Logout doesn’t always work

Hi,

I tried to replicate the issue with the steps you provided and at the 2nd step itself i.e. :
* User uses IPBL logout function [siteurl/wp-admin/options-general.php?page=ip-based-login&no_login=15] – works as intended.

After clicking on this link the user is redirected to the home page only.

Are you redirected to the login page ?

The code is written to redirect to the home page after clicking on the “Disable auto login” links.

Hi,

On that step I am redirected to the login page as I would expect.

Though for some users this doesn’t work at all, I am able therefore able to recreate the problem they have by deleting the ipbl_username cookie on my own machine.

Sorry, it’s probably worth mentioning that the we force all users to login on the site I am experiencing this issue on, hence why I am mentioning the login screen rather than the homepage as users who are not logged in will be directed to the login screen.

Hi,

We have just released v2.0.3 which will now redirect to login page after setting the no_login cookie.

I’m afraid that hasn’t fixed my problem.

Perhaps my explanation was not great?

It doesn’t matter where your plugin redirects to after setting the cookie, what matters is that the session is actually terminated but this doesn’t always happen.

I can still recreate the issue. I will try and explain it simpler.

I have a webpage that requires all users to login.
If they logon from specific IP addresses used with this plugin they are logged in as a subscriber automatically.

Some users need to login as an admin, so they use the logout link [wp-admin/options-general.php?page=ip-based-login&no_login=15]

When clicking this we would expect them to be returned to the login page as there existing session has been terminated and they now need to login.
At the login page, I can see the IPBL_username no_login cookie has been set.

In order to recreate the problem my users experience, I DELETE this cookie, then try browsing to my site again.

IPBL see’s that no cookie is set, and logs the user in automatically.

I have a code in my themes function file that sets the logout button to the ipbl link below if the user is logged in with IPBL.

From this point, the logout link [wp-admin/options-general.php?page=ip-based-login&no_login=15] essentially does nothing whenever you click on it. No further cookie is set and the user cannot login as another user.

I think what is happening is the browser is clearing cookies on a scheduled basis which is then causing the problem for my users.

Can you try the steps I have listed as I can recreate the problem every time?

Opps. I thought that would resolve the issue and had marked the thread as resolved. I have marked the thread as not resolved again.

Regarding the issue I tried to replicate using the steps you provided but could not replicate the issue.

1. I used the no_login link to disable login which set a cookie and logged the user out.
2. I then deleted the cookie and I was able to login to the account again with IPBL.
3. Then I again used the no_login link to disable the login and it took me to the login page and I was able to login with another user account since I was not auto logged in using IPBL.

Which browser are you using ?

If you could create a video of your screenshare and post it here it will help me to replicate exact same steps.

I mainly use Firefox but the issue is the same in Chrome.

Thank you for looking into this, I’ve captured a quick video here which hopefully helps.

https://drive.google.com/file/d/1ZIRbA7Cy7zmfGwvdDInoMLLP_ZCuZPmL/view?usp=sharing

Also, bare in mind, my users are not taking these steps. They just contact me when they have the problem and these are the steps I take to recreate the issue.

• This reply was modified 4 years ago by devgains.

Hi,

Sorry for the delay.

I am unable to view the video.

It seems you need to change permission to be able to access to anyone with the link.

No worries, sorry about that. I uploaded it on vimeo too

https://vimeo.com/517117238

Hi,

I checked this again following the same steps you provided and I was not able to replicate the issue. The logout works fine even the 2nd time.

I think the issue could be due to some other plugin conflicting and returning without executing the IP Based Login function.

Do you have a DEV site where you are able to replicate this issue ? We will be able to upload some debugging code and debug faster.

I do have a dev site but the site is only accessible internally. Is there anything in particular you would look for in debugging or any code I could add myself?

I will disable all the other plugins on my dev version and try to find the conflicting one, I would have tried this before but was confident we shouldn’t have anything else that hooks to the logout.

Hi,

Actually the function is not triggered in logout hook but it is triggered in the plugins_loaded hook which could be hooked by several plugins.

In order to debug this you can add some debugging code in following file :
ip-based-login/init.php

In the function ip_based_login_update_check Line no : 83 and check if that debug code is executed or not.

Hello,

I couldn’t get to the bottom of this but I have managed to solve it with a workaround.

I am just using JS to post the data to the logout url and then redirect once the response comes back.

I did try some debug code, ip_based_login_update_check runs every time. It looks like the problem was being caused by the $_REQUEST variable being empty on occasion, but I was pulling my hair out trying to find the cause, gave up in the end.

Hopefully this advice helps somebody.

Happy for the topic to be closed now, thanks for all your support.

Hi,

Sorry we could not get to the root of problem to solve the issue.

Thank you for sharing the workaround.

As per your request we are closing this topic.