Login redirect causes 404 since DM 4.4.0.6

Hello :slight_smile:

I've stuck to the latest update of Domain Mapping now since it just works after a full cache reset :smiley:

Unfortunately, I noticed that my login redirect fails to work now.

If I were to login on https://example.com, I'll get redirected to https://example.com/example.com/

If I were to login on https://example.com/something/, I'll get redirected to https://example.com/something/
So that still works :smiley:

My login code:

function hmp_login_call() {
    ob_start();
    hmp_login_process();
    return ob_get_clean();
}

function hmp_login_process() {
    if (isset($_POST['user-submit'])) {
        dlf_auth($_POST['log'], $_POST['pwd']);
    }
     hmp_login_form();
}

function hmp_login_form() {
global $user_login;
?>
<form action="<?php bloginfo('url') ?>/wp-login.php" class="wp-user-form" method="post">
    <div class="username">
        <p class="input-prepend">
            <span class="add-on fa-user-fix"><span class="fa fa-user"></span></span>
            <input name="log" type="text" class="input" value="<?php echo esc_attr(stripslashes($user_login)); ?>" size="20" placeholder="Gebruikersnaam" tabindex="1" />
        </p>
    </div>
    <div class="password">
        <p class="input-prepend">
            <span class="add-on"><span class="fa fa-lock"></span></span>
            <input type="password" name="pwd" class="input" value="" size="20" placeholder="Wachtwoord" tabindex="2" />
        </p>
    </div>
    <div class="login_fields"><?php do_action('login_form'); ?>
        <div class="login-submit">
            <input class="sbutton nav-login-button" type="submit" name="user-submit" value="Inloggen" tabindex="3" />
            <input type="hidden" name="redirect_to" value="<?php echo $_SERVER['REQUEST_URI']; ?>" />
            <input type="hidden" name="user-cookie" value="1" />
        </div>
    </div>
</form>
<?php
}

It's about 9 months old but it has worked all the time :smiley: It's based of the login widget from here: https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-includes/general-template.php#L0 function: wp_login_form()

Oh god, I really need to update my form... But before that... what causes this issue? :O

Thanks! :slight_smile:

  • Adam Czajczyk
    • Support Gorilla

    Hey Sybre,

    I hope you're well today and thank you for your question!

    My bet is that this is caused by this line:

    <input type="hidden" name="redirect_to" value="<?php echo $_SERVER['REQUEST_URI']; ?>" />

    REQUEST_URI doesn't return the entire URL:

    'REQUEST_URI'
    The URI which was given in order to access this page; for instance, '/index.html'.

    Would you please try to simply remove (or better comment out) this line and see if it helps?

    Let me know!

    Cheers,
    Adam

  • Sybre Waaijer
    • The Incredible Code Injector

    Sure thing! I will change that in a minute. I think I have a better solution that commenting it out.. just need to get that from somewhere, I forgot where though :smiley:

    I also noticed that the "domain health" ajax thing isn't working because of an unsafe script:
    http://testpage.hostmijnpagina.nl/wp-admin/admin-ajax.php?action=domainmapping_check_health&nonce=4960aaf7c0&domain=testmijnpagina.nl

    This should be https on https pages :wink:

  • Sybre Waaijer
    • The Incredible Code Injector

    Hello @Adam Czajczyk

    I found the code (used it in my autodescription plugin):

    global $wp;
    echo esc_url_raw(home_url(add_query_arg(array(),$wp->request)));

    It works now :smiley: Thanks!

    For future reference, the full code. Feel free to use it on your blog (it does contain font-awesome styles though):

    function hmp_login_call() {
        ob_start();
        hmp_login_process();
        return ob_get_clean();
    }
    
    function hmp_login_process() {
        if (isset($_POST['user-submit'])) {
            dlf_auth($_POST['log'], $_POST['pwd']);
        }
         hmp_login_form();
    }
    
    function hmp_login_form() {
    global $user_login,$wp;
    ?>
    <form action="<?php echo esc_url( home_url('/wp-login.php') ); ?>" class="wp-user-form" method="post">
        <div class="username">
            <p class="input-prepend">
                <span class="add-on fa-user-fix"><span class="fa fa-user"></span></span>
                <input name="log" type="text" class="input" value="<?php echo esc_attr(stripslashes($user_login)); ?>" size="20" placeholder="Gebruikersnaam" tabindex="1" />
            </p>
        </div>
        <div class="password">
            <p class="input-prepend">
                <span class="add-on"><span class="fa fa-lock"></span></span>
                <input type="password" name="pwd" class="input" value="" size="20" placeholder="Wachtwoord" tabindex="2" />
            </p>
        </div>
        <div class="login_fields"><?php do_action('login_form'); ?>
            <div class="login-submit">
                <input class="sbutton nav-login-button" type="submit" name="user-submit" value="Inloggen" tabindex="3" />
                <input type="hidden" name="redirect_to" value="<?php echo esc_url_raw(home_url(add_query_arg(array(),$wp->request))); ?>" />
                <input type="hidden" name="user-cookie" value="1" />
            </div>
        </div>
    </form>
    <?php
    }

    Could you please report the other issue to the plugin developer? Thanks :slight_smile: <3

    Hope you're all having a great day!

    Edit: escaped all urls :wink: Whoops :smiley:

  • Adam Czajczyk
    • Support Gorilla

    Hey Sybre!

    I think the "is_ssl()" WP function might be of help here:

    https://codex.wordpress.org/Function_Reference/is_ssl

    This article also gives a good clue:

    http://codex.wordpress.org/Function_Reference/wp_login_form

    Wrapping this all up, I'd go for replacing the troublesome line with something like this:

    <input type="hidden" name="redirect_to" value="<?php ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];?>" />

    I also noticed that the "domain health" ajax thing isn't working because of an unsafe script:
    http://testpage.hostmijnpagina.nl/wp-admin/admin-ajax.php?action=domainmapping_check_health&nonce=4960aaf7c0&domain=testmijnpagina.nl

    This should be https on https pages :wink:

    You're right, however I'm not able to access this page from this level. This is because of the nonce included in the URL which works exactly as expected: secures site from unauthorized access :slight_smile:

    If you wan't me to take a closer look at this, could you please grant me a support access to your dashboard by following this guide:

    https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Cheers,
    Adam

    • Sybre Waaijer
      • The Incredible Code Injector

      Hi @Adam Czajczyk

      is_ssl() isn't needed when using esc_url or esc_url_raw.
      This is because the 2nd parameter, if empty (which I left it), will automatically check for that :smiley:

      Then again, I think our messages crossed (you were writing yours while I was writing mine) LOL :smiley:

      I don't think you'll need a closer look.
      It's a matter of object caching again, I disabled it and well.. it works again! Ugh :smiley:

      I'm not sure where this fault is places but I'm afraid this is at the function
      force_ssl_on_mapped_domain()

      Simply wrap a wp_cache_set and wp_cache_get around the wpdb call with a timeout of 10 seconds? Or less? I'm not sure :smiley: It's a buggy bug which has been around for a long time.

      If I enable object caching again it fails again D:

      I've tested the following object groups (all at once lol), none of these seem to cause the problem:

      users
      usermeta
      user_meta
      site-transient
      site-options
      site-lookup
      blog-lookup
      blog-details
      rss
      global-posts

      Know any other WordPress caching groups? I can't seem to get a list :slight_frown:

      • Adam Czajczyk
        • Support Gorilla

        Hey Sybre!

        Indeed we've cross-posted. A telepathy perhaps? :wink:

        Thanks for the code, great job!

        As for the second issue, this is something I'll have to pass to our development team. Having said that, I've forwarded this thread and your last replay especially to them and hopefully they'll soon come up with a solution.

        Thanks again for pointing this out and suggesting the fix.

        Have a nice day!
        Adam

  • Sybre Waaijer
    • The Incredible Code Injector

    Hi @Jude

    Aaaah my WPMUdev points got lost! :slight_frown:

    Anyway, I've stopped using Object cache for a long time now since it was causing too many conflicts with cookies and the like on multisite, including the cause for me starting this thread.

    Since it's so long ago, I can't really recall on what was happening, but I'm not encountering issues nowadays :slight_smile:

    Thanks for the check up!

    Have a wonderful New Year's! :slight_smile:

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.