An active PHP session was detected

As expected, a month and a half later there are no solutions for this.

Hello @christopherwayne
?
?Greetings!

Please note we have not released the update yet, we are still working on it. However, we can assure you that the issue that you have brought to our attention has already been addressed. We plan to release our update by end of this month or early next month.

We thank you for your patience and cooperation.

Dharmesh Barot
Team Edwiser

No sir, they have not solved absolutely anything with the new update. I have been reporting problems with this plugin and the payment plugins for almost a year and they have not resolved any. I have even sent them the code that they need to change and they haven’t. I’ve never seen such terrible premium support. For example, in the Single Sign On plugin there is a coding problem that does not respect the WordPress standards that I have already reported to you by mail and included the solution, however nothing has been done about it.

This is the code in question:

edwiser-bridge-sso/public/shortcodes/class-sso-social-login.php

return ob_get_clean();

Etc…

• This reply was modified 3 years, 11 months ago by christopherwayne.

I have found that the error is produced by the Edwiser Bridge SSO plugin in the file edwiser-bridge-sso/includes/social-login/facebook/class-sso-facebook-init.php

private function loadFacebookPlusConfig($option)
    {
        if ($option == false) {
            return;
        }
        $appId     = $option['eb_sso_fb_app_id'];
        $appSecret = $option['eb_sso_fb_app_secret_key'];

        /*
         * Configuration and setup Google API
         */
        include_once 'src/autoload.php';
        if (session_status() == PHP_SESSION_NONE) {
            session_start();
        }

        self::$fClient        = new \Facebook\Facebook(array(
            'app_id'                  => $appId,
            'app_secret'              => $appSecret,
            'default_graph_version'   => 'v2.10',
            'persistent_data_handler' => 'session'
        ));
        self::$fClientHelper  = self::$fClient->getRedirectLoginHelper();
        self::$fOauth2Service = self::$fClient->getOAuth2Client();
        
        //Add solution for WordPress API REST error
        session_write_close();
    }

Temporal solution:

//Add solution for WordPress API REST error
 session_write_close();

Hello @christopherwayne
?
?Greetings!

We are releasing a QFE plugin update by early next week. Could you please share your email id with us or drop in an email to [email protected] so that we can share the updated plugin with you.

Dharmesh Barot
Team Edwiser

Hello @wisdmlabs!

I have sent an email

Thanks!

• This reply was modified 3 years, 11 months ago by christopherwayne.

Hello @christopherwayne

Thank you, we’ll update you soon.

Dharmesh Barot
Team Edwiser

Amazing! All bugs with the SSO plugin remain unresolved after the update, they weren’t even addressed! This is starting to be absurd and I think I’m going to reflect it in a negative review so that those who decide to buy the plugin take it into account. I have had a lot of patience…

Hi Christopher

Having the same problem here with the Edwiser plugin, I tried the fix mentioned above, but in my case I am still having the issue. String Locator plugin flags the session_start() function as also being in the edwiser-multiple-users-course-purchase plugin too so that is probably the cause of the error still showing.

Unfortunately I don’t speak PHP though, so it might take me a while to figure it out, but if I do will post back here in case it helps others.

Andy

Hello Andy!

Indeed, there are problems with the way plugins use session_start () that goes against WordPress’s recommendations. In my case it happens in the Single Sign Up plugin, specifically in the login with facebook. You have to make several changes to solve the problem and the truth is that I have not had time to do it. The plugin support, despite being a paid plugin, hasn’t fixed it either. There are other coding errors in the same plugin that I have already mentioned before and that are very simple to solve, but there are still no solutions …

Cheers!

Hello @christopherwayne

Greetings of the day!

Yes, we have not addressed the bug-related issues in our recent plugin update. However, we have fixed essential security-related issues in this plugin update and we plan to resolve social login related issue in the upcoming Edwiser Single Sign-On plugin update.

We plan to release the newer update of the Edwiser Single Sign-On update by end of this month.

We thank you for your comprehension.

Dharmesh Barot
Team Edwiser

Thanks, the last update fixed the problem of the active PHP session.

However, the problem in the html in the login form was not corrected.

Here is the code fragment that needs to be corrected:

if (isset($attr['wploginform']) && !$attr['wploginform']) {
            ob_start();
            ?>
            <ul class="eb-sso-cont-login-btns">
                <li><?php
                if ($gpLogin->loadDepend() && isset($ssoSettings['eb_sso_gp_enable']) && ($ssoSettings['eb_sso_gp_enable'] == 'both' || $ssoSettings['eb_sso_gp_enable'] == 'user_account')) {
                // if ($this->ebsso_check_if_google_plus_enabled() && isset($ssoSettings['eb_sso_gp_enable']) && ($ssoSettings['eb_sso_gp_enable'] == 'both' || $ssoSettings['eb_sso_gp_enable'] == 'user_account')) {
                    echo $gpLogin->addGoogleLoginButton();
                }
                ?></li>
                <li><?php

                if ($fbLogin->loadDepend() && isset($ssoSettings['eb_sso_fb_enable']) && ($ssoSettings['eb_sso_fb_enable'] == 'both' || $ssoSettings['eb_sso_fb_enable'] == 'user_account')) {
                // if ($this->ebsso_check_if_fb_enabled() && isset($ssoSettings['eb_sso_fb_enable']) && ($ssoSettings['eb_sso_fb_enable'] == 'both' || $ssoSettings['eb_sso_fb_enable'] == 'user_account')) {
                    echo $fbLogin->addFacebookLoginButton();
                }
                ?></li>
                <?php do_action("eb-sso-add-more-social-login-options-user-accnt-page"); ?>
            </ul>
            <?php
			return ob_get_clean();
        } else {
            ob_start();
            ?>
            <ul class="eb-sso-cont-login-btns">
                <li><?php
                if ($gpLogin->loadDepend() && isset($ssoSettings['eb_sso_gp_enable']) && ($ssoSettings['eb_sso_gp_enable'] == 'both' || $ssoSettings['eb_sso_gp_enable'] == 'wp_login_page')) {
                // if ($this->ebsso_check_if_google_plus_enabled() && isset($ssoSettings['eb_sso_gp_enable']) && ($ssoSettings['eb_sso_gp_enable'] == 'both' || $ssoSettings['eb_sso_gp_enable'] == 'wp_login_page')) {
                    echo $gpLogin->addGoogleLoginButton();
                }
                ?></li>
                <li><?php
                if ($fbLogin->loadDepend() && isset($ssoSettings['eb_sso_fb_enable']) && ($ssoSettings['eb_sso_fb_enable'] == 'both' || $ssoSettings['eb_sso_fb_enable'] == 'wp_login_page')) {
                // if ($this->ebsso_check_if_fb_enabled() && isset($ssoSettings['eb_sso_fb_enable']) && ($ssoSettings['eb_sso_fb_enable'] == 'both' || $ssoSettings['eb_sso_fb_enable'] == 'wp_login_page')) {
                    echo $fbLogin->addFacebookLoginButton();
                }
                ?></li>
                <?php do_action("eb-sso-add-more-social-login-options-wp-login-page"); ?>
            </ul>
            <?php
			return ob_get_clean();
        }

Specifically, this is what needs to be changed:

ob_flush();

It should be replaced by:

return ob_get_clean();

This change must be made in the class-sso-social-login.php file.

Thanks!

Hello @christopherwayne

Thank you once again for bringing this to our attention.

I have registered the snippet with the product development team and we will rectify the same in our upcoming plugin update.

Best Regards,

Dharmesh Barot
Team Edwiser