Search code examples
phpcakephpcakephp-1.3

CakePHP giving error 302 (due to sessions?) after migrating a website


I have to migrate CakePHP 1.3.0 website which uses PHP 5.6 version, in this case from CPanel to Plesk, I tried using Plesk Migrator extension, for those who don't know it, it connects to source server and brings everything automatically, but for this website gave me issues. I tried migrating the website manually but I got issues too.

When previewing the website I only get "ERR_TOO_MANY_REDIRECTS" or 302 codes. Researching I found out that this problem could be related to sessions, but I'm not 100% sure that's the problem.

This is the current core.php file (I have to censor sensitive info):

<?php
    if( isset($_SERVER['REMOTE_ADDR'] ) && ($_SERVER['REMOTE_ADDR'] == 'XX.XXX.XXX.XX' || $_SERVER['REMOTE_ADDR'] == 
'XX.XX.XXX.XXX'))
  {
    Configure::write('debug', 1);
  }

  else
          Configure::write('debug', 1);


    Configure::write('App.encoding', 'UTF-8');

    Configure::write('Routing.prefixes', array('admin'));

    define('LOG_ERROR', 2);

    Configure::write('Session.save', 'php');

    Configure::write('Session.cookie', 'CAKEPHP');

    Configure::write('Session.timeout', '120');

    Configure::write('Session.start', true);

    Configure::write('Session.checkAgent', false);

    Configure::write('Security.level', 'low');

    Configure::write('Security.salt', 'f7e2b4XXXXXXXXXXXXXXXXXXXXXXXXXXeed5a');

    Configure::write('Acl.classname', 'DbAcl');
    Configure::write('Acl.database', 'default');

    Cache::config('default', array('engine' => 'File', 'path'=> CACHE, 'duration' => '1 day'));

    Configure::write('Cache.disable', true);
    Configure::write('Cache.check', true);
    
  Configure::write ('site_env', 'production');

if( isset($_SERVER['REMOTE_ADDR'] ) && ($_SERVER['REMOTE_ADDR'] == 'XX.XX.XXX.XXX'))
   Configure::write ('site_env', 'development');
  
  Configure::write( 'App.theme', 'forma');
  
  Configure::write( 'App.mail_form', '[email protected]');

  Configure::write ('Google.map_key', 'ABQIAAAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2n7Q');

?>

Looks like this website was using PHP to persist sessions. According to official documentation it saves session files as indicated by php.ini. php.ini default location is session.save_path = "/var/lib/php/session" , which exists and it has permissions, since other domains are using the same one too. For some reason I don't understand it's not working.

The DocumentRoot and the database connection are established, I'm sure because if I remove any of both the website returns different errors.

What can I do to make it work (in case of sessions are the source of the problem)? I don't mind moving to cake or database sessions if these are easier to configure. In any case I wasn't able to configure them because I didn't find many helpful guides.

EDIT1: I changed session.save_path value to the following one: /var/www/vhosts/domain.com/httpdocs/tmp/sessions

[root@server02 ~]# ls -lah /var/www/vhosts/domain.com/httpdocs/tmp/
total 16K
drwxr-xr-x  7 formamus psacln    73 abr  6  2020 .
drwxr-x--- 18 formamus psaserv 4,0K ago 13 11:32 ..
drwxrwxrwx  5 formamus psacln    51 abr  6  2020 cache
drwxrwxrwx  2 formamus psacln    26 abr  6  2020 files
drwxrwxrwx  2 formamus psacln     6 abr  6  2020 logs
drwxrwxrwx  2 formamus psacln  8,0K ago 14 10:59 sessions
drwxrwxrwx  2 formamus psacln     6 abr  6  2020 tests

Now session files are being created and saved in the specified path, but the website still gives error 302 (I already tried with different browsers and deleting cache), so I don't know which is the problem.

EDIT2: My post may look similar to Debugging a Browser Redirect Loop , but I've tried to apply the answers written in that post without success. There is big difference between both posts, my website returns 302 the moment I access it (it shouldn't, the production one works), the website of the other guys post gets the 302 code when accessing the login.

I actually wasn't even able to add the debugging code to AppController::beforeFilter(), there is no such thing in the whole website, I made sure with the following command.

[root@server02 ~]# grep -rli "AppController::beforeFilter" /var/www/vhosts/domain.com/
[root@server02 ~]#

It has to be a different version compared to the similar post, that makes my post different enough. I don't really know what to try now, I'm not familiar with CakePHP, only know the basics to defend myself and this is out of my knowledge.

EDIT3: Researching I found out that if I load http://example.com/users/index it loads, without CSS, HTML only, a part of the website and some errors.

These are the errors displaying:

Strict Standards: Non-static method Configure::read() should not be called statically in /var/www/vhosts/example.com/cakephp/1.3.0/cake/basics.php on line 210

Strict Standards: Non-static method Configure::getInstance() should not be called statically in /var/www/vhosts/example.com/cakephp/1.3.0/cake/libs/configure.php on line 154

Notice (8): Undefined index: Metas [APP/views/helpers/shtml.php, line 785]
Code | Context

ShtmlHelper::metas() - APP/views/helpers/shtml.php, line 785
include - APP/plugins/forma/views/themed/forma/layouts/default.ctp, line 8
View::_render() - CORE/cake/libs/view/view.php, line 723
View::renderLayout() - CORE/cake/libs/view/view.php, line 482
View::render() - CORE/cake/libs/view/view.php, line 428
Controller::render() - CORE/cake/libs/controller/controller.php, line 909
ErrorHandler::_outputMessage() - CORE/cake/libs/error.php, line 457
ErrorHandler::missingAction() - CORE/cake/libs/error.php, line 224
AppError::missingAction() - APP/app_error.php, line 94
Object::dispatchMethod() - CORE/cake/libs/object.php, line 112
AppError::__construct() - APP/app_error.php, line 51
Object::cakeError() - CORE/cake/libs/object.php, line 199
Dispatcher::_invoke() - CORE/cake/dispatcher.php, line 202
Dispatcher::dispatch() - CORE/cake/dispatcher.php, line 171
[main] - APP/webroot/index.php, line 91

Notice (8): Undefined property: othAuthHelper::$hashkey [APP/views/helpers/oth_auth.php, line 39]
Code

othAuthHelper::sessionValid() - APP/views/helpers/oth_auth.php, line 39
othAuthHelper::user() - APP/views/helpers/oth_auth.php, line 45
HpluginsHelper::adminLinks() - APP/views/helpers/hplugins.php, line 621
include - APP/plugins/forma/views/themed/forma/layouts/default.ctp, line 59
View::_render() - CORE/cake/libs/view/view.php, line 723
View::renderLayout() - CORE/cake/libs/view/view.php, line 482
View::render() - CORE/cake/libs/view/view.php, line 428
Controller::render() - CORE/cake/libs/controller/controller.php, line 909
ErrorHandler::_outputMessage() - CORE/cake/libs/error.php, line 457
ErrorHandler::missingAction() - CORE/cake/libs/error.php, line 224
AppError::missingAction() - APP/app_error.php, line 94
Object::dispatchMethod() - CORE/cake/libs/object.php, line 112
AppError::__construct() - APP/app_error.php, line 51
Object::cakeError() - CORE/cake/libs/object.php, line 199
Dispatcher::_invoke() - CORE/cake/dispatcher.php, line 202
Dispatcher::dispatch() - CORE/cake/dispatcher.php, line 171
[main] - APP/webroot/index.php, line 91


Missing Method in UsersController

Error: The action index is not defined in controller UsersController

Error: Create UsersController::index() in file: httpdocs/controllers/users_controller.php.

<?php
class UsersController extends AppController {

    var $name = 'Users';


    function index() {

    }

}
?>

Notice: If you want to customize this error message, create httpdocs/views/errors/missing_action.ctp.

Solution

  • I finally solved the issue. The 302 redirection loop was caused by HTTPS not because of PHP sessions. The answer wasn't just using HTTP instead in the URL, in order to make it work I had to disable the permanent redirect from HTTP to HTTPS in my hosting panel (Plesk in my case), which obviously is enabled by default, as explained here. Note that the way to disable it may vary deppending on the hosting panel.