Something logging me out?

Found an issue with the phpBB system here at NESdev? Use this forum to report problems.

Moderator: Moderators

Post Reply
calima
Posts: 1764
Joined: Tue Oct 06, 2015 10:16 am

Something logging me out?

Post by calima »

Did something change on the forum sw in the last two days? Both days I became logged out, even though I have "stay logged in" checked, and the cookies had expiration sometime in 2019.
User avatar
koitsu
Posts: 4201
Joined: Sun Sep 19, 2004 9:28 pm
Location: A world gone mad

Re: Something logging me out?

Post by koitsu »

Sounds like a duplicate thread. References:

viewtopic.php?f=13&t=15751
viewtopic.php?f=13&t=10419

phpBB stores "session info" (login session) on disk, server-side, in temporary files. If this directory is lost, files removed, etc. -- which could happen depending on if they're stored on a filesystem that's non-persistent (ex. RAM-based and the server is rebooted) -- which is often the case by default on many distros -- then the session details are lost and the user has to log back in. It's also possible that session GC kicked in unexpectedly (quite common with default settings on a highly-loaded site) when the session lifetime (which is not necessarily equal to the cookie lifetime, IIRC) was set very low.

The server hosting nesdev since Parodius' closure is very different, and there are intermediary reverse proxies involved, IIRC, so these also complicate matters.

There are also known oddities that are client-side with Chrome in particular where it seems to lose its mind + cookies become quietly ignored (they're saved, they just don't seem to function). The only solution I've found for that is to, sorry to say, clear the cache in Chrome (Settings -> Advanced -> Clear Browsing Data -> Advanced -> check Browsing history, cached images and files, and cookies and other site data). I've encountered this problem on other sites that are non-phpBB as well, so that specific problem is not unique to nesdev. Debugging this problem is tedious and requires both client-side and server-side debugging capability. It's even more tedious/painful if SSL is used since you can't use tcpdump to truly see, HTTP-header-wise, what the client sends and what the server sends back (server-side code does not usually give good insights to this; client-side (browser) sometimes, but not always).
Post Reply