Admin users can see Resource Browser files but web users cannot

Hello,

I’m running MODx using the parameters listed below, and I’m having a problem after fixing a different problem. Web users can no longer see the MCPuck Resource Browser or upload files etc. unless they are also logged into the MODx manager at the same time.

This only became a problem after I changed the session.save_path in php.ini to a local folder, as I’m on a shared server and the web users were getting logged out too quickly. It looks like I’ve fixed that problem, but now I have this new one.

Has anyone else experiecned this?

Web Server:
* PHP version 5.2.13
* Apache version 2.2.15
* Operating System Linux (no idea of the version)

Database:
* MySQL version 5.1.46-log
* no tables over a meg

MODx:
* Version 1.0.3
* Plugins: PHx

Browser/Client:
* Firefox 3.6.3 and Safari 4.0.5
* Mac OS X

check your configuration under the Interface and Features tab; down a ways is a setting for "Enable File Browser" and under that "Web users?".

Yes, that is switched on. As I said, this only started to be a problem when I switched the session.save_path directory from the universal one for everyone else on my shared server to a local directory. It is definitely related to that.

I’ve searched the forums extensively and tried out many of the ideas but no luck so far.

Hmmm. Are you sure the web users in question are logged in properly? Maybe their browsers need some cookie clearing.

With my own testing, I’ve tried deleting all my cookies and restarting my browser and there’s no difference.

If I log back into the manager after logging on as a web user, I can once more see the files and folders. As soon as I log out from the MODx manager and go to that same Resource Browser window, they’re all gone. I can replicate it over and over again.

I’m wondering if MCPuk is looking for the sessions in the wrong place and using the manager login as an alternative now that the user session directory has moved...?

It does start its own session using the startCMSSession() function in the manager/includes/config.inc.php file. Where are you defining the session_save_path()?

(never mind; I see it’s in the php.ini which should have you convered)

Aha! I thought so... checking with my Sessions demo article, I see that when you log out of a Manager session the entire SESSION is cleared; you are no longer logged in as either a manager or a web user.

However, logging out of the web user session leaves a Manager login session alive (using WebLoginPE).

Okay, but the two users affected have never before logged in as managers and they alerted me to the problem.

Also, if I logout as a manager, the website obviously askes me to login again before I can access anything, which should surely reinstate the web user cookie.

Well, that’s how troubleshooting goes...one step at a time