9

I have an old cakephp-1.2 application in production. This system has a screen where html content can be edited using ckeditor 3.2. The problem is that almost every time when I try to edit some html content I got logged out when submitting the form, the content is not saved when this happens.

Interesting enough I go to edit some html content and make no changes at all in ckeditor then hitting submit sometimes I got logged out and sometimes it works as expected.

Frederico Schardong
  • 1,946
  • 6
  • 38
  • 62
  • Is the application under `https` ? I'm not sure with Cake1.2, but at least with later versions, depending on Session configuration you may loose session if you are logged in under `https` and you make some requests to `http`. Would CKEditor make random requests to `http` ? – nIcO Mar 25 '13 at 07:50
  • @nIcO there is no https in this application, all in http. – Frederico Schardong Mar 25 '13 at 18:27
  • I sounds more like an expiring session problem? did you check your sessions? I would guess that if it's a Ckeditor problem it would happend every time. If not try to find out what is exactly the difference between the times that it happen. We need this infromation to help you. Also you could try to set an echo in your post script on the first line to see if it enters at all? – Spons Mar 26 '13 at 17:02
  • 1
    @spons here is my config file http://pastebin.com/rwE179ex, here is a $_POST of a data that does not cause the log off http://pastebin.com/bxrS5mBw and here is a $_POST of a data that does cause the log off http://pastebin.com/GnPd3L13 – Frederico Schardong Apr 01 '13 at 22:44
  • Do you have Auth or Security enabled? Can you share the code of the action that the form is submitted to? – Nunser May 14 '13 at 15:55
  • @Nunser, sorry for the delay. Here is everything: http://pastebin.com/fbrUCuPF I will start the bounty again – Frederico Schardong May 23 '13 at 00:22
  • Few questions, I don't see any log-related actions in the code you shared, so I have to ask: how do you know you're logged out? Because you're redirected to a specific page or is there a user-related session part not in your code? And when you say "edit some html[...] no changes, sometimes I got logged out[...]", does it happen randomly with the same menu id, or if you keep trying with that same id, it's always the same result? – Nunser May 23 '13 at 02:13
  • I know I am logged out because I am redirected to this page http://pastebin.com/BaXVWYQf. By "edit some html[...] no changes, sometimes I got logged out[...]" I mean "it happen randomly with the same menu id" – Frederico Schardong May 23 '13 at 14:17

2 Answers2

4

I encounter the same problem before just cleaned up the entire code and made sure there wasn't any unnecessary whitespace or unused methods such as debug or php close tag. can you check all your Model.php and remove all php close tags? Hope it solves your problem too. It works fine with me.

MuntingInsekto
  • 1,543
  • 4
  • 19
  • 36
  • Removed all closing tags and whitespaces from the end of the file, there is no debug method and the error is still happening. – Frederico Schardong May 25 '13 at 22:37
  • 3
    what is your app `Configure::write('Security.level', '');` is set to? or the `Configure::write('Session.timeout', '120');` settings? Have you try to adjust the Session.timeout to a longer span of time? – MuntingInsekto May 27 '13 at 11:26
  • `Configure::write('Session.timeout', '1800');` and `Configure::write('Security.level', 'high');`. I think the timeout is high enough, but for the security I don't know. Should I change it? – Frederico Schardong May 27 '13 at 15:09
  • try changing your security level to medium. i have experienced also some unexpected logout when the security level is set to high. – MuntingInsekto May 28 '13 at 03:08
  • It seems to be solved! I will ask my user to test it as well then I'll give you the points :) – Frederico Schardong May 28 '13 at 15:12
0

I really don't no anything about CakePHP but did you already try to fill these values in the post that cause the log off.. 

["CAKEPHP"]=>
string(26) "xxx"
["__utma"]=>
string(54) "xxx"
["__utmb"]=>
string(26) "xxx"
["__utmc"]=>
string(9) "xxx"
["__utmz"]=>
string(70) "xxx.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)"

Because this is the only difference between the 2 Posts. Now i think that you are going to tell me that you don't know how to set them. But if i'm right, this is the session your working on?

Question?: And these 2 posts come from different pages? If so what is the difference on these 2 pages? Did you enable session on both pages?

Possible Solution: Anyway look at this page, what describes a solution for redirecting problems.. I really don't think that it has anything to do with CKEditor. Or does CKEditor return the above posted data? Also this url could help you possibly: Stackoverflow Topic

Community
  • 1
  • 1
Spons
  • 1,593
  • 1
  • 17
  • 46
  • 1) I can manually set them, but I should not. Sorry, can you rephrase your question? 2) Both posts come from the same page, the field that uses CKEditor is 'html'. I am not manually setting/handling the session anywere in my code, it is enabled for this page. – Frederico Schardong Apr 02 '13 at 19:44
  • Sorry i can't really help you any furtur, i don't have the time to look at it. but it feels like searching for a needle in a haystack. Maby you can try to overwrite the session manualy As temporal bug fix? – Spons Apr 03 '13 at 07:24