New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Duplicate login forms on the authentication page #8337
Comments
Hi @Amenel Thanks for the report. Can you somehow reproduce this bug on demo.piwik.org? do you have this issue in 2.14.0 as well? |
I don't see a version number on the Dashboard, unless it's somewhere I don't know of. |
Do you have any additional plugins installed? |
No. Aside from having activated or deactivated plugins that are in the default package, I haven't added any "additional" plugins. My website is khalemy.com and piwik is in the "analytics" subdomain. The following URL shows one login form: https://analytics.khalemy.com/index.php?module=CoreHome&action=&period=range&date=last30 This one shows two login forms: https://analytics.khalemy.com/index.php?module=CoreHome&action=index&idSite=1&period=range&date=last30&activated= The differences lie in the params action, idSite and activated. The subdomain is accessible via HTTPS and plain HTTP but I don't think this matters. Tested two minutes ago with the latest Chromium (46.0.2460.0). Thanks. |
Thanks for the links. The whole HTML page appears twice in the page, see the source: view-source:https://analytics.khalemy.com/index.php?module=CoreHome&action=index&idSite=1&period=day&date=yesterday Could it be something like a nginx config issue for example? |
Or actually do you have plugins like LoginLdap or LoginHttpAuth installed and enabled? It seems all the "login" kind of plugins listen to the |
Yes, LoginLdap is installed and activated. We use LDAP as a central authentication DB. I'll see whether the default Piwik login is activated and if so, find out how to deactivate it. We might be on to something here. EDIT: I confirm that disabling the Login plugin solves this duplication of the login form. Maybe the information could find its way in a FAQ? Thanks all for the time spent on this. |
It seems LoginLdap is supposed to deactivate the Login plugin when it is enabled: https://github.com/piwik/plugin-LoginLdap/blob/master/LoginLdap.php#L86-L88 Maybe that didn't work for some reason, or the Login plugin got re-enabled somehow. |
If you still experience this issue please re-open / leave a comment. We couldn't reproduce with LoginLdap |
I've seen on my Dashboard that a user had visited the page with the following URL fragment on my Piwik subdomain.
URL: /index.php?module=CoreHome&action=index&idSite=1&period=range&date=last30&activated=
I have entered that URL (as a suffix to my analytics subdomain) in a browser and what I faced was a duplicate login form, with the same form (that has fields User name, User password, Remember me, etc.) presented to me twice.
Screenshot (page zoomed out at 67%) below. I guess this was not intended.
The text was updated successfully, but these errors were encountered: