S2 Login widget redirects to wp-login.php??

Hi! First, I’m fairly new to using WP and S2Member. I am using the S2Member pro version, giving our site access to your LogIn widget. However, upon logging in through the widget, as an administer/free subscriber (note: it is free to sign-up, but users must still be approved through our ‘Approve Users’ plugin), I am redirected first to http://aspel.org/wp-login.php where it says no data has been received. The user is then forced to hit refresh to bring up the wordpress backend log in. Is there a way to stop this from happening, so that by just entering your username & PW once, you stay on the main site and never see the WP backend?

Any and all advice is much appreciated! Thanks

• This topic was modified 3 years, 5 months ago by  Eduan. Reason: Moved to the customers forum

I am redirected first to http://aspel.org/wp-login.php where it says no data has been received. The user is then forced to hit refresh to bring up the wordpress backend log in.

OK that is strange. This is not meant to happen with the login widget. With the login widget they just login and that’s it.

Could you please try these common trouble shooting tips so that we make sure it’s not some conflict somewhere:
Knowledge Base » Common Troubleshooting Tips

Also, Bruce (support rep) has made a user approval plugin:
http://wordpress.org/plugins/member-approval/

In case you’re interested. :)

– Eduan

Hi Eduan,

Thank you for your reply. I tried deactivating all plugins and it still had me go through the same backend process as before. We are using a Headway theme, I’ll attach the info below, but I don’t think that should have an affect. My next step then would be to download the server scanner and see if that can pinpoint the issue?? Also, Bruce (sales rep) responded to my same post in the customers forum and said
“Any login form on your site should and probably does send the User to wp-login.php, which the values that they input in your form sent as POST vars to this page.”
and then suggested I use an AJAX login (which is working fine for now). However, it is more clutter in our plugins directory, so it would be preferred to use the S2member if possible. We are using a gravity form for user registration, which works fine. I’m not sure if that is what Bruce was referring too… Anyways, here is the theme info.

Thanks again for your response.

### Begin System Info ###

Child Theme: N/A

Multi-site: Yes

SITE_URL: http://aspel.org
HOME_URL: http://aspel.org

Headway Version: 3.5.5
WordPress Version: 3.5.2

PHP Version: 5.3.2-1ubuntu4.18
MySQL Version: 5.5.27-28.1-log
Web Server Info: Apache
GD Support: Yes

PHP Memory Limit: 256M
PHP Post Max Size: 100M

WP_DEBUG: Disabled
Debug Mode: Disabled

Show On Front: posts
Page On Front: 0
Page For Posts: 0

Amount of Posts: ~16
Amount of Pages: ~38
Amount of Blocks: ~141

Responsive Grid: Enabled

Caching Allowed: Yes
Caching Enabled: Yes
Caching Plugin: No caching plugin active

SEO Plugin: No SEO plugin active

Operating System: Windows
Browser: Google Chrome
Browser Version: 28.0.1500.72

Full User Agent:
Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36

WEB FONTS IN USE:
None

ACTIVE PLUGINS:
Akismet 2.5.8
http://akismet.com/?return=true

Gravity Forms User Registration Add-On 1.5.beta1
http://www.gravityforms.com

MaxButtons Pro 2.0.0
http://maxbuttons.com

New User Approve 1.4.2
http://www.picklewagon.com/wordpress/new-user-approve/

s2Member® Framework 130617
http://www.s2member.com/framework/

Shortcode Buddy 0.1.9.1
http://www.nueue.net/

Ultimate TinyMCE 4.7
http://www.plugins.joshlobe.com/

WordPress Shortcodes 1.5.5
http://synved.com/wordpress-shortcodes/

### End System Info ###

Cheers

Jan, could you please post your answer for Bruce in the other topic where he asked you for that info? Otherwise he’s never gonna get it.

Also is it OK with you if I move this to the customer support forums?

– Eduan

Yes, no problem Eduan, go ahead and change it over. I did not respond to Bruce as he had said that S2member login should send you to the wordpress back end to re-sign in. Or that is how I understood his answer at least. So I was and still am a bit confused on whether it is possible to use the s2member pro login widget without having to login twice?

Cheers

Thanks for the heads up on this thread :-)

I’m not seeing any plugins in the list above that would indicate a problem or conflict. I also took a look at your site and it appears to me (at least on the surface and in my login tests) that your installation of WordPress® is accepting logins via /wp-login.php OK now.

Is this still an issue for you? If so, please enable the Pro Login Widget again and send us a Dashboard login privately. We’ll take a quick look for you. Please use: s2Member® » Private Contact Form

~ Unable to reproduce this in our lab.

~ AUTO-GENERATED NOTICE

Action taken: I posted a private contact form and referenced this Topic.

Hi Mike,

Thank you for your feedback. I have sent you a private contact form as requested. I have re-enabled the S2member Pro Login and set you up with some admin details to login. This way, you can experience the issue we are having, which is, when you login, you have to do it twice, once on our homepage, and then you are redirected to the wp-login.php backend to do it a second time. I do not see the reason in this. For the time being, we have been using an Ajax Login plugin which does not have this problem for us. I hope this helps you out, and in turn helps us out.

Cheers,

Jon

Thanks for the follow-up.

Our techs looked at your installation and while they WERE able to reproduce this on your site, there’s been no indication that’s it’s actually a bug in the s2Member® software application. The working theory is that it’s a plugin conflict, or a server compatibility issue.

What we’ll need to do next is see this on a clean/test installation of WordPress® (on the same server); with only the s2Member® plugin active and running a default WP theme. If you/we can reproduce it there, it should give us everything we need to find the underlying cause.

It may also be worth your time to write your hosting company about this. It’s possible there is some security mechanism on the site that none of us are aware of, and they could help shed light on why this problem is occurring for you. It’s definitely not a widespread issue, it is likely server-specific, or installation-specific.

The clean/test installation may help reveal a potential conflict between two or more plugins that you’re currently running on the live site. This is often the case when mysterious issues like this arise.

Ok, thanks for the feedback Mike. I have asked WPEngine (our hosting site) about the issue and am waiting for a response. I did previously try to deactivate all plugins, and when all were deactivated (but S2member) the problem still occurred. This however was done on the live site.

So, will you guys be able to do the test? or is there something else we should do on our end until we here from our hosting site??

Thanks again.

Jon

The same thing is happening to my site and I am also using WP Engine. Did you ever get it fixed?

Hello,

First, Logan: no, not exactly. We contacted WP Engine who made a temporary change which is allowing it to work in the interim, but is without some security features.. Not quite sure what they are asking us to do.

Second, Mike: I have contacted our hosting company, WP Engine, and this was their response:

The problem on our platform comes from when the form is hard coded directly to “wp-login.php”. Here’s some example code from a similar issue:

<form action="/wp-login.php?redirect_to=” method=”post”>

To compare, here’s what WordPress uses in the “wp-login.php” file:

<form name="loginform" id="loginform" action="” method=”post”>

The most important part of the code from “wp-login.php” file is this portion:

site_url( ‘wp-login.php’, ‘login_post’ )

Our security measures rely on modifying the “site_url()” function when the second part of that function is “login_post”. If you’re not using the “site_url()” function, or if you’re are using the “site_url()” function but not “login_post”, then the custom login form is going to run into our security block.

Our engineers have recommended to modify the code to generate the login URL the same way that WordPress does because our system reads the direct call to wp-login.php.

So, in the interim, WPEngine has made it possible to make the requested updates to the login, however we are not quite sure what/where/how those should be done…?? maybe you could shed some light on that for us as WPEngine was a bit vague with it, considering we are very new to WP programming.

Thanks again for your help Mike, hope to hear from you soon.

Regards,
Jon

Logan, as this issue has been going on for about a month now, we did use an Ajax Login

(http://wordpress.org/plugins/login-with-ajax/)

which worked just fine, just without some of the features found with S2member, like redirecting to different pages after so many logins. We have now changed back for a short-time to the S2Member Login hoping to get it fixed.. If we cannot, we will go back to the Ajax Login. I hope this helps you out a bit.

Cheers,
Jon