Auto login after registration issue with https

  • Resolved BuckyOHare

    (@buckyohare)


    7 years, 4 months ago

    Hi. Awesome plugin, thanks so much for your work. I’m having an issue though. While developing my site on the backend dev.mysite.com using the option to “Automatically Login After Registration” works fine for new users. However, after transferring the site to my main domain https://mysite.com the auto login feature seems to break.

    What happens is strange, when testing as a new user after registering, I seem to be in some sort of weird no-man’s land where I’m not actually logged in after pressing Register, however WordPress seems to behave as though I am in some ways… for instance I can’t access my user profile but if I visit a page that I have setup to auto redirect if a user is logged in, it redirects as though I’m logged in when visiting the page after pressing Register.

    Is this related to some WordPress login cookie/nonce bs?

    The settings I have checked are: Hide admin bar, Disable dashboard, Enable captcha, Enable email notification for new registered users, Automatically Login after registration

    The dev site and the main site are virtually identical in every way excluding the fact that my main site is SSL. Could this issue be related to that? Or do you have any tips as to how I might fix this? Or could you possibly make the auto login after registration feature more forceful in some way? Thanks for your help.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author Alberto Hornero

    (@hornero)

    Could you please try to re-save (update) the page/post which contains the shortcode? I think this should fix the problem. Sorry for the delay in my answer.

    Alberto.

    Thread Starter BuckyOHare

    (@buckyohare)

    Hi. No. Definitely didn’t work. Login and registration is such a bigger bottleneck than people realize. I get so many emails from people who are unable to follow basic instructions about creating an account. The ability to immediately send people to their account page after account creation is really important.

    I’m not sure why, but this only happens on my SSL site. The same exact version of the site on my non-SSL dev site works fine. Should also mention, no errors are being raised at the time of account creation either. I hate having to tell new users to manually sign-in after registering. It’s possible that some plugin or unknown combination of settings is causing this issue, but none of my testing seems to indicate that it is, I just don’t know why everything being exactly the same works fine for logging in after registration on the dev site but not the SSL. Thanks.

    Thread Starter BuckyOHare

    (@buckyohare)

    Hi. I got this working for my site by adjusting your core code here “clean-login.php” (starting at around line 512):

    // if automatic login is enabled then log the user in and redirect them, checking if it was successful or not, is not compatible with email validation feature. This had no meaning!
if($automaticlogin && $successful_registration && !$emailvalidation) {
$url = esc_url(clean_login_get_translated_option_page('cl_url_redirect'));
wp_signon(array('user_login' => $username, 'user_password' => $pass1), false);
}

    If you’ll read this segment of WP documentation located here: https://developer.www.ads-software.com/reference/functions/wp_signon/

    Note: wp_signon() doesn’t handle setting the current user. This means that if the function is called before the ‘init’ hook is fired, is_user_logged_in() will evaluate as false until that point. If is_user_logged_in() is needed in conjunction with wp_signon(), wp_set_current_user() should be called explicitly.

    I believe that may have been what was causing my trouble. The “no man’s land” I was experiencing, seems to have been due to the code logging users in after registering, but not setting them as the current user, which caused a bunch of other default WP functionality to act haywire. I replaced the above with (starting after $url is defined in your original code) with the code below (mentioned on an official WP example page here https://developer.www.ads-software.com/reference/functions/wp_set_current_user/:

    wp_set_current_user( $user_id, $user->user_login );
wp_set_auth_cookie( $user_id );
do_action( 'wp_login', $user->user_login );

    If I’m way off here, and this fixed my problem for reasons unknown, let me know. I’m a novice at PHP, if the code you had written was validated in some other way in some other place that I’m not aware of let me know. If this isn’t included in future updates I’ll need to make a note of it whenever updating your plugin, as my hack did manage to solve my issue. Also, though this info is public… if posting it here feels a bit “to” public, feel free to mark this post as private or delete it. Won’t hurt my feelings. Thanks!

    Plugin Author Alberto Hornero

    (@hornero)

    Hi @buckyohare,

    Thanks for your feedback, and sorry for the delay in my answer (holidays). Please, let me know what did you exactly change. If you want you can submit your modification here or through github: https://github.com/ahornero/clean-login

    Alberto.

    Thread Starter BuckyOHare

    (@buckyohare)

    Please, let me know what did you exactly change

    Well, happy holidays. The reply you just responded to explained exactly what I changed, why I changed it, where I changed it, what was wrong and how I fixed it. If you need context, go back and read this thread. I’m not really sure how I could be any more specific. I don’t have time to do github for your plugin.

    In short, when using the “automatically login after register feature” of your plugin, your plugin DOES NOT set the current user (it only signs the user in!), which causes a lot of problems when using other plugins and WordPress functionality (see link to official WordPress documentation regarding this I already posted above). I have fixed this however (also explained in detail what and where above). Thanks again for your plugin. Still the best solution for my site. I hope you include this fix, if not I’ll have to manually update it every time you update this plugin.

    • This reply was modified 7 years, 1 month ago by BuckyOHare.
    Plugin Author Alberto Hornero

    (@hornero)

    Hi @buckyohare,

    Please, send me the code (or the file) through the method you find more convenient if you want us merging it in future releases. I’ve just asked you about it in order to avoid any mistake.

    Alberto.

    Thread Starter BuckyOHare

    (@buckyohare)

    Hi again. There’s really nothing to send, all I literally did to fix the problem was change these original lines found in the most recent version of the clean login plugin file “clean-login.php” from:

    // if automatic login is enabled then log the user in and redirect them, checking if it was successful or not, is not compatible with email validation feature. This had no meaning!
if($automaticlogin && $successful_registration && !$emailvalidation) {
$url = esc_url(clean_login_get_translated_option_page('cl_url_redirect'));
wp_signon(array('user_login' => $username, 'user_password' => $pass1), false);
}

    exactly to:

    // if automatic login is enabled then log the user in and redirect them, checking if it was successful or not, is not compatible with email validation feature. This had no meaning!
if($automaticlogin && $successful_registration && !$emailvalidation) {
$url = esc_url(clean_login_get_translated_option_page('cl_url_redirect'));
wp_set_current_user( $user_id, $user->user_login );
wp_set_auth_cookie( $user_id );
do_action( 'wp_login', $user->user_login );
}

    That’s it. If you’ll see the WordPress documentation I originally directed you to concerning the issue with using “wp_signon” alone, you’ll understand why this fixed my problem (or at-least why I think it did, like I said I’m a novice at this). That’s all I have. If that doesn’t help you, or mean anything, don’t worry about it. Thanks.

    • This reply was modified 7 years, 1 month ago by BuckyOHare.
    Plugin Author Alberto Hornero

    (@hornero)

    Let me release in the next update.

    Thanks for reporting it.

    Alberto.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Auto login after registration issue with https’ is closed to new replies.