URGENT Appointments+ Authentication Error on Save User

Service Providers can't save their profile/schedule changes. When they do (or when I try to do it for them), they get an Authentication Failed error.

I disabled every other plugin and changed to a default theme, and the error continued. I also disabled ONLY App+, and the error went away.

  • Predrag Dubajic

    Hi James,

    I did some testing on my end but was unable to replicate this, can you confirm that I'm doing the same thing.
    I went to All Users panel, opened one profile of the user that's also provider, made some changes there (changed name, changed working days) and saved the changes.

    Also, would you mind allowing support access so we can have a closer look at this on your end?
    To enable support access you can follow this guide here:
    https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Best regards,
    Predrag

  • Predrag Dubajic

    Hi James,

    Thanks for granting access, I checked your site with new user I created and can see the issue you are referring to so I tried replicating it again on my end with similar setup by activating same A+ add-ons adding M2 and even you custom role editor but still had no luck.

    I did see 500 error in network tab when I inspected profile page on your site but that doesn't tell us much about what's causing it.

    Can you enable debug log in your wp-config.php by replacing define('WP_DEBUG', false); with this code:

    // Enable WP_DEBUG mode
    define('WP_DEBUG', true);
    
    // Enable Debug logging to the /wp-content/debug.log file
    define('WP_DEBUG_LOG', true);
    
    // Disable display of errors and warnings
    define('WP_DEBUG_DISPLAY', false);
    @ini_set( 'display_errors', 0 );

    This will create debug.log file in your wp-content folder that could tell us what is going on.
    After enabling it try saving one profile so that authentication error shows up and check the log file, if some errors show up in it can you please save it as .txt file and attach it here so we can check it out.

    Best regards,
    Predrag

  • jamesdonegan

    They're just in the functions.php ... I thought maybe my code was the conflict, but I got the same error when I switched to a default theme. (Although I guess all my custom fields were still in the database... so maybe something there conflicts?)

    function modify_user_fields($profile_fields) {
    
    	$profile_fields['mobile-phone'] = 'Mobile Phone';
    	$profile_fields['alt-phone'] = 'Alternate Phone';
    
    	if (current_user_can('customer') || is_admin()) {
    		$profile_fields['address-1'] = 'Address 1';
    		$profile_fields['address-2'] = 'Address 2';
    		$profile_fields['city-state-zip'] = 'City, State Zip';
    	}
    
    	$profile_fields['twitter'] = 'Twitter Username';
    	$profile_fields['facebook'] = 'Facebook URL';
    	$profile_fields['gplus'] = 'Google+ URL';
    
    	return $profile_fields;
    }
    add_filter('user_contactmethods', 'modify_user_fields');
    
    // Add Checkboxes
    
    $lesson_types=array('voice'=>'Voice','piano'=>'Piano','guitar'=>'Guitar','otherinst'=>'Other Instruments','ballet'=>'Ballet','jazz'=>'Jazz','tap'=>'Tap','other'=>'Other (Include in Your Bio)');
    
    $burroughs=array('bronx'=>'Bronx','brooklyn'=>'Brooklyn','manhattan'=>'Manhattan','queens'=>'Queens','staten'=>'Staten Island','jersey'=>'New Jersey');
    
    $neighborhoods=array('downtown'=>'Downtown','wvill'=>'West Village','evill'=>'East Village','chelsea'=>'Chelsea','turtgam'=>'Turtle Bay/Grammercy','midwest'=>'Midtown West','mideast'=>'Midtown East','uws'=>'Upper West Side','ues'=>'Upper East Side','wash'=>'Washington Heights','harlem'=>'Harlem');
    
    $sitterarray = array('role'=>'sitters', 'fields'=>array('display_name','user_nicename','user_login','ID'));
    $sitterlist = get_users($sitterarray);
    
    function add_favorites( $user ) {
    	if (current_user_can('customer') || is_admin() ) { ?>
    
    		<table class="form-table">
    	        <tr>
    	            <th>
    	                <?php _e('Favorite Sitters'); ?>
    	            </th>
    	            <td><?php
    	                global $sitterlist;
    	                foreach($sitterlist as $sitteritem) {
    	                    $code = 'favorite_'.(esc_html($sitteritem->ID));
    	                    $code_test = get_the_author_meta( $code, $user->ID);
    	                     ?>
    	                    <label><input type="checkbox" name="<?php echo $code; ?>" <?php if ($code_test == 'yes' ) { ?>checked="checked"<?php }?> value="yes" /> <?php echo '<a href="'.get_site_url().'/profile/?search_id='.$sitteritem->ID.'" target="_blank">'.esc_html($sitteritem->display_name).'</a>'; ?></label><br />
    	                <?php }
    	            ?>
    	            </td>
    	        </tr>
    
             </table>
    
    	<?php }
    
    }
    
    function save_favorites ($user) {
    	global $sitterlist;
    	if (current_user_can('customer') || is_admin()) {
    	    foreach($sitterlist as $sitteritem) {
    		    $code = 'favorite_'.(esc_html($sitteritem->ID));
    	        update_user_meta( $user, $code, $_POST[$code] );
    	    }
    	} else return;
    }
    
    add_action( 'show_user_profile', 'add_favorites' );
    add_action( 'edit_user_profile', 'add_favorites' );
    add_action( 'personal_options_update', 'save_favorites' );
    add_action( 'edit_user_profile_update', 'save_favorites' );
    
    function my_user_field( $user ) {
    	if (current_user_can('sitters') || current_user_can('shop_staff') || is_admin() ) { 
    
        $gender = get_the_author_meta( 'gender', $user->ID);
        $spneeds = get_the_author_meta( 'spneeds', $user->ID);
        $lessons = get_the_author_meta( 'lessons', $user->ID);
        $lesson_fees = get_the_author_meta( 'lesson_fees', $user->ID);
        $burroughs = get_the_author_meta( 'burroughs', $user->ID);
        $neighborhoods = get_the_author_meta( 'neighborhoods', $user->ID);
    ?>
        <table class="form-table">
            <tr>
                <th>
                    <label for="Gender"><?php _e('Gender'); ?>
                </label></th>
                <td><span class="description"><?php _e('Gender'); ?></span><br>
                <label><input type="radio" name="gender" <?php if ($gender == 'Male' ) { ?>checked="checked"<?php }?> value="Male"> Male<br /></label>
                <label><input type="radio" name="gender" <?php if ($gender == 'Female' ) { ?>checked="checked"<?php }?> value="Female"> Female<br /></label>
    
                </td>
            </tr>
    
            <tr>
                <th>
                    <label for="Special Needs"><?php _e('Can care for special-needs kids'); ?>
                </label></th>
                <td><span class="description"><?php _e('Special Needs'); ?></span><br>
                <label><input type="radio" name="spneeds" <?php if ($spneeds == 'Yes' ) { ?>checked="checked"<?php }?> value="yes"> Yes<br /></label>
                <label><input type="radio" name="spneeds" <?php if ($spneeds == 'No' ) { ?>checked="checked"<?php }?> value="no"> No<br /></label>
    
                </td>
            </tr>
    
            <tr>
                <th>
                    <?php _e('Lessons'); ?>
                </th>
                <td><?php
                    global $lesson_types;
                    foreach($lesson_types as $key => $value) {
                        $code = 'lessons_'.$key;
                        $less = get_the_author_meta( $code, $user->ID);
                         ?>
                        <label><input type="checkbox" name="<?php echo $code; ?>" <?php if ($less == 'yes' ) { ?>checked="checked"<?php }?> value="yes" /> <?php echo $value; ?></label><br />
                    <?php }
                ?>
                </td>
            </tr>
    
            <tr>
                <th>
                    <label for="Lesson Fees"><?php _e('Lesson Fees'); ?>
                </label></th>
                <td>
                <label>What do you charge for a lesson add-on?</label><br />
                <input type="text" name="lesson_fees" value="<?php echo $lesson_fees; ?>" />
                </td>
            </tr>
    
    		<tr>
                <th>
                    <?php _e('Burroughs'); ?>
                </th>
                <td><?php
                    global $burroughs;
                    foreach($burroughs as $key => $value) {
                        $code = 'burroughs_'.$key;
                        $burr = get_the_author_meta( $code, $user->ID);
                         ?>
                        <label><input type="checkbox" name="<?php echo $code; ?>" <?php if ($burr == 'yes' ) { ?>checked="checked"<?php }?> value="yes" /> <?php echo $value; ?></label><br />
                    <?php }
                ?>
                </td>
            </tr>
    		<tr>
                <th>
                    <?php _e('Manhattan Neighborhoods'); ?>
                </th>
                <td><?php
                    global $neighborhoods;
                    foreach($neighborhoods as $key => $value) {
                        $code = 'neighborhoods_'.$key;
                        $neigh = get_the_author_meta( $code, $user->ID);
                         ?>
                        <label><input type="checkbox" name="<?php echo $code; ?>" <?php if ($neigh == 'yes' ) { ?>checked="checked"<?php }?> value="yes" /> <?php echo $value; ?></label><br />
                    <?php }
                ?>
                </td>
            </tr>
        </table>
    
        <?php } //end if ?>
    <?php
    }
    
    function my_save_custom_user_profile_fields( $user_id ) {
        if ( !current_user_can( 'edit_user', $user_id ) )
            return FALSE;
    
        update_user_meta( $user_id, 'gender', $_POST['gender'] );
        update_user_meta( $user_id, 'spneeds', $_POST['spneeds'] );
        update_user_meta( $user_id, 'lesson_fees', $_POST['lesson_fees'] );
    
        global $lesson_types;
        foreach($lesson_types as $key => $value) {
            $code = "lessons_".$key;
            update_user_meta( $user_id, $code, $_POST[$code] );
        }    
    
        global $burroughs;
        foreach($burroughs as $key => $value) {
            $code = "burroughs_".$key;
            update_user_meta( $user_id, $code, $_POST[$code] );
        }    
    
        global $neighborhoods;
        foreach($neighborhoods as $key => $value) {
            $code = "neighborhoods_".$key;
            update_user_meta( $user_id, $code, $_POST[$code] );
        }
    
    }
    
    add_action( 'show_user_profile', 'my_user_field' );
    add_action( 'edit_user_profile', 'my_user_field' );
    add_action( 'personal_options_update', 'my_save_custom_user_profile_fields' );
    add_action( 'edit_user_profile_update', 'my_save_custom_user_profile_fields' );
  • George

    Hi James,

    I hope you are having a good day :slight_smile:

    I checked your custom code in my local environment but couldn't reproduce it at my end. I checked the issue in your site and it looks like some nonce verification failure to me. To debug it further I will need to check it in your site's code base and will need FTP access for that.

    You can send FTP details privately through our contact form: https://premium.wpmudev.org/contact/

    Select "I have a different question" for your topic - this and the subject line ensure that it gets assigned to me :slight_smile:

    Send in:

    Subject: "Attn: George Holman"
    -WordPress admin username
    -WordPress admin password
    -login url
    -FTP credentials (host/username/password)
    -link back to this thread for reference
    -any other relevant urls

    **If you keep support access active then no need to send in wp-admin

    Cheers,
    George

  • jamesdonegan

    Here's a twist. I installed a clean version of Appointments+ in case it'd become corrupt somehow. Didn't fix the problem, but in my "testsitter" profile, I was saving changes without any problem. Then I realized that it's the only sitter profile with Google calendars linked. I disabled Google Calendar usage for individual users, and the authentication error disappeared.

    So apparently the bug is this: If Google Calendars are enabled for users, but that user hasn't connected one, it gives the authentication error.

  • Adam Czajczyk

    Hello jamesdonegan!

    So apparently the bug is this: If Google Calendars are enabled for users, but that user hasn't connected one, it gives the authentication error.

    That turns out to be good shot! Thanks you for reporting the issue. I have double-checked that on my own setup and I can fully confirm this. Therefore, I'm reporting this to Appointments+ developers as a bug and hopefully they'll be able to fix it soon.

    Best regards,
    Adam

  • George

    Hi James,

    I hope you are having a good day :slight_smile:

    We have figure out the issue and have a fix ready for that. We have also fix the issue in your site by changing a line of code in the plugin. We have modified /wp-content/plugins/appointments/includes/gcal/class-app-gcal-admin.php file at line no. 174 and changed it to
    if ( 'access-code' === $gcal_action && ! empty( $_POST['access_code'] ) ) {
    from
    if ( 'access-code' === $gcal_action ) {

    Please check and let us know if you still face the issue or need any assistance. This issue will officially be fixed in future update of the plugin.

    Cheers,
    Geroge

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.