Spontaneous logouts

[hayden]

Muhammad,

Thanks, I'll try that next time I get logged out. I'm doing controlled experiments now while doumenting each change I make and weather I still get logouts. I just finished killing off my virus scanner (Trend Micro) and purging all cookies under all profiles on my machine. I also have enabled all cookies from all sites (turned off all of IEs protection features). We'll see how that goes.

By the way, I don't think I got an answer on whether you would expect a cookie with a tbnpassword key but no tbnuserid key? That's what I've seen on my machine. If TBN creates such a cookie, then I won't chase that. Otherwise I think it might be useful to figure out if something on my machine has hooked cookie creation and is editing them on the fly, or if somehow TBN is unintentionally creating them.

Thanks,

Peter

 

[hayden]

That didn't take long - just got logged out again.

I'll try your script.

 

[texasjohn]

Fiero, your experience of typing a reply and discovering that you are logged out is what I often experience...


Actually, if you use your browser BACK button you can get back to what you had written.... then, copy that, log back in, find the thread you were responding to, do a reply and PASTE into the reply area.

I've been doing this for more than a year because of these logouts... it is standard procedure for me... painful, but it works.

 

[hayden]

Try this:

1. Go to http://www.tractorbynet.com/photos/cookies.php

2. Click on "Delete these cookies" button.

3. Log in to the forums again.

Let me know if that helps.

I got logged out again after doing this. As before, my cookie had a tbnpassword but no tbnuserid just prior to the logout.

I think there is a fundamental question here whether these half-baked cookies (sorry, I couldn't resist) that I'm seeing are expected under some condition, or not. If they are not expected, then there is corruption of cookies happending. I have yet to see a case where my cookies are missing prior to getting logged out - they are always there but corrupted.

 

[MikePA]

I got logged out again after doing this. As before, my cookie had a tbnpassword but no tbnuserid just prior to the logout.

I think there is a fundamental question here whether these half-baked cookies (sorry, I couldn't resist) that I'm seeing are expected under some condition, or not. If they are not expected, then there is corruption of cookies happending. I have yet to see a case where my cookies are missing prior to getting logged out - they are always there but corrupted.

What makes you think the cookies are corrupted?

 

[texasjohn]

Hayden, any chance you could PM MikePA and send him a COPY/PASTE of the cookies you are seeing..... so he can see the same thing you are ..... words are inadequate to describe the cookie contents, etc...he needs to see the actual thing.

 

[hayden]

Take a look at post #50. http://www.tractorbynet.com/forums/news-feedback/120080-spontaneous-logouts-5.html#post1445356 I attached an example of the half-baked cookie.

I can post another if you like. I'm just looking at them with notepad. The key names are in clear text, followed by a value (sometimes encrypted). The other junk I expect is an encoding of the expiration time for the key.

If you look at the cookie between pages, you will eventually see one that has the "tbnpassword" field, but no "tbnuserid" fiield. A good cookie has both. Once you have a half-baked cookie, you are doomed. I haven't figured out exactly which page transitions recheck login info, but once you hit one you will be logged out.

 

[hayden]

You can also use Muhammad's cookie viewer page or Karen's Cookie viewer to see the cookie contents in a prettier format. Both of these tools are referenced in earlier posts. They both confirm what I'm seeing in Notepad.

I'll note again that I don't know for sure that these are corrupted versus intended TBN cookie content - that's the outstanding question to the forum gurus. What I do know is that once one of these cookies ends up on your system, you are toast.

If the half-bakes cookies are NOT intended by TBN, then we still don't know whether TBN is getting confused and only storing partial info in the cookie, or if some client side or network resident software is corrupting the cookies.

 

[Fiero guy]

Fiero, your experience of typing a reply and discovering that you are logged out is what I often experience...


Actually, if you use your browser BACK button you can get back to what you had written.... then, copy that, log back in, find the thread you were responding to, do a reply and PASTE into the reply area.

I've been doing this for more than a year because of these logouts... it is standard procedure for me... painful, but it works.

No- that won't work for me, because IE deletes the text I typed as soon as I leave that input field for any reason. It's a security function that prevents anything typed or submitted in a form from being kept in temp intenet files or some other folder. I could probably go into tools/internet settings/security/ and change it, but since I use this machine for other things besides TBN, I prefer not to. One way I know I can ensure I won't have to type it all again, is to highlight all my text, then right click and "copy". It is now on what used to be called my clipboard. If the actual reply rides the thunder, all I have to do is bring back the reply page, and press ctrl-v and the original text will be automatically pasted into the reply box.
Don

 

[Ibrahim]

When you view a cookie, one will contain your userid and one will contain your password. That's how it is on my computer.

How are you logging in to TBN? Are you typing: 'tractorbynet.com' and browsing like that? Or are you typing: 'www.tractorbynet.com'?

 

[hayden]

I have two TBN cookie files on my system. One is hayden@tractorbynet.com[n].txt and the other is hayden@www.tractorbynet.com[n].txt. Each file contains multiple "keys" or "fields". The username and password keys are always contained in the second file (the www.tractorbynet.com file)
Both are attached. These are "good" cookie files in that both the username and password are present. The file I posted in reply#50 is a "bad" cookie file with only a password key and no username key.

 

[TBDonnelly]

How are you logging in to TBN? Are you typing: 'tractorbynet.com' and browsing like that? Or are you typing: 'www.tractorbynet.com'?

I usually log in from the link in the TBN 'new post' email notification I receive.

Don

 

[hayden]

And here's what they look like now with the userid and lastvisit info missing

 

[Hakim]

Hayden,

If you really want to solve this problem, you should follow up on the suggestions we have already made. Your approach to ID "cookies" and why you think they are incorrect, is not going to help. This is not the way TBN's or any other cookies work.

I have attached a screencap of my current TBN cookies. There are actually more cookies than show up in this capture, but you get the idea.

You apparently are looking via IE "show cookies" command. That is why I told you about the Karen's Cookie Viewer, because that will locate ALL of the cookies, so you can delete them. Did you delete ALL cookies, then re-login?

If you are using Internet Explorer, you can create a "secure pass" for TBN, by going to the menu bar and selecting "Tools", then "Internet Options." Once that box opens, click on the top menu bar "Security". Once that opens, there will be several icons, select "Trusted Sites". That will open a form box. Type in www.tractorbynet.com and tractorbynet.com.

This will ensure that IE or Windows itself is not doing the cookie manipulations.

If this adjustment to IE does not help, then if you could install -- just for this "test" -- the current version of Firefox browser.

Once Firefox has been installed, navigate to the top menu bar "Tools" and select "Options" at the bottom of the list. Once that box opens, you can select "show cookies" and that will produce a list similar to what I have posted below.

Also, you will select the next check box, which is "Exceptions." Type in www.tractorbynet.com and check on "Allow". You might want to also enter tractorbynet.com, without the leading www., since that may also be one of the ways the cookies are setting themselves. I do not know.

In any event, this is the way you can help us. We have absolutely the top PHP database adminstrator in the USA. He is looking into these issues. So far, we have not found a single thing that we can say, "ah, there's the problem."

So, make the security adjustments to IE, or install Firefox and perform those actions as I have suggested. If you no longer get logged out, then the problem was due to your browser or its settings. In that case, you can switch to Firefox, or update Windows to the latest Internet Explorer V7.

One fellow noted that after having this problem for some time, he got a new Mac and the problem no longer exists, at least for some days now.

I will repeat that there are myriad settings on each computer, and they are constantly adjusted and changed WITHOUT YOUR KNOWLEDGE by Windows OS, privacy tools, toolbar add-ons, updates and many other things.

You have done almost nothing in the way of analyzing and troubleshooting your own system, e.g. booting into safe mode and seeing if the problem goes away. Deleting system utilities, and so forth.

Your making "guesses" only serves to further muddle the issues, and confuse other users. So please be patient while we continue to look into this issue.

 

[Hakim]

Hayden,

From the Microsoft Knowledgebase, there is an entry that may apply to your situation: Two or more cookie files exist for one Web site when you use Internet Explorer to visit a cookie-enabled Web site

"Two or more cookie files exist for one Web site when
you use Internet Explorer to visit a cookie-enabled Web site..."

It describes the issue and offers a downloadable hotfix. Perhaps worth reading.

 

[MikePA]

When logged into TBN I have 32 cookies set. Two are tbnpassword and tbnuserid, both expire 28 Dec 2008 at the same time.

For the server to delete one or more of these, there'd have to be code on the server to determine which logged in user to send the delete cookie command to since it's not happening to 1,000s of other people.

The logical conclusion is this is happening in the browser not on the server.

 

[hayden]

Hakim,

First, I'm completely open to this being a client problem. I'm just following the clues provided by what I see. I hope you can remain equally open minded. I just want to solve the problem.

I have been following up on your suggestions and have reported back on some of it in this thread. In an earlier post I described "controlled experiments", all of which are on the client side. I've been doing these one at a time, making notes, and seeing if the problem recurs.

I loaded and used Karen's tool as you suggest. The cookies are all there and their expiration dates are well out in the future, so I don't think the issue is expired cookies or missing cookies. The only thing I've seen that's odd is the missing tbnuserid cookie prior to getting logged out.

I also used Muhammad's cookie viewer page and got results similar to viewing with Karen's tool. Again, the only thing that I've seen amiss is the dissapearance of the tbnuserid cookie.

I deleted all my cookies (via IE) and cleared my cache.

I looked in my profiles (there are some old ones on my machine) and found other old cookies, so I went and deleted all of them too just to be sure. This left me with just the TBN cookies, so it's been real easy to observe what's been going on.

In IE, I added tractorbynet.com as a site to allow all cookies. IE does not allow adding both www.tractorbynet.com and tractorbynet.com - it allows/disallows domains only and translates the web address accordingly.

I also set the privacy setting to allow all cookies form all sites - something I normally don't allow.

I completely unloaded my virus scanner. It was previously deactivated by still loaded with an icon on the tool bar. This is also something I do reluctantly since it places my system at greater risk - but I want to solve this problem.

My system came with Diskeeper which is a defrag utility. It claims to only defrag when you tell it to, but it was loaded in memory so I completely de-installed it. Now to add it back I probably need to competely rebuild my system since it's factory installed.

Between all of these steps I have deleted cookies, re logged in, and often rebooted. So far I see no change in behavior, but I have been trying a wide variety of client side experiments.

I just tried adding TBN as a Trusted Site - that was not previously suggested but worth a try. I'll add Firefox to the list of experiments, but other users have reported the problem with Firefox, and I try to avoid adding more stuff to my computer since it often leads to this type of problem.

I'm well aware of all the background activity on a typical computer. That's why I avoid plug-ins etc as much as possible. I don't have any add-on tool bars in IE, for example. I'll try Safe mode - I think that's a good suggestion.

I also did a couple of searchs last night on Microsoft's site and didn't find any smoking gun. I have not seen multiple cookie files as referenced in the article you found. Regardless, one of the other things on my list is to apply all the latest MS updates. I don't do automatic updates because too often they break things, so I wait for them to soak a while and do them in batches.

Getting back to cookies, I've been viewing the TBN cookies via Karen's tool and Muhammad's viewer page, both of which are approved methods. Please just answer me one question. While navigating TBN, I'll come to a point where the tbnuserid cookie dissapears, and shortly thereafter I get logged out. Is the disppearance of the tbnuserid cookie expected or unexpected operation for TBN? I just want to figure out if this is a solid clue to follow or a red herring. If it's normal operation for TBN to delete the userid cookie and leave behind the password cookie while a user is logged in, then I'll let it go, but it seems very suspicious that this happens just prior to getting logged out, and so far is the only solid clue I've got.