Skip to Content Skip to Menu

🌟Discover the Joomla AI Plugin that wrote its own story! - CB Editor Assistant 1.1now for Joomla 3, 4 & 5!
✍️ 5-Day Free Trial, then 🎯 save up to 30% with our 🛍️ Intro Offer (First 50 users, ends Dec. 31)
🌲 Merry Christmas! Great savings on Professional and Developer Memberships! Get 25% off now with code XMAS-2024!

403 Upon Initial Login Following Registration Confirmation

  • Sinned
  • Sinned
  • OFFLINE
  • Posts: 3
  • Thanks: 0
  • Karma: 0
11 years 3 months ago #234173 by Sinned
I am running CB 1.9 on Joomla 3.1.5, and am seeing some odd behavior with new user registrations.

The registration process goes fine, up until the new user confirms their registration and tries to log in for the first time. There seems to be something different about where the login form goes when coming to the site via the email confirmation link.

(replacing the domain in this post because it is a site not ready for public, but attaching fiddler trace that keeps it intact)

When arriving from the confirmation email, this is what happens when the new user tries logging in:
Code:
POST http://www.<domain>.com/index.php/register/login 303 See other to http://www.<domain>.com/index.php/register GET http://www.<domain>.com/index.php/register 403 You are not authorized to view this resource. (text/html)

The login is successful, but it redirects to index.php/register and throws a 403. If the user clicks "home" from the 403 error page, the site knows they are logged in, and operates normally after that.

If the user arrives from a means other than the confirmation email (i.e. just loads the site normally), the login works fine, with no 403, and doesn't try to go to index.php/register:
Code:
POST http://www.<domain>.com/index.php/register/login 303 See other to http://www.<domain>.com/ GET http://www.<domain>.com/ 200 OK (text/html)

After logging in this way, it properly redirects to home.

Any suggestions on why that might be happening?
Any potential workarounds?

I tried adding a redirect at the host level so that index.php/register redirects to the home page, but that breaks registration. :)

Please Log in or Create an account to join the conversation.

  • Sinned
  • Sinned
  • OFFLINE
  • Posts: 3
  • Thanks: 0
  • Karma: 0
11 years 3 months ago - 11 years 3 months ago #234175 by Sinned
I've been able to workaround using this at the top of error.php
Code:
$referrer = $_SERVER['HTTP_REFERER']; if (stristr($referrer, "register")) { header('Location: http://www.<domain>.com'); exit; }
But definitely isn't ideal. Seems like a permissions issue with registered users not having access to index.php/register but I'm not sure how to change that.
Last edit: 11 years 3 months ago by Sinned. Reason: forgot to add which page the workaround code is running on

Please Log in or Create an account to join the conversation.

  • Sinned
  • Sinned
  • OFFLINE
  • Posts: 3
  • Thanks: 0
  • Karma: 0
11 years 3 months ago #234179 by Sinned
Actually, spending some more time looking at the configuration, it appears I might be able to avoid this by using

URL for first login visit

if I'm properly understanding how that setting is applied?

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum