I had a working 3.03-pl MODX manager, but I cleared my cookies while logged in. Now I am unable to log in again. When I use the log in page nothing happens, it simply reloads. This behavior seems similar to these other open topics on this site: Upgrade issues can not login and After upgrade from 3.0.1 to 3.0.2 manager not works
Debug Attempts
I have cleared the core/cache with ftp and my core/cache/logs/error.log says:
(ERROR @ ...core/src/Revolution/modUser.php : 393) PHP warning: session_regenerate_id(): Session ID cannot be regenerated when there is no active session
and (ERROR @ .../core/src/Revolution/modManagerRequest.php : 107) PHP warning: Undefined variable $_SESSION
I have also emptied my modx_session table and noticed that modx_active_users is empty while modx_manager_log is recording every login as if it were successful. My session_handler_class is set to MODX\Revolution\modSessionHandler
I have tried from different browsers and private/incognito windows. The browser console returns no errors, and no cookies/sessions
You could try setting session_handler_class to blank, to use âstandard PHP session managementâ.
There are also other settings (starting with session_cookie_...) that you could try changing.
Always clear the cache (core/cache) after changing a system setting in the database.
Thank you for your suggestions! I tried using the PHP session handler by setting session_handler_class to blank and got a similar error in the PHP error log about $_SESSION being undefined from line 11 of /index.php
I also tried different session_cookie system settings, always clearing the cache, with both PHP and MODX session handlers to no avail. These were session_cookie_httponly, session_cookie_secure, session_cookie_domain, and session_cookie_path
When I found session_enabled I recalled that I had experimented with contexts, and deleted the 3 test contexts I had made from mod_access_context and mod_context (none had mod_context_settings). I also made sure that the default_context was web.
However, none of this changed the problem. This glitch fascinates me, but I might just start from a fresh install because I canât make any progress with it.
Interesting! I wrote and executed a script that called session_start() without issue. Then I tried logging in, and it worked! This made me terribly suspicious, so I tried logging out again, which recreated the problem.
In other words, you seem to be correct that session_start is either not being called or failing when MODX calls it.
anonymous_sessionswas set to 0 (false) so I changed it to 1 and cleared the cache. Doing this fixed the log in issues, and I can imagine why. I can now log in and logout and even clear my cookies without this issue recurring.
However, I expect that breaking login is an unintended consequence of turning off anonymous sessions. Shouldnât the login page still generate a session? I prefer to have sessions off for the main site.
Thinking that this might be a bug, I tested on a clean install (at the same host) and it created the same log in issue. As far as I can tell, the only thing necessary to create this problem is changing the system setting anonymous_sessions to No.
While this might be a bug with anonymous_sessions or unique to my host, my particular issue has definitely been solved Thank you @halftrainedharry for your succinct and prompt troubleshooting assistance!
For anyone with the same issue: As a workaround to keep session cookies off the main site I set session_enabled to No for the web context which worked nicely, setting anonymous_sessions to No for web worked as well. I found the workaround on this closed issue from modx 2.5.
These were the issues that resembled my problem, both closed:
This topic was automatically closed 2 days after discussion ended and a solution was marked. New replies are no longer allowed. You can open a new topic by clicking the link icon below the original post or solution and selecting â+ New Topicâ.
Thank you