LWT authentication via Wordpress failing

[Redmattski]

Describe the bug
Multi user setup via wordpress authentication fails with the following message:
'PHP message: PHP Fatal error: Cannot redeclare get_version() (previously declared in /usr/share/webapps/wordpress/lwt/inc/kernel_utility.php:28) in /usr/share/webapps/wordpress/lwt/inc/kernel_utility.php on line 28'

To Reproduce
Steps to reproduce the behavior:

1. Setup Wordpress under wordpress.example.com
2. Install LWT as a subfolder under Wordpress
3. Fill in "connect_wordpress.inc.php" and rename to "connect.inc.php"
4. Restart Webserver and when accessing wordpress.example.com/lwt a blank page is shown

Expected behavior
The wordpress login screen should display and after one has logged in the LWT site should be visible.

Screenshots
N/A

Desktop (please complete the following information):

• OS: Arch Linux
• Browser Chromium
• Version 104.0.5112.101

Additional context
This originally worked before LWT was abandoned

[HugoFara]

Hello!

I investigated your issue and I think I pinpointed the cause. Can you try changing require 'kernel_utility.php'; by require_once 'kernel_utility.php'; at line 10 of inc/start_session.php (file start_session.php in folder inc)? It may try to redeclare functions, that should be the solution.

Please tell me if it worked, so that I can close the issue!

[Redmattski]

Hi

Thanks for investigating. I am still experiencing an underlying issue.
The webpage posts the error:
This page isn’t working wordpress.example.com redirected you too many times.

The error log reports:
[Tue Sep 06 19:03:45.690507 2022] [proxy_fcgi:error] [pid 27240:tid 140181711517376] [client 127.0.0.1:55836] AH01071: Got error 'PHP message: PHP Warning: Undefined global variable $$dsplerrors in /usr/share/webapps/wordpress/lwt/inc/start_session.php on line 51'

[HugoFara]

Hi!

Replacing $GLOBALS['$dsplerrors'] by $GLOBALS['dsplerrors'] (remove the $ in inc/start_session.php) should solve your issue. I don't know when these errors appeared, since I'm not using WordPress, and I avoid modifying the code related to it.

I will try to publish a bug fix release by the end of the week, since I also fixed problems with LOAD DATA and such.

[Redmattski]

Hi Hugo

The error log is now clear with the changes you identified. One issue is still persisting with too many redirects (ERR_TOO_MANY_REDIRECTS) apparently under wp_lwt_start.php

From the access log

127.0.0.1 - - [07/Sep/2022:08:11:48 +0200] "GET /lwt/wp_lwt_start.php?rd=wp_lwt_start.php%3Frd%3Dwp_lwt_start.php%253Frd%253Dwp_lwt_start.php%25253Frd%25253Dwp_lwt_start.php%2525253Frd%2525253Dwp_lwt_start.php%252525253Frd%252525253Dwp_lwt_start.php%25252525253Frd%25252525253Dwp_lwt_start.php%2525252525253Frd%2525252525253Dwp_lwt_start.php%252525252525253Frd%252525252525253Dwp_lwt_start.php%25252525252525253Frd%25252525252525253Dwp_lwt_start.php%2525252525252525253Frd%2525252525252525253Dwp_lwt_start.php%252525252525252525253Frd%252525252525252525253Dwp_lwt_start.php%25252525252525252525253Frd%25252525252525252525253Dwp_lwt_start.php%2525252525252525252525253Frd%2525252525252525252525253Dwp_lwt_start.php%252525252525252525252525253Frd%252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525253Frd%25252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525253Frd%2525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525253Frd%252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525253Frd%25252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525253Frd%2525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525253Frd%252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%25252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Dwp_lwt_start.php%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253Frd%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253D HTTP/2.0" 302 1

Thanks for your help

[HugoFara]

I may have found the solution, try replacing header("Location: ./wp_lwt_start.php?rd=". urlencode($url)); by header("Location: ../wp_lwt_start.php?rd=". urlencode($url)); (replacing . by ..) at line 22 of inc/wp_logincheck.php. Instead of loading a new page, it may try to load it as a redirection of the same page, causing crashing loops.

I hope it'll be the end of our troubles!

[Redmattski]

Thanks for the help so far. Sorry to say it seems to have uncovered another issue.

Now I get a message "file not found" and the address shows 'https://wordpress.example.com/wp_lwt_start.php?rd='

Error log message:
[proxy_fcgi:error] [pid 30505:tid 139726082250432] [client 127.0.0.1:44702] AH01071: Got error 'Primary script unknown'

Access log:
127.0.0.1 - - [07/Sep/2022:22:41:37 +0200] "GET /lwt/ HTTP/2.0" 302 1
127.0.0.1 - - [07/Sep/2022:22:41:37 +0200] "GET /wp_lwt_start.php?rd= HTTP/2.0" 404 16

[Redmattski]

Hi

I updated line 22 of 'inc/wp_logincheck.php' from 'header("Location: ./wp_lwt_start.php?rd=". urlencode($url));' to 'header("Location: ../wp-login.php?redirect_to=./lwt/wp_lwt_start.php");'

This has taken me to the Wordpress login page. Unfortunately, when I log in, it reloads the same page and does not proceed further.

[HugoFara]

Hi!

Since the WordPress installation seems to be very outdated, I proceeded by getting my own WordPress version of LWT. I was able to reproduce your issue, so I hope to fix it this week!

[Redmattski]

Thanks - that is much appreciated.

[HugoFara]

Hi,

I could solve your issue, basically there was a circular reference: wp_start_session.php was including inc/session_utility.php, itself including inc/wp_logincheck.php. However, inc/wp_logincheck.php was needing wp_start_session.php to initiate the WordPress variables, so it was launching it, and so on...

Now, wp_start_session.php only calls for inc/kernel_utility.php which avoids these troubles.

Thank you for your patience, I hope you will have a useful time with LWT!

[Redmattski]

Thank you so much - I can confirm this is now working as expected