00551: Can't login after one incorrect login

Summary: Can't login after one incorrect login
Created: 2005-10-03 14:50
Status: Closed - fixed for 2.1.beta4
Category: Bug
From: Uli
Assigned:
Priority: 5
Version: 2.0.2
OS: Apache/Linux

Description: User authorization is done by scripts/authuser.php

When trying to login with wrong username/passwort it's not possible anymore to login with the CORRECT values. I have to reload the page by clicking the logo or reopen the browser. This is very hard to explain to my users. Please fix.

Thanks Uli


Hmmm, I'm afraid I don't entirely understand the problem (because it works fine for me on my system). Is there a url where I can see the problem? --Pm

- this is happening on an internal machine, I will try to create a second system with the same effect. I think the problem is described in the authuser Cookbook entry, "In pmwiki ~beta 54 there is a minor bug. After logging in with a wrong user, you have to close the browser, or logout, otherwise you can't login with a valid user.". Again: trying to login with wrong username / password seems to do something to the session / cookie. Uli

Nov 6: sent email to PM with link to test installation Uli


Aha! Thanks to a problem that Bronwyn Boltwood was having, I was able to track this bug down to a problem in the authorization form being generated. So, try upgrading to 2.1.beta4 or later and see if that fixes things.

If for some reason upgrading isn't a good option at this point, then find the line in pmwiki.php that reads

    if ($k == 'authpw') continue;

and change it to

    if ($k == 'authpw' || $k == 'authid') continue;

and that should resolve the problem.

If it doesn't resolve the problem, re-open this ticket for me. :-)

--Pm