SquirrelMail / Current Development Branch (1.5) / #153 You must be logged in to access this page (chromium client)

#153 You must be logged in to access this page (chromium client)

Milestone: None

Status: pending

Owner: Paul Lesniewski

Labels: login (1) session (1) cookies (1)

Priority: 2

Updated: 2022-05-22

Created: 2018-05-23

Creator: ceph3us

Private: No

sessio does not wrok proper with chromium browser

1) login
2) see content of imap mailbox (inbox)
3) click on mail
4)You must be logged in to access this page.

exactly
RWare Iron
Wersja 66.0.3450.0 (Build) custom (64-bitowa)
os linux debian

linux firefox
and webview (lineageos implementation) on android
are working fine

second try to login results in

SquirrelMail notice messages
Category: PHP
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP, Delayed
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP, Delayed
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP, Delayed
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP, Delayed
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP
Message: session_start() [function.session-start]: A session had already been started - ignoring
FILE: /var/www/html/poczta.live/read/functions/global.php
LINE: 129
Category: PHP
Message: Undefined index: UIDSET
FILE: /var/www/html/poczta.live/read/src/read_body.php
LINE: 909
Category: PHP
Message: Undefined index: SHOWALL
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 290
Category: PHP
Message: Undefined index: LIMIT
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 290
Category: PHP
Message: Undefined index: PAGEOFFSET
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 294
Category: PHP
Message: Undefined index: PAGEOFFSET
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 295
Category: PHP
Message: Undefined index: EXISTS
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 295
Category: PHP
Message: Undefined index: UIDSET
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 302
Category: PHP
Message: Undefined index: SEARCH
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 382
Category: PHP
Message: Undefined index: SEARCH
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 384
Category: PHP
Message: Undefined index: SORT
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 763
Category: PHP
Message: Undefined index: SEARCH
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 765
Category: PHP
Message: Undefined index: SORT
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 768
Category: PHP
Message: Undefined index: SORT
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 777
Category: PHP
Message: Undefined index: SORT
FILE: /var/www/html/poczta.live/read/functions/mailbox_display.php
LINE: 787
Category: IMAP
Message: Server-side sorting is not supported by your IMAP server. Please contact your system administrator and report this error.
REQUEST: SORT (REVERSE UID) UTF-8 ALL
RESPONSE: BAD
MESSAGE: No mailbox selected (0.000 + 0.000 secs).
Tip: Run "configure", choose option 4 (General options) and set option 11 (Disable server-side sorting) to true.
Terminating SquirrelMail due to a fatal error

PHP SETTINGS
https://read.poczta.live/src/if.php

removing cookies from browser
1) navigate to server root
2) we have PHPSESSID cookie which i see in milliseconds is replaced by two cookies
SQMSESSID 9de767aaed4da57009241ef1943ce473 read.poczta.live / 1969-12-31T23:59:59.000Z 41 ✓
sqm_cookie_check 1527102077 read.poczta.live / 1969-12-31T23:59:59.000Z 26

then after login i see for milliseconds key cookie which is deleted

and those are after login cookies
SQMSESSID 6f72d5beb3ed99c41c33e4efaaaa5983 read.poczta.live / 1969-12-31T23:59:59.000Z 41 ✓
sqm_cookie_check 1527102125 read.poczta.live / 1969-12-31T23:59:59.000Z 26
squirrelmail_language deleted read.poczta.live / 2018-06-22T19:02:05.456Z 28 ✓

after klick on mail link cookies don't change anymore

i have tried to disable secure cookies in sm settings or autostart in php ini / and add various plugins the same efect with or without plugin

i see one more thing 0 bytes cookies regardless used brwoser
i noticed one more thing first login to account on pure SM install results in proper login
then all next logins fails

i removed also a server side file cookies with same effect

issue applies to all V USERS ACCOUNTS

SquirrelMail version: 1.5.2 [SVN]
Config file version: 1.5.0
Config file last modified: 23 May 2018 21:14:16
Checking PHP configuration...
PHP version 7.2.5 OK. (You have: 7.2.5. Minimum: 4.1.0)
Running as www-data(33) / www-data(33)
display_errors: 0 (overridden with 1 for this page only)
error_reporting: 32767 (overridden with 32767 for this page only)
variables_order OK: GPCS.
PHP extensions OK. Dynamic loading is disabled.
Web server is running as user: www-data (33)
Web server is running as group: www-data (33)
Checking paths...
Data dir OK.
Attachment dir OK.
Checking plugins...
Plugins are not enabled in config.
Themes OK.
Default language OK.
Base URL detected as: https://read.poczta.live/src (location base set to https://read.poczta.live)
Checking outgoing mail service....
SMTP STARTTLS extension looks OK.
SMTP server OK (220 poczta.cool ESMTP Postfix (Debian/GNU))
Checking IMAP service....
IMAP server ready (* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.)
Capabilities: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
Checking internationalization (i18n) settings...
gettext - Gettext functions are available. On some systems you must have appropriate system locales compiled.
Test translations. This test is not accurate and might work only on some systems.
mbstring - Mbstring functions are available.
recode - Recode functions are unavailable.
iconv - Iconv functions are available.
timezone - Webmail users can change their time zone settings. Current time zone is CEST.
Checking database functions...
not using database functionality.
Checking LDAP functions...
not using LDAP functionality.

Discussion

ceph3us - 2018-06-01

seem simmilar to https://sourceforge.net/p/squirrelmail/bugs/2843/

what and where in codeflow / execution is a difference for firefox and chromium agent
afer we are logged in when session is checked and after any link usage ?

i have read that u have patched "somwhere" redirect using relative and full path when detected a different browser agent ...

when/wher in code do i need to put breakpoints when debug to be able determine what is the cause for issue ? (please list : files / lines) for 1.5.2 so i can narrow the pleasce to search

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Paul Lesniewski - 2018-06-02

I think rather it may be caused by recent changes in PHP. Oddly, your log messages are not the same, but that's still my gut feeling. See https://sourceforge.net/p/squirrelmail/bugs/2847/

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- ceph3us - 2018-06-12
  
  for an php specific issue then this would be applicable to all clients (except if its a session handling client implementation issue) - as i said i have no problems on firefox or android chrome webview implementation but some chromium implementation fails after login
  
  i did not dig into it but i saw that sessions could be stored in db ... do you think could it resolve the problem ? (as a temp solution)
  
  do you not think that its a time to rethink and rewrite session handling as it's a cause for most of issues :)
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- ceph3us - 2018-06-12
  
  btw. i can give you access to that vps if u wish to examine the case just leave me a pm
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Paul Lesniewski - 2022-05-22
    
    Not sure if you're still trying to make this work, but there is no browser-specific code path for how sessions and cookies are handled. Rather, there is probably something happening with the cookies (directory path they are assigned or the likes). If you are debugging, I'd step through the cookie code in functions/global.php and spit out $_COOKIE across the good and bad page requests and go from there. I've tried Chromium myself and it worked normally.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Paul Lesniewski - 2022-05-22

assigned_to: Paul Lesniewski

Group: -->
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Paul Lesniewski - 2022-05-22

status: open --> pending
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

You must be logged in to access this page (chromium client)

Group

Searches

Help

#153 You must be logged in to access this page (chromium client)

Discussion