fightsmarttrav

Thank you again for the reply. I have created a staging site with deactivated plugins and I’m waiting to hear back from the customer.

Oh, and there’s absolutely no doubt that this is a unique case… there’s 35,000 paid users on the site and this is the first I’ve heard of this problem. With that said, one time I made 300 sales of a product before someone told me that the ‘thank you page’ was redirecting people back to the checkout page… so I try to never underestimate the silence and resolve issues for everyone.

This user tried three different browsers: chrome, Firefox and Safari. All same result.

I was considering checking in the database for his hashed session id and seeing if it’s updating, or if there might be a corrupted value of some kind.

not sure where to go from here.

Optimize Press hooks into the WP login function in order to create this form. However, the problem persists when the user visits https://howtofightnow.com/wp-login.php so it is not Optimize Press or the customized login form on that page. It’s somehow a failure in the session, or cookie, or something else.

If you’re referring to the number of attempts remaining, that’s Login Press… but this is mostly for css on the login page, with an extra failed login security function.

He is experiencing this issue even with login press disabled.

Done! You da man, Till!

Hey Till,

Thanks for the reply!

It’s been one month and one week, and I have not had a single support request about there being any kind of conflict from stale cached data. The performance increase has been ridiculous. Truly incredible results, so thank you again.

I have installed supervisord and configured it to run Redis. Hopefully that helps keep things going smoothly!

Thank you for the suggestion!

Hey John,

Thanks for the reply!

I’ve written to Optimize Press, no idea how they’ll handle it. All of their page builder data is stored in post meta, so this could somehow be ‘normal’ operation.

Weirdly enough, when I drag that browser window to a different screen, a scroll bar appears.! When I drag it back to the main screen, the scroll bar stays for a second, and then disappears. Theres some kind of layout issue where QM seems to dislike my largest screen.

if you need me to capture a video for you, I’d be happy to do so.

Replying again just to mark as solved!

WOW. No idea how I missed that… lol.

There was only one result, and now it’s gone. My site is (unbelievably) completely without errors. Thanks John!!!

Please forgive my ignorance… I just poked around looking for some kind of filtering option and I couldn’t find one.

Can you tell me how to do this? Thanks in advance for your time.

Thanks for the reply, John, and for making such an awesome plugin.

Ooof… I have no idea. I have 1,195 redirections on the site. Do you have any idea how I might be able to track the one that is causing the error down?

Thanks! Looks like I’m going to need it…

Ah… gotcha.

Those plugins all completely customize the login page itself, and my login page is created by optimize mentor.

Nevertheless, chatGPT pumped out this plugin for me, and it works

<?php
/*
Plugin Name: Custom Login Error Messages
Description: Customizes the login error messages with fun and engaging messages.
Version: 1.0
Author: TravvyTrav
*/

function custom_login_error_message($error) {
    // Define your custom messages
    $custom_messages = array(
        'The provided password is an invalid application password.' => 'It looks like your password is incorrect! Either type with ninja accuracy, or reset it down below.',
        'Invalid username' => 'That username apparently doesn’t exist. Maybe nothing exists, and reality isn’t real.',
        'Username is required' => 'You didn\'t enter a username or email address... that\'s just not how this thing works.',
        'Password is required' => 'You forgot to enter your password. Therefore, you shall not pass!',
        'Invalid combination' => 'That\'s an invalid username / password combo!',
        'Invalid email' => 'We couldn’t find that email in our records. Please double check it, or contact support!',
        'This account has been flagged as a spammer' => 'Your account has been flagged as a "spammer". I don\'t know what that means, but spam is delicious. Contact support.',
        'Account locked' => 'This account is temporarily locked. Please contact support!',
        'Email confirmation' => 'Check your email for the confirmation link! And don’t forget to look in the spam folder...',
        'Could not retrieve password' => 'Hmm, we couldn’t retrieve your password. Perhaps it has been stolen by gnomes.',
        'Expired key' => 'This reset link has expired. Please request a new one at once!',
        'Invalid email address' => 'That email address isn’t an email address at all. Please try again and make it more email-y.',
        'Invalid username or email' => 'We couldn’t find that username or email. Please try again or contact support!',
        'Password reset key is missing' => 'It looks like the "password reset key" is missing. Please try resetting your password again.',
        'Invalid password reset key' => 'That password reset key doesn’t seem to work. Did you copy it correctly?',
        'Expired password reset key' => 'The password reset key has expired. Please grab a fresh one!',
        'Password is too weak' => 'Your password is too weak, like my puny calves. Try adding some numbers and symbols to make it stronger!',
    );

    // Loop through the errors and replace messages with custom ones
    foreach ($custom_messages as $default_message => $custom_message) {
        if (strpos($error, $default_message) !== false) {
            return $custom_message;
        }
    }

    return $error;
}

function custom_authenticate_user($user, $username, $password) {
    if (is_wp_error($user)) {
        $error_codes = $user->get_error_codes();

        foreach ($error_codes as $code) {
            $error_message = $user->get_error_message($code);
            $custom_message = custom_login_error_message($error_message);

            if ($custom_message !== $error_message) {
                $user->remove($code);
                $user->add($code, $custom_message);
            }
        }
    }

    return $user;
}

function custom_wp_login_failed($username) {
    // Get the last error message from WordPress
    $error = new WP_Error();
    $custom_message = custom_login_error_message($error->get_error_message());

    if ($custom_message !== $error->get_error_message()) {
        $error->add('custom_error', $custom_message);
    }

    return $error;
}

add_filter('authenticate', 'custom_authenticate_user', 30, 3);
add_action('wp_login_failed', 'custom_wp_login_failed');

?>

THANK YOU!!!!!

Ah, your solution is smart! So, it would seem that the problem exists when there are two cookies on the user’s browser, and BOTH of them have expiration dates that are in the future. In my case, the user’s conflicting cookies both expire in 2025. So, you’re making one of them expire, so that cookie is then disregarded, and then the correct cookie for ‘howtofightnow.com’ will be used… which should theoretically solve the problem.

1. I have confirmed that in a ‘working state’, there is only one cookie… and it’s for ‘howtofightnow.com’. It’s the .howtofightnow.com cookie that is causing the problems.
2. I think that it was the wp-config line or aMember that was adding the .howtofightnow.com cookie. I migrated to a new membership system in January, so any user that logged in at that time might have gotten the .howtofightnow.com cookie aMember, and Optimize Mentor was applying the howtofighntow.com cookie thereafter… leaving the user with two conflicting cookies. The only solution (before now) would seem to be clearing those cookies.

Thank you again for your help with this.

I use Optimize Mentor as my current membership plugin… and I honestly have no idea how to ‘hook’ into wp-login… is this something that is relatively simple to do, or do you think I need a dev?

Hey! Thank you for replying.

In my case, I THINK that this extraneous cookie might have been a value left over from aMember membership software… but I DID also find the following line in my wp-config file:

ini_set(‘session.cookie_domain’,’.howtofightnow.com’);?

I’m not sure if this was responsible for setting the extra .howtofightnow.com cookie, but it sure could have been. Even still, all old users are having to clear their cache and cookies before being able to log in, and it’s very frustrating so I’d love to implement a fix.

Can you possibly explain to me how your code ends up ignoring the .example.com cookie, and only evaluating the example.com cookie during the login process? Or is it just setting an equivalent expiration time for the .example.com cookie?

I can send it to a dev, but I would really love to understand how this is working before I ask for implementation!

Thank you again for the reply… this is brilliant!

I have already contacted their support, and unfortunately, their other customers don’t seem to be having the same issue. Do you have any feedback on the multiple cookies? Is that normal behavior?