Skip to:
Content

Opened 10 months ago

Closed 9 months ago

Last modified 8 months ago

#5080 closed defect (bug) (fixed)

Buddypress sidebar login broken under specific conditions - appears to be a result of the ordering of parameters in query

Reported by: newbiesteve Owned by: johnjamesjacoby
Milestone: 1.8 Priority: normal
Severity: major Version: 1.7
Component: Theme Keywords: dev-feedback
Cc:

Description

Logging in through the BuddyPress sidebar results in a 408 or 500 error in specific situations. wp-login.php works as normal.

Environment Details:

Investigation:
I used firebug to compare the HTTP POST messages being sent when I log in through the sidebar or directly through wp-login.php. The only difference I saw between the two was:

Sidebar login order of parameters (broken): login, password, redirect, wp-submit, testcookie
wp-login.php login order of parameters: login, password, wp-submit, redirect, testcookie

I don’t know why they’re swapped in the sidebar code. I also don’t know how or why swapping them could result in working in some environments and timing out in others. Can anyone else chime in here?

Solution:
In bp-themes\bp-default\sidebar.php, find this code:

<?php do_action( 'bp_sidebar_login_form' ); ?>
<input type=”submit” name=”wp-submit” id=”sidebar-wp-submit” value=”<?php _e( 'Log In', 'buddypress' ); ?>” tabindex=”100″ />

Swap these two lines:

<input type=”submit” name=”wp-submit” id=”sidebar-wp-submit” value=”<?php _e( 'Log In', 'buddypress' ); ?>” tabindex=”100″ />
<?php do_action( 'bp_sidebar_login_form' ); ?>

This seems to fix the issue by re-ordering the parameters in the query string to match that of wp-login.php.

Change History (4)

comment:1 r-a-y9 months ago

  • Keywords dev-feedback added

Thanks for testing and providing a solution, newbiesteve.

Very odd that the load order of the login parameters is causing this issue.

Unfortunately, I'm unable to duplicate the report, but I don't see a problem with adding this fix since it appears that a few other people are experiencing this problem.

comment:2 johnjamesjacoby9 months ago

  • Owner set to johnjamesjacoby
  • Resolution set to fixed
  • Status changed from new to closed

In 7267:

In bp-default, swap the 'bp_sidebar_login_form' action order. Also use esc_url() in bp_dtheme_sidebar_login_redirect_to() instead of esc_attr(). Fixes #5080.

comment:3 johnjamesjacoby9 months ago

  • Milestone changed from Awaiting Review to 1.8
Note: See TracTickets for help on using tickets.