I have problems when I force reset passwords for my website users.
When I use this option, the next time the user logs in it will be prompted to change the password. My website link is something like this: Server/MyPortal.
When users login instead of taking them to:
Server/MyPortal/default.aspx?ctl=PasswordReset&resetToken...
They are redirected to:
Server/default.aspx?ctl=PasswordReset&resetToken...
Which obviously takes them to a 404 not found page because it is missing MyPortal.
Can anyone please shed some light on me and help me to fix this? Thank you very much!
Ivan
What version of DNN are you on?
I would look at
Are you on the latest version
Are your Portal Aliases configured properly. To tell this, login as a Super User, go to the Admin/Site Settings page for the portal in question, find the Portal Aliases section, I believe that is under the Advanced tab. See if you have a misconfigured alias in there.
Another thing you might check, would be to check the Language files (admin/languages) to see if the password reset email could be modified there to include the proper portal URL. When editing language files in DNN you can edit System, Host, or Site.
You likely want to edit the SITE level if you have other websites running as well. Site level edits will only apply to that individual portal.
I am developing a Drupal 7 site with multi-language, using only locales module. Two questions.
1.I made a custom "forgot my password" page, accessible through http://example.com/fr/user/password for french. Once I enter my email and click the button, it get redirected to /user, loosing the language on the way.
I wrote my own submit handler and redirect to another page without much success. It looks like on the submit, the form is rebuild, without the language in the url, and from that point on, everything is happening in the default language. How can I keep the language reference ?
2.Drupal core messages are not translated, like "Further instructions have been sent to your e-mail address.", even if its under the t().
Any help would be appreciated.
Thanks.
Losing the language may be because of how you have your detection set up. Language detection settings are at 'admin/config/regional/language/configure'. But it may also be because you are redirecting to the wrong language? How are you getting the url to redirect to?
You should use the l() function or url() function as I think these will respect the current language and give you the correct url.
You should be able to translate messages on the translate interface at: admin/config/regional/translate/translate
I'm trying to mask a page URL in a Wordpress installation. Let's say it's http://www.mysite.co.uk/wordpress/page and when this page is opened, I want the URL to show http://www.mysite.co.uk/wordpress/anythingelse. The whole point of this is so that the URL cannot be shared, only accessed by authorised users, which means I also want it so that you cannot access this page by typing in /anythingelse. Is this possible and how do I go about this? I've got as far as .htaccess files but I have no experience working with this...
If you use http://www.mysite.co.uk/wordpress/anythingelse/ to actually show http://www.mysite.co.uk/wordpress/page, then it means that you will be able to access http://www.mysite.co.uk/wordpress/page by reaching http://www.mysite.co.uk/wordpress/anythingelse/...
You might be trying to do this the wrong way. What is the point exactly? Do you know that in WordPress, you have two ways of protecting pages? One is to make it "Private" (just above the Publish or Update button) and the other one is to make it "Password protected" (same area).
In any case, if you don't use a password but just play with the URLs, it will only be protected as long as the URL stays unknown. Anyone actually typing the right URL will, indeed, be able to access the page.
You can also restrict access by IP. Try to be more explicit about why you want to protect this page.
I'm getting a redirect loop on a Drupal 7 install. Whenever a non-admin user logs in, the site will enter a redirect loop on the user profile URL; for example, http://example.com/?q=user/testuser.
This URL is accessible with no issues by the superuser account, and attempting to access this URL while logged out returns a 403 Access Denied as expected.
When logged in as a non-admin user, attempting to access any URL at all will redirect to the user profile page, which will then redirect onto itself, causing the redirect loop to start anew.
I have found that if I give a specific user the "administrator" role, the redirect loop will cease for that user, and the page will no longer try to redirect to user/%username on login.
I have also found that if I give users the "administer users" permission that the redirect loop will cease, but will still redirect the user to user/%username on login.
Obviously neither of these solutions are possible as giving regular users administrator roles or the ability to administer users is a huge security risk.
Does anyone know of a fix for this, or a way to get around this with an override related to user role?
Installed modules: Block, Color, Comment, Contextual links, Dashboard, Database logging, Field, Field SQL storage, Field UI, File, Filter, Help, Image, List, Menu, Node, Number, Options, Overlay, Path, RDF, Search, Shortcut, System, Taxonomy, Text, Toolbar, Update manager, User, Chaos tools (7.x-1.0-alpha4), Page manager, Devel, Theme Developer, Fieldgroup, IMCE, Pathauto, Token, Taxonomy Menu, IMCE Wysiwyg API bridge, Wysiwyg, Webform, and several custom modules which i) provide blocks 2) provide custom pages and 3) modify the default search behaviour (splits search results by node type). None of my custom modules ever interface with the user management system, permissions system or use any of the functions provided by the user module.
I had an identical problem... spurred on by the fact I wasn't the only one faced with this issue I dug around a bit more. It was your update that gave it away - the Custom Theme.
I'm sure this could be caused by lots of different factors, but in my case and potentially yours, it was my template.php that was at fault.
I was using a custom MYTHEME_preprocess_page() to make some custom variables available in my templates. One of the variables was obviously a bit funky because when i removed it the problem disappeared. Turns out it was some left over code from when I was trying to get the user registration form into the page. It never worked and I forgot to remove it!
Hope this helps someone out there get back on track.
I haven't solution, but you can investigate in next way:
1. Goto http://SITE/admin/config/development/devel for devel module settings.
2. Check "Display redirection page" and save settings.
3. Goto http://SITE/admin/people/permissions
4. Check "Access developer information" for anon and other roles, and save.
5. Try login, it should stop on redirection pages and show where it try to redirect, so you can detect, what modules call looping.
I also had a problem with redirect-loops randomly occurring for non-admin users. Looking at /admin/reports/dblog revealed a permission problem with several nodes. I fixed it by flushing the node permissions (see /admin/reports/status/rebuild). Now everything is fine again.
Same problem for me, after hours and hours of debug and forum/blog navigation I finally found what was going on my site...
If you force login block in all pages, even if user is already logged in, only admin can navigate pages.
This is one of the possibles causes, I hope can help someone!
I had the same problem because i was loading the login form even when the user was logged in. fix it by not asking for the form only if the user is anonymous.
from https://www.drupal.org/node/1793230
Run these SQL queries in your MySQL database. If you have drush installed, you can just "drush sqlc" from your settings directory to get into a MySQL command line. Otherwise you can use PHPMyAdmin, MySQL workbench, or some other client tool to connect and run these:
Show records to be deleted:
SELECT r.rid, r.language, r.source, r.redirect FROM redirect r INNER JOIN url_alias u ON r.source = u.alias AND r.redirect = u.source AND r.language = u.language;
Then, to delete redirects shown in above query - try going to the pages shown in the row. Chances are you will get a redirect loop. Then, try again after backing up db and running the delete below. You have to turn off safe mode in MYSQL Workbench to run it, so BACKUP:
DELETE r FROM redirect r INNER JOIN url_alias u ON r.source = u.alias AND r.redirect = u.source AND r.language = u.language;
Fixed my problem, and found other pages that had loops which I didn't even realize!
I'm working for a company that is using Wordpress MU to supplement other functions on a member site. We have a user signup process that creates the appropriate Wordpress MU users and blogs on signup, but I'm having real trouble figuring out how to log someone in to a WP blog from outside of Wordpress itself. The documentation these methods seem to be non-existent or just too obtuse for me.
In the abstract I know how to do it: Take user info, set the same cookie that Wordpress would set itself. Done. It is, however, not this simple.
Has anyone done this successfully before?
I've been able to log people into Wordpress, however I'm was running inside Wordpress. (I was inside a theme)
Basically, the tough part is getting all the hashes correct, because Wordpress uses a set of defined security hashes in the config file to create the cookie. Ideally you should be able to copy and paste the functions that Wordpress uses.
Yes Wordpress documentation for security sucks, but that is what you get in a Open Source application, not stellar documentation.
What you are looking for is the wp_set_auth_cookie function in the /wp-includes/pluggable.php file. You should look into what the do_action()s actually do, but you should be able to simply replace all the constants with the correct values, and you'll have a function that can port anywhere on the domain.
Hey, it's not so tough task, once you are using correct instruments ;)
Try XML-RPC