Login Redirects Back To Itself Magento 1.5

Magento 1.5.1.0 CE

In a multi-store environment, the user may experience issues trying to login to their account on Magento CE pre-1.7. Any of the following symptoms may be present:

  • Login page just redirects, no error or success message, user is not logged in.
  • Admin sessions are unaffected, and admin users can login normally.
  • Login may succeed if there is an admin session underway.
  • Login may succeed randomly, or if a specific path to the login page is followed.

If yours is instead a Magento version greater than 1.7 CE and you are getting one or more of these issues, check that the hidden form_key fields are present in your theme files. Onwards!

Update The Core Files

As most Magento developers know, you never, ever update the core files, but I’m going to make an exception for this issue! The only time one should ever modify the core files to Magento is if we don’t care what happens to our change upon an update of the Magento Core (version upgrades, for example).

Since this issue is specific to Magento 1.5.1.0, we can safely modify the core file(s) in this case. Around line 78 of the Session Varien Class, inside the start method, we have the following block of code;

File: app/code/core/Mage/Core/Model/Session/Abstract/Varien.php

1
2
3
4
5
6
7
$cookieParams = array(
    'lifetime' => $cookie->getLifetime(),
    'path'     => $cookie->getPath(),
    'domain'   => $cookie->getConfigDomain(),
    'secure'   => $cookie->isSecure(),
    'httponly' => $cookie->getHttponly()
);

We need to keep the array elements since they are referenced elsewhere, so instead we set them to empty. Change the code block as follows;

File: app/code/core/Mage/Core/Model/Session/Abstract/Varien.php

1
2
3
4
5
6
7
8
9
10
$cookieParams = array(
    'lifetime' => $cookie->getLifetime(),
    'path'     => $cookie->getPath(),
    'domain'   => '',
    'secure'   => '',
    'httponly' => ''
    //'domain'   => $cookie->getConfigDomain(),
    //'secure'   => $cookie->isSecure(),
    //'httponly' => $cookie->getHttponly()
);

Conclusion

Once you have saved the changes, you will need to flush the cache, or (better yet) the var folder in your Magento root directory. Also, if you are using an opcode caching system (Memcached, APC, etc), that should also be flushed.

Leave a Reply

Your email address will not be published. Required fields are marked *