SarahB12 Posted November 10, 2016 Share Posted November 10, 2016 Hey guys! I'm having an issue with (I believe) WordPress sessions. I have a front-end user upload option that uses the WordPress media upload, which works flawlessly without https. When I switch the site over to https and try to upload media, the async-upload.php file is called (when uploading) and I am immediately logged out of the site, before the upload completes. Here is what I have in my wp-config file: define('WP_HOME','https://www.domain.com'); define('WP_SITEURL','https://www.domain.com'); define('FORCE_SSL_LOGIN', true); define('FORCE_SSL_ADMIN', true); Again, if I use http the upload works flawlessly, but as soon as I switch to https I'm logged out as soon as I initiate the upload. Any help would be appreciated! Thanks! ~Sarah Quote Link to comment Share on other sites More sharing options...
requinix Posted November 10, 2016 Share Posted November 10, 2016 Is the upload page on an HTTPS URL? Is the action of the upload form using an HTTPS URL? Quote Link to comment Share on other sites More sharing options...
SarahB12 Posted November 10, 2016 Author Share Posted November 10, 2016 Is the upload page on an HTTPS URL? Is the action of the upload form using an HTTPS URL? Hi requinix - Yes and yes. Quote Link to comment Share on other sites More sharing options...
requinix Posted November 10, 2016 Share Posted November 10, 2016 Use your browser's "developer tools" or whatever to look at the HTTP request made when uploading the file. Does the browser include a Cookie header with the request that matches the session cookie? Quote Link to comment Share on other sites More sharing options...
SarahB12 Posted November 10, 2016 Author Share Posted November 10, 2016 Use your browser's "developer tools" or whatever to look at the HTTP request made when uploading the file. Does the browser include a Cookie header with the request that matches the session cookie? Yes, cookies are set until I begin to upload media and the async-upload.php file is called. As soon as the async-upload.php is called the cookies expire and I'm sent to the admin login screen. Quote Link to comment Share on other sites More sharing options...
requinix Posted November 10, 2016 Share Posted November 10, 2016 Does the browser show any requests to any pages that aren't HTTPS? Do you have any custom code in place for the upload form, the upload process, or logging in? Quote Link to comment Share on other sites More sharing options...
SarahB12 Posted November 10, 2016 Author Share Posted November 10, 2016 Does the browser show any requests to any pages that aren't HTTPS? Do you have any custom code in place for the upload form, the upload process, or logging in? I ran across this post: https://wordpress.org/support/topic/error-from-async-uploadphp-redirect-302-with-ssl-enabled/ This seems to be the exact same issue, but there isn't a solution posted. Quote Link to comment Share on other sites More sharing options...
Solution SarahB12 Posted November 10, 2016 Author Solution Share Posted November 10, 2016 Resolved the issue. Had to do with the wp_signon function: https://codex.wordpress.org/Function_Reference/wp_signon Had to change: //wp_signon( $login_data, false ); wp_signon( $login_data, true ); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.