HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


[Solved] Login-block issue

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#102071 (In Topic #20010)
Avatar

Well-settled

"Last active" not updating on login

Greetings,

For some reason, in my side_personal_stats block, the "Last Active" output displays the join-date of a user (including myself) and this never updates - it's behaved like that from Day One! Obviously the display wouldn't be there at all if I hadn't ticked the option for it in Configurations, so the problem can't be that. Please, can anybody tell me what I need to do to get the feature to update?

Thanks for reading!


Last edit: by RichT
Back to the top
 
Posted
Rating:
#102098
Avatar

What forum driver are you using? It depends on the forum maintaining it. If you're using OCF, it should be done within ocPortal.

If you're logging in via setting an IP address backdoor, the code tells me this bypasses the code that maintains that timestamp.

Other than that, I can't see a possible cause. It works on my machine.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102108
Avatar

Well-settled

Hi Chris, thanks for your reply.

I'm using OCF, and logins are straightforward username + password (unless there's some kind of hidden IP aliasing option configured that I'm unaware of - I don't see any obvious check-box in my Configs pages providing that option; I do have the "Enforce IP addresses for sessions" enabled as recommended - that couldn't be the cause, could it?)

Since IP address seems to be the critical factor, I'm wondering at this point whether my issue isn't in any way related to the fact that in my Private Topics notifications, IP addresses aren't displaying - I merely get "IP address:(3)" outputted invariably. Does that suggest anything to you, or is it a totally independent issue?

Would it be worthwhile for me to check the code maintaining the timestamp - and perhaps post a screenshot of it. I presume it's within a template, though I don't know which one.

Kind regards,

Richard
Back to the top
 
Posted
Rating:
#102109
Avatar

Well-settled

Oops - the emoticon displays instead of my intended colon (I used Quick Reply)!
Back to the top
 
Posted
Rating:
#102112
Avatar

Since IP address seems to be the critical factor

It's probably in no way related. I just mentioned it for completeness, in case you had manually turned on that particular feature in the base configuration.

in my Private Topics notifications, IP addresses aren't displaying

As far as I am aware, IP addresses would not be in any notifications related to private topics. I'm not sure what you're seeing, unless someone actually typed the phrase into an actual private topic with you. Or, perhaps you mean you set some notifications to go to private topics, and it's for something like a suspected-hack-attack notification – but it shouldn't ever have "3" as an IP address.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102113
Avatar

Ok more possibilities
  1. If you've done something weird with your flood control times, such as putting in really long flood control times (seems unlikely, as it would break everything)
  2. If you're running the XML database driver rather than something like MySQL (again, seems unlikely, given we say it's for development only, and isn't very stable – you'd have noticed other issues). We don't update minor tracking values for the XML database as it uglifies RCS commits, and the XML DB is intended only for use with an RCS.
  3. If your server clock is giving odd values, a time in the past (again, seems unlikely).

For reference, it is controlled by this code in sources/forum/ocf.php:

Code

function ocf_flood_control($id)
{
   global $NON_PAGE_SCRIPT;
   if ($NON_PAGE_SCRIPT==1) return;

   global $FLOOD_CONTROL_ONCE;
   if ($FLOOD_CONTROL_ONCE) return;
   $FLOOD_CONTROL_ONCE=true;

   if (get_page_name()=='join') return;
   if ((!running_script('index')) && (!running_script('iframe'))) return;
   if ($GLOBALS['IS_VIA_BACKDOOR']) return;

   ...

   $restrict=... 'flood_control_access_secs';
   $restrict_setting=... 'm_last_visit_time';
   $restrict_answer=ocf_get_best_group_property($this->get_members_groups($id),$restrict);
   ...
   $last=$this->get_member_row_field($id,$restrict_setting);
   ...
   $wait_time=$restrict_answer-time()+$last;

   ...

   $dif=time()-$this->get_member_row_field($id,'m_last_visit_time');

   ...

   if ((...) || (... ($dif>$wait_time)))
   {
      if ((...) || ($dif>180) || (...))
      {
         ...
         $change_map=array('m_last_visit_time'=>time());
         ...

         if (get_db_type()!='xml')
            $this->connection->query_update('f_members',$change_map+$extra,array('id'=>$id),'',1,NULL,false,true);
      }
   }
}
(I've gone over the logic a few times and can't see any issue, plus tried to reproduce the issue a few times)

If nothing I said instantly tells you the cause, I am willing to take a look on your server, as I haven't got anything else to go on. You'd need to open a bug report ticket.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102114
Avatar

Also I considered cases where Facebook login or OpenID login or LDAP login were used, and those should all work too, as every time a session is recalled, ocf_flood_control is hit. ocf_flood_control handles flood control as well as general visit time maintenance.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102122
Avatar

Well-settled

Many thanks for your latest 3 posts, Chris.

you said

 I just mentioned IP Adress for completeness, in case you had manually turned on that particular feature in the base configuration.

I can't seem to track down that option - please could you point me to its location?

you said

As far as I am aware, IP addresses would not be in any notifications related to private topics. I'm not sure what you're seeing, unless someone actually typed the phrase into an actual private topic with you. Or, perhaps you mean you set some notifications to go to private topics, and it's for something like a suspected-hack-attack notification – but it shouldn't ever have "3" as an IP address.

Yes, the Private Topics notifications in question are specifically with regard to hack-attacks monitoring (ie., reporting users accessing my Adminzone. There are currently two such users (both Super-moderators) with access permission, and for both, notifications display IP Address: 3 (in curly brackets). I don't know what the "3" represents - it's neither the Member ID nor their Usergroup ID (reflecting Usergroup ordering).

you said

If you've done something weird with your flood control times, such as putting in really long flood control times (seems unlikely, as it would break everything)

Global Privileges: all Usergroups have "Bypass Flood Control" disabled;
Usergroups: All individual Usergroup Flood Control settings (for access and submission time) are set to "0"

you said

If you're running the XML database driver rather than something like MySQL (again, seems unlikely, given we say it's for development only, and isn't very stable – you'd have noticed other issues).

I can't answer that one, as I don't know where to check on what's actually running. Are there settings options for this in Configurations somewhere?

you said

If your server clock is giving odd values, a time in the past 

Judging on the basis of dates of file-modifications recorded in my cPanel, no issue there.

you said

Also I considered cases where Facebook login or OpenID login or LDAP login were used, and those should all work too, as every time a session is recalled, ocf_flood_control is hit. ocf_flood_control handles flood control as well as general visit time maintenance.

I'm not using any of those methods.

Additionally, I've noticed that in members profiles, the "Details" box displays the same info as side_personal_stats as regards "most recently online" - ie, the member's join date. By contrast, their "Activity" box correctly displays their most recent submission-time, and also their IP Address.
 
I don't know if any of these replies offer you any clues - or should I consider proceeding with filing a bug report as you suggested?

Many thanks for your time and patience!

Richard
Back to the top
 
Posted
Rating:
#102125
Avatar

I can't seem to track down that option - please could you point me to its location?

Set via /config_editor.php, backdoor_ip option.

Yes, the Private Topics notifications in question are specifically with regard to hack-attacks monitoring (ie., reporting users accessing my Adminzone. There are currently two such users (both Super-moderators) with access permission, and for both, notifications display IP Address: 3 (in curly brackets). I don't know what the "3" represents - it's neither the Member ID nor their Usergroup ID (reflecting Usergroup ordering).

Really strange. I just tested a hack-attack and could not reproduce, or see how it could happen. I would have thought someone would have reported something like that. I wondered if somehow the server is misreporting the IP address to ocPortal, but I checked the code and it would just put the address as blank. I wonder if perhaps some kind of security filter is changing something somewhere in the output flow, but it's bizarre.

I can't answer that one, as I don't know where to check on what's actually running. Are there settings options for this in Configurations somewhere?

Honestly, you'd be wasting your time looking into each thing I said, I only wanted to mention in case it triggered any immediate memory of setting something. It'd take me 5 minutes to step through the code to see what is happening, but we could talk in circles for hours about what different code paths might potentially be running and probably still not solve this ;).


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102263
Avatar

Well-settled

Hi Chris,

Many thanks for your last post - I do hope you'll forgive my very long delay replying, but unexpected circumstances have prevented me from website work between then and now.

Re-reading your last paragraph, I really would be immensely grateful for your looking through my relevant code for these two weird behaviours  some time, if you're still willing to? If so, then naturally I could set  a cPanel password and create a site admin account for you, but I'd need your advice as to how to convey the details thereof to you - should I send them as a whispered post here, email them to you...? 

Best regards,

Richard
Back to the top
 
Posted
Rating:
#102267
Avatar

Please open a bug report ticket:

https://ocportal.com/site/tickets/ticket.htm?ticket_template=bug&cost=free

There's no need to re-describe the problem, as you have done so here. Just provide a link to this topic.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102280
Avatar

Last activity:
Was a bug in 9.0.9 I'd forgotten about. Patch applied.

Curly bracket thing:
Actual new bug. That notification (the Admin Zone front page accessed one) isn't on by default, I guess not many people noticed that before.

Btw, you may want to remove the negative top margin on the .global_side_panel selector in your theme's global.css. It's pushing your navigation slightly too high.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#102284
Avatar

Well-settled

Hi Chris

Boundless thanks for your time on my site and finally fixing the Last Active issue for me - it's hugely pleasing to see this working at long last. I also feel I owe you an apology - for not having thought to look on the issue-tracker list for v9.0.9 before opening my topic and trying the fix out for myself - there it is indeed, #1375!
I guess I'm still learning (from you especially :$) the preliminary steps I ought to be taking routinely in such circumstances!

And the IP address bug seems to have vanished too: I triggered an alert notification for myself just now, and as the screenshot here shows, the address is now displaying perfectly:

Since you said my issue was a genuine bug in its own right, I'm assuming you needed to take a second on-site visit to fix it - in which case, I have to double my thanks!

And still further thanks for your observation about the site zone side-panel - getting it to display uniformly on different pages (with variations in block-content) has required quite a lot of trial-and-error getting-to-grips with the box-nesting involved (global_side_panel, panel_left, box_inner etc.), and the negative margin value is something of a temporary measure.  But I reckon I'm pretty much on the verge of cracking the rationale and cleaning up my currently messy global.css (which I'm sure looks awful to you!)

If you're done with my site for now, please let me know and I'll reset your account passwords.

Best wishes and regards,

Richard
Back to the top
 
Posted
Rating:
#102285
Avatar

I also feel I owe you an apology

Don't worry about it. It's just as bad that I forgot about the bug ;).

I'm assuming you needed to take a second on-site visit to fix it

Did it all at once. Took me a about 3 minutes.

If you're done with my site for now, please let me know and I'll reset your account passwords.

Yes, no further access is required.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: