Cant log out! :D

In addition to the topic I posted here,

http://community.elgg.org/mod/groups/topicposts.php?topic=603854&group_guid=179063

 

User in my site cannot logout easily ! To me this problem description seems funny, thats why this smily :) ! If they click log out, it takes him to the index page but still logged in! Then on the second try, one can log out!

Any clue?

  • This just happened to one of the users on my site today.  It keeps sending to the index page, but still logged in.  Only will log out after the browser is closed and re-opened.

     

    Anyone know why?  Thanks!

  • Action token checking for logout is supposed to be turned off. Check around line 35 of engine/lib/actions.php

  • function action($action, $forwarder = "") {
     global $CONFIG;

     // set GET params
     elgg_set_input_from_uri();

     // @todo REMOVE THESE ONCE #1509 IS IN PLACE.
     // Allow users to disable plugins without a token in order to
     // remove plugins that are imcompatible.
     // Installation cannot use tokens because it requires site secret to be
     // working. (#1462)
     // Login and logout are for convenience.
     // file/download (see #2010)
     $exceptions = array(
      'systemsettings/install',
      'admin/plugins/disable',
      'logout',
      'login',
      'file/download',
     );

     if (!in_array($action, $exceptions)) {
      // All actions require a token.
      action_gatekeeper();
     }

     $forwarder = str_replace($CONFIG->url, "", $forwarder);
     $forwarder = str_replace("http://", "", $forwarder);
     $forwarder = str_replace("@", "", $forwarder);

     if (substr($forwarder,0,1) == "/") {
      $forwarder = substr($forwarder,1);
     }

     if (isset($CONFIG->actions[$action])) {
      if ((isadminloggedin()) || (!$CONFIG->actions[$action]['admin'])) {
       if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {

        // Trigger action event TODO: This is only called before the primary action is called. We need to rethink actions for 1.5
        $event_result = true;
        $event_result = trigger_plugin_hook('action', $action, null, $event_result);

        // Include action
        // Event_result being false doesn't produce an error -
        // since i assume this will be handled in the hook itself.
        // TODO make this better!
        if ($event_result) {
         if (!include($CONFIG->actions[$action]['file'])) {
          register_error(sprintf(elgg_echo('actionundefined'),$action));
         }
        }
       } else {
        register_error(elgg_echo('actionloggedout'));
       }
      }
     } else {
      register_error(sprintf(elgg_echo('actionundefined'),$action));
     }

     forward($CONFIG->url . $forwarder);
    }

  • This is line 21-81 of engine/lib/actions.php  Is this correct?  Sorry not sure.. thank you!!

  • Your actions.php code is correct -->

    $exceptions = array(
      'systemsettings/install',
      'admin/plugins/disable',
      'logout',
      'login',
      'file/download',
     );

    And so you must be running some other PlugIn such as SiteAccess or Walled garden which is blocking the logout. Being taken back to the MainPage is a sure sign of e.g SiteAccess blocking you.

  • @Dhrup Thanks for you help!  I don't have either of these plugins, but after some testing I found this problem was from the "Remote Login" Plugin. 

    @democracy   If you have this plugin enabled, I would check it out.  Disabling this plugin helped me.  It's not a solution, but at least I know where it was coming from.