Booked Scheduler Community Support
August 20, 2019, 02:50:22 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Booked is proud to recommend Shift Capsule in the employee shift scheduling space www.ShiftCapsule.com
 
   Home   Help Login Register  
Pages: [1]
  Print  
Author Topic: Unable to get past login screen  (Read 934 times)
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« on: February 12, 2019, 09:32:33 AM »

Hi,

Have tried to follow instructions outlined here http://php.brickhost.com/forums/index.php?topic=14567.0 to resolve the problem with redirects but it doesn't seem to do the trick for me.

The installation was successful yet after trying to register the first admin user, I am simply redirected to login screen. I tried 2.7.4, 2.6.8 and 2.5.3 (Nick corbell's youtube demo) installation not no avail. It is also a Linux hosted environment and I have full root access. The script.url is set as advised by the installer - https://domain_name/booked/Web

Can someone please throw some light on what I could be missing and I'd sincerely appreciate any troubleshooting steps.

Thanks much.
Logged
sunlight
Newbie
*

Karma: 0
Posts: 35


WWW
« Reply #1 on: February 12, 2019, 10:44:25 AM »

Enable logs (instructions on website) and take a look
Logged
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« Reply #2 on: February 12, 2019, 11:02:57 AM »

Hi @sunlight,

thanks - had already enabled logs and there is no error message generated. I have set the level to Debug and I can see my registered user authenticated successfully

2019-02-12T10:40:53+00:00 [15672] DEBUG default - [User=  ()] Trying to log in as: MySysAdmin [File=/home/webmanager/public_html/booked/lib/Application/Authentication/Authentication.php,Line=95]
2019-02-12T10:40:53+00:00 [15672] DEBUG default - [User=  ()] User was found: MySysAdmin [File=/home/webmanager/public_html/booked/lib/Application/Authentication/Authentication.php,Line=103]
2019-02-12T10:40:53+00:00 [15672] DEBUG default - [User=  ()] User: MySysAdmin, was validated: 1 [File=/home/webmanager/public_html/booked/lib/Application/Authentication/Authentication.php,Line=115]
2019-02-12T10:40:53+00:00 [15672] DEBUG default - [User=  ()] Logging in with user: MySysAdmin [File=/home/webmanager/public_html/booked/lib/Application/Authentication/Authentication.php,Line=121]

Nothing else appears here, so it hasn't particularly helped me. One thing that I did notice though is the user_session table in the database is empty. This is where my suspicion lies but then there is nothing in the logs either.

Could it be because I am using an hosted environment whereas everyone here is mostly using localhost? I have also check my php.ini for session.auto_start and it is set to 0 (disabled). Totally running out of ideas now. :-(
Logged
busywong
Newbie
*

Karma: 0
Posts: 9


« Reply #3 on: February 12, 2019, 01:59:26 PM »

Hi,

Did you set the default.homepage to "Login"? It will redirect you back to Login page after you log in.

After you login and got redirect to the login page, try https://domain_name/booked/Web/profile.php to change the default homepage.

Hope this help.
Logged
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« Reply #4 on: February 12, 2019, 05:00:02 PM »

Hi @busywong,

Thanks for the response.

If I am not wrong, default.homepage is a number and not a URL? The default configure I see for this setting is the following

$conf['settings']['default.homepage'] = '1';      // the default homepage to use when new users register (1 = Dashboard, 2 = Schedule, 3 = My Calendar, 4 = Resource Calendar)

I have still tried to go by your change but I am still redirected back to the same login page. My question with user_session table still remains as I can see the last login date in users table updates every time I login successfully.

Which part of the code is causing this redirect at login?
Logged
nwpro
Full Member
***

Karma: 0
Posts: 211


« Reply #5 on: February 12, 2019, 08:15:59 PM »

In my opinion it is one of two things:  1) something in your config file settings.  or 2) the program isn't fully loaded.  Typically with #2, the message is Error - return to your last page. 

If you are just using the program without any external authentication enabled, take a closer look at your config file and especially the URL parameter.  99% of the time for me, when I get the behavior you are describing, that is where the error is.
Logged
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« Reply #6 on: February 12, 2019, 11:01:20 PM »

Hi @nwpro,

Many thanks for the suggestion. I agree, can't be #2 cos there is no error message.

Config file - I have genuinely ran out of ideas. I have gone by the documentation in theory, so I could be completely missing something. My entire config settings below. I can't see anything specifically that would break the application but I must admit the suggestions relating to "script.url" varies from a simple "http:" to using the full URL to the Web directory. Have tried every possible combination suggested in this forum and none of which is working  Cry

Without a hint of doubt I am missing something but it is clearly not visible for me or based on what I looked in the documentation  Embarrassed

One question that still baffles me is that why the user_session table is still empty when I can see the last login date and time updated against the user record.

Code:
error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
//ini_set('display_errors', 1);
//ini_set('display_startup_errors', 1);

/**
 * Application configuration
 */
$conf['settings']['app.title'] = 'Booked Scheduler'; // application title
$conf['settings']['default.timezone'] = 'Europe/London';      // look up here http://php.net/manual/en/timezones.php
$conf['settings']['allow.self.registration'] = 'true';          // if users can register themselves
$conf['settings']['admin.email'] = 'admin@domain_name';         // email address of admin user
$conf['settings']['admin.email.name'] = 'Master Administrator'; // name to be used in From: field when sending automatic emails
$conf['settings']['default.page.size'] = '50';                  // number of records per page
$conf['settings']['enable.email'] = 'true';                     // global configuration to enable if any emails will be sent
$conf['settings']['default.language'] = 'en_us';                // find your language in the lang directory
$conf['settings']['script.url'] = 'https://domain_name/booked/Web';    // public URL to the Web directory of this instance. this is the URL that appears when you are logging in. leave http: or https: off to auto-detect
$conf['settings']['image.upload.directory'] = 'Web/uploads/images'; // full or relative path to where images will be stored
$conf['settings']['image.upload.url'] = 'uploads/images';       // full or relative path to show uploaded images from
$conf['settings']['cache.templates'] = 'true';                  // true recommended, caching template files helps web pages render faster
$conf['settings']['use.local.jquery'] = 'false';                // false recommended, delivers jQuery from Google CDN, uses less bandwidth
$conf['settings']['registration.captcha.enabled'] = 'false';     // recommended. unless using recaptcha this requires php_gd2 enabled in php.ini
$conf['settings']['registration.require.email.activation'] = 'false'; // requires enable.email = true
$conf['settings']['registration.auto.subscribe.email'] = 'false'; // requires enable.email = true
$conf['settings']['registration.notify.admin'] = 'false'; // whether the registration of a new user sends an email to the admin (ala phpScheduleIt 1.2)
$conf['settings']['inactivity.timeout'] = '30';      // minutes before the user is automatically logged out
$conf['settings']['name.format'] = '{first} {last}';      // display format when showing user names
$conf['settings']['css.extension.file'] = '';       // full or relative url to an additional css file to include. this can be used to override the default style
$conf['settings']['disable.password.reset'] = 'false';       // if the password reset functionality should be disabled
$conf['settings']['home.url'] = 'https://domain_name/booked/Web/dashboard.php';       // the url to open when the logo is clicked
$conf['settings']['logout.url'] = 'https://domain_name/booked/Web';       // the url to be directed to after logging out
$conf['settings']['default.homepage'] = '1';       // the default homepage to use when new users register (1 = Dashboard, 2 = Schedule, 3 = My Calendar, 4 = Resource Calendar)

$conf['settings']['schedule']['use.per.user.colors'] = 'false'; // color reservations by user
$conf['settings']['schedule']['show.inaccessible.resources'] = 'true';  // whether or not resources that are inaccessible to the user are visible
$conf['settings']['schedule']['reservation.label'] = '{name}';    // format for what to display on the reservation slot label.  Available properties are: {name}, {title}, {description}, {email}, {phone}, {organization}, {position}, {startdate}, {enddate} {resourcename} {participants} {invitees} {reservationAttributes}. Custom attributes can be added using att with the attribute id. For example {att1}
$conf['settings']['schedule']['hide.blocked.periods'] = 'false';    // if blocked periods should be hidden or shown

/**
 * ical integration configuration
 */
$conf['settings']['ics']['require.login'] = 'true';             // recommended, if the user must be logged in to access ics files
$conf['settings']['ics']['subscription.key'] = '';              // must be set to allow webcal subscriptions
/**
 * Privacy configuration
 */
$conf['settings']['privacy']['view.schedules'] = 'true';        // if unauthenticated users can view schedules
$conf['settings']['privacy']['view.reservations'] = 'false';    // if unauthenticated users can view reservations
$conf['settings']['privacy']['hide.user.details'] = 'false';    // if personal user details should be displayed to non-administrators
$conf['settings']['privacy']['hide.reservation.details'] = 'false'; // if reservation details should be displayed to non-administrators. options are true, false, current, future, past
$conf['settings']['privacy']['allow.guest.reservations'] = 'false'; // if reservations can be made by users without a Booked account, if true this overrides schedule and resource visibility
/**
 * Reservation specific configuration
 */
$conf['settings']['reservation']['start.time.constraint'] = 'future'; // when reservations can be created or edited. options are future, current, none
$conf['settings']['reservation']['updates.require.approval'] = 'false'; // if updates to previously approved reservations require approval again
$conf['settings']['reservation']['prevent.participation'] = 'false'; // if participation and invitation options should be removed
$conf['settings']['reservation']['prevent.recurrence'] = 'false'; // if recurring reservations are disabled for non-administrators
$conf['settings']['reservation']['enable.reminders'] = 'false'; // if reminders are enabled. this requires email to be enabled and the reminder job to be configured
$conf['settings']['reservation']['allow.guest.participation'] = 'false';
$conf['settings']['reservation']['allow.wait.list'] = 'false';
$conf['settings']['reservation']['checkin.minutes.prior'] = '5';
$conf['settings']['reservation']['default.start.reminder'] = ''; // the default start reservation reminder. format is ## interval. for example, 10 minutes, 2 hours, 6 days.
$conf['settings']['reservation']['default.end.reminder'] = ''; // the default end reservation reminder. format is ## interval. for example, 10 minutes, 2 hours, 6 days.
/**
 * Email notification configuration
 */
$conf['settings']['reservation.notify']['resource.admin.add'] = 'false';
$conf['settings']['reservation.notify']['resource.admin.update'] = 'false';
$conf['settings']['reservation.notify']['resource.admin.delete'] = 'false';
$conf['settings']['reservation.notify']['resource.admin.approval'] = 'false';
$conf['settings']['reservation.notify']['application.admin.add'] = 'false';
$conf['settings']['reservation.notify']['application.admin.update'] = 'false';
$conf['settings']['reservation.notify']['application.admin.delete'] = 'false';
$conf['settings']['reservation.notify']['application.admin.approval'] = 'false';
$conf['settings']['reservation.notify']['group.admin.add'] = 'false';
$conf['settings']['reservation.notify']['group.admin.update'] = 'false';
$conf['settings']['reservation.notify']['group.admin.delete'] = 'false';
$conf['settings']['reservation.notify']['group.admin.approval'] = 'false';
/**
 * File upload configuration
 */
$conf['settings']['uploads']['enable.reservation.attachments'] = 'false'; // if reservation attachments can be uploaded
$conf['settings']['uploads']['reservation.attachment.path'] = 'uploads/reservation'; // full or relative (to the root of your installation) filesystem path to store reservation attachments
$conf['settings']['uploads']['reservation.attachment.extensions'] = 'txt,jpg,gif,png,doc,docx,pdf,xls,xlsx,ppt,pptx,csv'; // comma separated list of file extensions that users are allowed to attach. leave empty to allow all extensions
/**
 * Database configuration
 */
$conf['settings']['database']['type'] = 'mysql';
$conf['settings']['database']['user'] = 'xxxxxxxx';        // database user with permission to the booked database
$conf['settings']['database']['password'] = 'xxxxxxxx';
$conf['settings']['database']['hostspec'] = 'localhost';        // ip, dns or named pipe
$conf['settings']['database']['name'] = 'bookedscheduler';
/**
 * Mail server configuration
 */
$conf['settings']['phpmailer']['mailer'] = 'mail';              // options are 'mail', 'smtp' or 'sendmail'
$conf['settings']['phpmailer']['smtp.host'] = '';               // 'smtp.company.com'
$conf['settings']['phpmailer']['smtp.port'] = '25';
$conf['settings']['phpmailer']['smtp.secure'] = '';             // options are '', 'ssl' or 'tls'
$conf['settings']['phpmailer']['smtp.auth'] = 'true';           // options are 'true' or 'false'
$conf['settings']['phpmailer']['smtp.username'] = '';
$conf['settings']['phpmailer']['smtp.password'] = '';
$conf['settings']['phpmailer']['sendmail.path'] = '/usr/sbin/sendmail';
$conf['settings']['phpmailer']['smtp.debug'] = 'false';
/**
 * Plugin configuration.  For more on plugins, see readme_installation.html
 */
$conf['settings']['plugins']['Authentication'] = '';
$conf['settings']['plugins']['Authorization'] = '';
$conf['settings']['plugins']['Permission'] = '';
$conf['settings']['plugins']['PostRegistration'] = '';
$conf['settings']['plugins']['PreReservation'] = '';
$conf['settings']['plugins']['PostReservation'] = '';
/**
 * Installation settings
 */
$conf['settings']['install.password'] = 'xxxxxxxxxxxxxxxxxxxxxxx';
/**
 * Pages
 */
$conf['settings']['pages']['enable.configuration'] = 'true';
/**
 * API
 */
$conf['settings']['api']['enabled'] = 'false';
/**
 * ReCaptcha
 */
$conf['settings']['recaptcha']['enabled'] = 'false';
$conf['settings']['recaptcha']['public.key'] = '';
$conf['settings']['recaptcha']['private.key'] = '';
/**
 * Email
 */
$conf['settings']['email']['default.from.address'] = '';
$conf['settings']['email']['default.from.name'] = '';
/**
 * Reports
 */
$conf['settings']['reports']['allow.all.users'] = 'false';
/**
 * Account Password Rules
 */
$conf['settings']['password']['minimum.letters'] = '6';
$conf['settings']['password']['minimum.numbers'] = '0';
$conf['settings']['password']['upper.and.lower'] = 'false';
/**
 * Label display settings
 */
$conf['settings']['reservation.labels']['ics.summary'] = '{title}';
$conf['settings']['reservation.labels']['ics.my.summary'] = '{title}';
$conf['settings']['reservation.labels']['rss.description'] = '<div><span>Start</span> {startdate}</div><div><span>End</span> {enddate}</div><div><span>Organizer</span> {name}</div><div><span>Description</span> {description}</div>';
$conf['settings']['reservation.labels']['my.calendar'] = '{resourcename} {title}';
$conf['settings']['reservation.labels']['resource.calendar'] = '{name}';
$conf['settings']['reservation.labels']['reservation.popup'] = ''; // Format for what to display in reservation popups. Possible values: {name} {dates} {title} {resources} {participants} {accessories} {description} {attributes} {pending} {duration}. Custom attributes can be added using att with the attribute id. For example {att1}
/**
 * Security header settings
 */
$conf['settings']['security']['security.headers'] = 'false'; // Enable the following options
$conf['settings']['security']['security.strict-transport'] = 'true';
$conf['settings']['security']['security.x-frame'] = 'deny';
$conf['settings']['security']['security.x-xss'] = '1; mode=block';
$conf['settings']['security']['security.x-content-type'] = 'nosniff';
$conf['settings']['security']['security.content-security-policy'] = "default-src 'self'"; // Requires careful tuning (know what your doing)
/**
 * Google Analytics settings
 */
$conf['settings']['google.analytics']['tracking.id'] = ''; // if set, Google Analytics tracking code will be added to every page in Booked

$conf['settings']['authentication']['allow.facebook.login'] = 'false';
$conf['settings']['authentication']['allow.google.login'] = 'false';
$conf['settings']['authentication']['required.email.domains'] = '';
$conf['settings']['authentication']['hide.booked.login.prompt'] = 'false';
$conf['settings']['authentication']['captcha.on.login'] = 'false';
/**
 * Credits functionality
 */
$conf['settings']['credits']['enabled'] = 'false';
Logged
nwpro
Full Member
***

Karma: 0
Posts: 211


« Reply #7 on: February 13, 2019, 12:53:56 AM »

Change: $conf['settings']['security']['security.content-security-policy'] = "default-src 'self'"; // Requires careful tuning (know what your doing)

to:

$conf['settings']['security']['security.content-security-policy'] = '';

Other changes:
$conf['settings']['script.url'] = '//domain_name/booked/Web';
$conf['settings']['home.url'] = '';
$conf['settings']['logout.url'] = '';

Also, the issue might be in your .htaccess file.

Good luck
Logged
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« Reply #8 on: February 13, 2019, 09:38:37 AM »

Hi @nwpro,

Many thanks again for helping with the config.

I have changed the settings as advised but I still seeing a failed redirect

I have also checked my .htaccess file on the root directory of booked installation and I am not sure if I am misinterpreting these. I have kept the default rules that came with the installation.

Code:
RewriteEngine On
# Set RewriteBase if your physical path is different from the URL. For example, if using an alias

# Uncomment the following two lines to force HTTPS
#RewriteCond %{HTTPS} off
#RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteRule ^Web - [L,NC]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ Web/$1 [QSA,L]

#Header Set Access-Control-Allow-Origin "*"
#php_value max_input_vars 10000

In conclusion, I think it could just be my hosting environment not helping me for some reason. Could it be the apache .conf file which is interfering? Although I must say I had installed Mantis bug tracker on the same directory and it worked like a charm without changing anything on the apache conf.

Many thanks for your help. Let me know if you have any other suggestions.
Logged
AshwinRaghavan
Newbie
*

Karma: 0
Posts: 7


« Reply #9 on: February 13, 2019, 09:58:00 AM »

Hi @nwpro,

Think I just had a "Eureka" moment ! Do you know I was constantly asking this question from my very initial thread as to why the user_session table appears to be empty all this while.

So I tried to search the logs deeper under the root folder where I have placed "booked" installation and to my surprise I found that the booked URL kept returning access denied error to write session data files to a certain tmp directory under a different folder. Did some more search and it revealed that I need to cross check the session.save_path parameter to ensure it is pointing correctly.

I just tried to give 0777 permissions to the tmp directory booked is currently trying to write files and to my surprise, I MANAGED TO LOGIN !  Cool Grin (Can't express that feeling completely!)

So my question would be is it possible to add session.save_path parameter outside of the php.ini directory just for "booked" installation? As I don't want to tweak the default settings on it and plus give global access to a certain tmp directory with session files making it vulnerable.

Any ideas would be sincerely appreciated and many thanks for the guidance thus far.
Logged
mzapico
Newbie
*

Karma: 0
Posts: 1


« Reply #10 on: July 03, 2019, 07:33:10 PM »

The same problem. Could you solve it?

Thxs
Logged
ScoJo
Newbie
*

Karma: 0
Posts: 10


« Reply #11 on: July 03, 2019, 10:48:09 PM »

I had the same issue with one of my installations, though not sure if it's your particular issue.

In the Configuration page or config.php file, script.url needed "http://" prepended to the localized URL.

$conf['settings']['script.url'] = 'http://yourRoot/Web';

Otherwise, you get 'yourRoot/Web/dashboard.php', for example, looping back to the localized URL and requiring a log in again.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.20 | SMF © 2006-2007, Simple Machines Valid XHTML 1.0! Valid CSS!