log into bbPress:

    wordpress_logged_in_URIHASH => /forum/

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_URIHASH => /forum/my-plugins

    wordpress_URIHASH => /forum/bb-plugins

    wordpress_URIHASH => /forum/bb-admin

    #########################################

    14)Log out of bbPress:

    All cookies cleared.

    #########################################

    15) Visit WP site + clear cookies.

    #########################################

    16) Log into WP

    wordpress_logged_in_URIHASH => /

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_test_cookie => /

    PHPSESSID => /

    #########################################

    17) Visit bbPress site.

    Already Logged in as wp user.

    wordpress_logged_in_URIHASH => /

    wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin

    wordpress_test_cookie => /

    PHPSESSID => /

    #########################################

    18) Logout from bbPress:

    wordpress_logged_in_URIHASH => /

    wordpress_test_cookie => /

    PHPSESSID => /

    Still logged in to bbPress!

    #########################################

    19) Logout from main site:

    wordpress_test_cookie => /

    PHPSESSID => /

    #########################################

    20) Eat stapler.

Viewing 20 replies - 1 through 20 (of 20 total)
  • I guess I should also point out (in case!) that I used URIHASH to represent the gyug76tg9t780780yy870y8-yyg string…

    Less cluttered…

    So I was thinking about this in the shower, if I can get bbPress to set a cookie for / instead of /forum I think my woes would be over (See Step 2 above…)

    Now, before looking into it further, I don’t think this is how it works. If the script calling for a cookie to be set is in folder ‘/forum/’ then the domain scope for that cookie is going to be set to ‘/forum/’ by the webserver.

    But to test the obvious, I rushed to bb-config and tried variations on

    // Cookie Scope
    $bb->cookiedomain = '';
    $bb->cookiepath = '/';
    $bb->sitecookiepath = '/';

    No joy.

    Maybe if I had the wp-login code on the forum site…with bb-admin cookies… let me try some things…

    The ‘/’ cookie to rule them all is the way to go. If I can just get it to work…

    I must appreciate your work. Although I have given up tryin to integrate them.

    I have finally resorted to using the login system of bbpress rather than wordpress login system. Since the cookies generated by bbpress is accepted and recognized by wordpress while it doesn`t work vice versa.

    (basically if I login into bbpress, wordpress automatically recognizes me and wordpress admin is accessible, but if I login via wordpress, bbpress recognizes that I have logged in, but I can`t access admin section of bbpress)

    Sounds familiar.

    I have been brute-forcing it (after reading the cookie-related code to see where it’s getting what) and have discovered that if I strip ALL of the integration code, I can still get the correct wp cookies to be generated which sounds like a cache issue…

    I’m going to flush cache now… and if it still works, I’m going to try and turn water into a nice Shiraz.

    Hmm,

    With all the path and cookie info stripped out of bb-config and wp-config, cache and cookies cleared, the logging into bbPress:

    wordpress_logged_in_URIHASH => /forum/
    wordpress_URIHASH => /wp-content/plugins
    wordpress_URIHASH => /wp-admin
    wordpress_URIHASH => /forum/my-plugins
    wordpress_URIHASH => /forum/bb-plugins
    wordpress_URIHASH => /forum/bb-admin

    Note the trailing slash on the /forum/ path.

    The only ‘integration’ info in the bb-config.php is the db connection stuff. That’s it.

    Now, this may be/probably is totally natural, that `wordpress_URIHASH => /wp-content/plugins

    wordpress_URIHASH => /wp-admin` cookies are set, and this goes to highlight how wrong my perspective is! Here I was thinking that I had configured at least part of it correctly, the auth cookie stuff, but it was doing it all along, haha.

    I wonder if one of the WP user permissions plugins (WP-Sentry comes to mind) is affecting this -nah! Cookies are set before output is sent.

    Time to back off of this.

    Users will just have to log in twice (between the blog and the fora).

    Thanks rowoot.

    Im not sure if I have set my bbPress 1.0.alpha2 to work with WordPress MU 2.6.3 correctly, but its working.

    http://domain.com = my WordPress MU

    http://forums.domain.com = bbPress sub domain

    As you can probably see, there are things within the config files that might not be needed.

    WordPress/wp-config.php

    define('AUTH_KEY', 'authkey');
    define('SECURE_AUTH_KEY', 'secureauthkey');
    define('SECURE_AUTH_SALT', 'secureauthsalt');
    define('LOGGED_IN_KEY', 'loggedinkey');
    define('SECRET_KEY', 'secretkey');
    define('SECRET_SALT', 'secretsalt');
    define('LOGGED_IN_SALT', 'loggedinsalt');

    I copied and pasted the existing lines straight into bb-config.php replacing what was already there and then added the BB_ to each.

    bbPress/bb-config.php

    define('BB_AUTH_KEY', 'authkey');
    define('BB_SECURE_AUTH_KEY', 'secureauthkey');
    define('BB_SECURE_AUTH_SALT', 'secureauthsalt');
    define('BB_LOGGED_IN_KEY', 'loggedinkey');
    define('BB_SECRET_KEY', 'secretkey');
    define('BB_SECRET_SALT', 'secretsalt');
    define('BB_LOGGED_IN_SALT', 'loggedinsalt');

    In BOTH bb-config.php AND wp-config I added:

    define('COOKIE_DOMAIN', '.domain.com'); // remember the '.' prefix
    define('COOKIEPATH', ''); // this is empty

    Then I visited http://forums.domain.com/bb-admin/options-wordpress.php (Settings > WordPress Integration) and scrolled down to ‘Manual bbPress config file settings’ and copied all the text below ‘WordPress cookie integration speedup’ and pasted into bbPress/bb-config.php.

    $bb->wp_siteurl = 'http://domain.com';
    $bb->wp_home = 'http://domain.com';
    $bb->cookiedomain = '.domain.com';
    $bb->cookiepath = '';
    $bb->authcookie = 'wordpress_LEFT_THIS_ALONE';
    $bb->secure_auth_cookie = 'wordpress_sec_LEFT_THIS_ALONE';
    $bb->logged_in_cookie = 'wordpress_logged_in_'; // DELETE the hash part
    $bb->admin_cookie_path = '/bb-admin';
    $bb->core_plugins_cookie_path = '/bb-plugins';
    $bb->user_plugins_cookie_path = '/my-plugins';
    $bb->sitecookiepath = '';
    $bb->wp_admin_cookie_path = '/wp-admin';
    $bb->wp_plugins_cookie_path = '/wp-content/plugins';

    Oh, and I added the$bb->wp_table_prefix = 'wp_'; too.

    NOTE

    $bb->logged_in_cookie = 'wordpress_logged_in_';

    The hash was removed and the line reads EXACTLY as above.

    To test, just make sure you are logged out of both and then log in and visit your other site.

    Final Note, as stated above – there is probably a lot of unneeded clutter in the bb-press config, but all works for me – no matter which domain I log into!

    I hope this helps someone :)

    @musnake – as you are not using sub domains, the only thing i can see wrong with your setup is the:

    $bb->logged_in_cookie = 'wordpress_logged_in_blah3_blah5_blah8';

    Try changing to:

    $bb->logged_in_cookie = 'wordpress_logged_in_';

    Thanks Deadpan11,

    The core behavior of bb-settings.php is to append BB_HASH to the cookie name on line 638:

    $bb->logged_in_cookie = ($bb->wp_cookies_integrated ? 'wordpress_logged_in_' : 'bbpress_logged_in_') . BB_HASH;

    Even in a non-WPMU installation such as this one, I would agree that this is a good coding protocol to follow. I did try your suggestion though, because I do want to understand, but the cookie was still created as wordpress_logged_in_blah3_blah5_blah8.

    This caught my eye over the weekend…

    In bb-settings.php line 592:

    $bb->wp_cookies_integrated = false;
    $bb->cookiedomain = bb_get_option('cookiedomain');
    if ( $bb->wp_siteurl && $bb->wp_home ) {
    if ( $bb->cookiedomain ) {
    $bb->wp_cookies_integrated = true;

    I even tried setting $bb->cookiedomain=” to allow the code to construct the value… no joy. No problems logging into bbPress, which is just fine for the moment.

    The code is alpha! Since others had had success I was trying to nail down my server environment deltas…

    I’ll push on with other projects for now :)

    So the web-consensus is that

    $bb->cookiedomain = '.domain.com';

    specifically the leading dot before the domain.com, is key to permitting cookies created in one subdomain to be useful in other related domains.

    Darn. I thought I found my magic bullet.

    Deadpan11 , I followed your guide and it worked excellent, however I had to keep the hash on:

    $bb->logged_in_cookie = ‘wordpress_logged_in_’;

    Setup, http://forums.domain.com & http://domain.com

    I can now log in via the forums, and access both admin panels, and via wp, and still access both. If I log out of either, I am logged out of both. :)

    Thank you very much, Deadpan.

    I’m integrated with cookies now ..but

    When I click the Admin link in bbpress it just reloads the page. It doesn’t take me to the admin area.

    Edit: Seems to be happening both ways. If i log into WPMU first and go the bbpress, the admin link just reloads the page. If login to bbpress first, the admin link works but I’m forced to login again if I try to access wp-admin

    @jonkristian and klarko:

    Are you using bbPress 1.0.2a?

    Jon, are you using WP2.6x? I see that klarko is using wpmu.

    Yeah, 2.6.3 and 1.0.2a

    yeah mu2.6.3 and 1.0.2a here too.

    @Jon: Curious. There is a difference between my setup and yours.

    I have bbPress in a separate db but share the wp user tables…you?

    Hm, turns out I still have trouble accessing admin panel in bbpress. Straange, I tested it with login via both bbpress and wp the last time, however now, it doesn’t seem to work. :/

    Regarding the setup, i followed Deadpan’s setup down to the very last line, except that i kept the hash in

    $bb->logged_in_cookie = ‘wordpress_logged_in_ikeptthishashin’;

    Just tried it and, yes, I have the same issues with 2.6.3 and 1.0.2a . Well was worth a try anyways.

    All fixed. This post by deadmedic fixed all my issues! It explains why all the ‘worked for me!’ posts seemed like nonsense to me.

    The fix:

    Change line 673 in bb-settings.php from:

    $bb->sitecookiepath = rtrim($bb->sitecookiepath, '/');

    to:

    $bb->sitecookiepath = '/' . trim($bb->sitecookiepath, '/');

    Thank you deadmedic!

    Deadpan110, your procedure worked perfectly for me. I have WordPress 2.6.5 and bbpress 1 alpha 2.

    I didn’t know what to put into Secret_Key and Secret_Salt.. I assumed they referred to: Secret and Auth_Salt in WP 2.6.5

    And it works great! Now let’s see what happens with 2.7!


    Sam Bauers
    Participant

    @sambauers

    Changes are in trunk of WPMU to help sort out the cookie sharing problem there.

    https://trac.mu.wordpress.org/ticket/809

    A lot of the use of config settings in all these solutions are a bit heavy handed, most of these settings are done automatically and you only need to copy them to your bb-config file once you are happy with them.

Viewing 20 replies - 1 through 20 (of 20 total)
  • You must be logged in to reply to this topic.
Skip to toolbar