By coreyp_1 on

The problem in a nutshell: Status messages are being cached on the front page for anonymous users.

Example: Cache is set to "Normal". An anonymous visitor does anything resulting in a status or error message being displayed (sign up for an account, send a message through the contact form, etc.). The message is displayed to that user, but is then cached. The next anonymous user visits the site, and sees the cached message, and wonders why they are being told that their message has been sent.

What I think is happening:

  1. Cache is enabled (of course) as "Normal".
  2. An anonymous user does something resulting in a message to be displayed.
  3. Since a message is to be displayed, the cached version of the current page is not retrieved (page_get_cache()).
  4. The page is processed and themed.
  5. Everything winds down as drupal_page_footer() is called, which in turn calls page_set_cache().
  6. page_set_cache() saves the page to the cache table *if* there are no status messages in the user's session variable. Since that variable was wiped during the theme_status_message() call in step #4, the rendered messages are being cached along with the page, ready to be shown to the next anonymous user (search engine, too) that comes along.

This doesn't make sense to me. In step #3, when the decision is made not to show a cached page, ob_start() is also not called, a seemingly necessary step for the caching to succeed. This is what I can't get around... Why are messages being cached?!?

I've had this happen on 2 different sites now, running different versions of 5.x. I know that it's not a browser caching issue because of the following:

  • yesterday, I visited my site. I wasn't logged in, so I was seeing the cached version.
  • A message about account activation was being displayed. I logged in, and, of course, the message disappeared, since I was now seeing the dynamically created front page.
  • I logged back out, and was seeing the cached version of the front page.
  • I logged back in and turned off caching. Logging out again confirmed that anonymous users were now seeing the dynamically generated version, too.

I need some help with this! I'm not some noob that's hasn't RTM. I've been using Drupal for a long time and have been active in the forums answering other's questions. I'm not saying that I know everything about Drupal, but I have done my homework tracing code on this problem, and I'm afraid that I'm stuck.

I've posted two other times about this same problem here in the forums, and not made any headway. I can't believe that no one else has run into this!

Does anyone have any ideas? I can't continue running my sites without cache. I'm surprised my host hasn't started complaining already!

Categories: Drupal 5.x

Comments

bwv’s picture

bwv commented

I've never encountered this problem... not sure if this will make a difference, but have you tried the easy stuff, like clearing your cache*, history, and sessions tables in your DB? Resetting node permissions?
----------------------------------------------------------------------
http://www.bwv810.com/

I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.

coreyp_1’s picture

coreyp_1 commented

Dealing with each one:

  • Clearing history table - no effect. This table does not influence whether or not the message exists in the page cache table.
  • Clearing sessions tables - no effect. Everybody is logged out, of course, but then everyone is served the cached pages for anonymous users.
  • Resetting node permissions - again not related to when pages are cached.
  • Clearing cache tables - well, this *will* cause the cache table to be re-built (and getting rid of the messages), but what is the advantage of doing this manually? I can't personally monitor my site 24 hours a day.

Clearing the tables manually is what I did on my first site, the first time it happened. Then it happened again one week later, and I realized that:

  • I didn't know how long the message had been cached the second time... I just stumbled upon it.
  • I couldn't rely on the "I hope I see this before anyone else so I can fix it" approach, because I can't personally monitor my site every minute of every day.

Thanks for the reply. I'm really hoping we can figure this out. I'll see if I can come up with a specific set of events that causes this to happen.

Side note: I like your site. I'm a piano performance major in college right now. One of my sites (which, by the way, was the most recent in displaying this quirk) is www.evangelisticpiano.com .

- Corey

coreyp_1’s picture

coreyp_1 commented

I re-enabled cache to see if I could replicate the problem. I could, and the result can be seen at www.evangelisticpiano.com . For the next 12 hours, all anonymous users will see the status message "Your message has been sent."

To duplicate this:

I used two browsers (IE and Firefox) so that I could see the site as an anonymous user as well as a logged-in user.

  1. I enabled cache.
  2. As an anonymous user, I sent myself a message using the contact form.
  3. The message cached, and was visible to all anonymous users on the home page.
    • Please note, this is not a "browser cache" issue. I sent the message as an anonymous user in IE. The message was clearly cached by Drupal, because it remained even after refreshing the browser.
    • As further evidence, I went to Firefox (where I was logged in as admin). When I clicked "logout" and was re-directed to the front page, I saw the same "Your message has been sent." that I was seeing in IE.
    • Visit my page (link given earlier), and you will see for yourself that the message is cached!
  4. I logged back in under Firefox, and cleared my cache tables. Cache is still enabled.
  5. I refreshed in IE (anonymous user), and the error message went away. Page was obviously re-cached normally.
    • I confirmed this by logging out of Firefox, and received the message-free version of the homepage.
  6. Without clearing the cache, I sent another message through the contact form using IE. The status message was once again shown on the front page (as it should have been), but the new page (with the status message) was cached, which should not have happened.
  7. I confirmed that the new message was cached, and therefore always visible to anonymous users by viewing the page in both IE and Firefox. You can see it, too, if you visit my site in the next 12 hours (OK, maybe only 11 1/2 hours by now...).

As a side note, my cache lifetime is set for 12 hours (so that as many people as possible can see the error message at this time), but I normally run it a lot shorter, and the problem has still been present.

Please note that I could not duplicate this on localhost, but can reliably produce it on my live site. This might be because I can't send e-mails from localhost, which is interrupting the process.

Others have reported this here and here. The second page identifies this as a possible privacy risk.

I have different configuration settings than the guy in the bug report:
PHP: 4.4.7
MySQL: 4.0.27

You may notice that my error message is themed. This can not be a factor, because the bug also shows up on another site that I have, in which the error messages are not themed. Besides, the bug report claims that this is reproducible with Garland.

Any other suggestions?

- Corey

bwv’s picture

bwv commented

What do your performance settings look like? I am grasping at straws here, as you can tell.
----------------------------------------------------------------------
http://www.bwv810.com/

I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.

coreyp_1’s picture

coreyp_1 commented

cache mode: normal
cache lifetime: 12 hours
aggregate and compress css files: disabled

- Corey

bwv’s picture

bwv commented

A quick but obviously superficial fix: Perhaps go into your CSS and amend the <div class="messages status clearfix"> with "display: none;" and see if that at least removes the message from visibility.

----------------------------------------------------------------------
http://www.bwv810.com/

I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.

coreyp_1’s picture

coreyp_1 commented

I may end up doing that, but for now, I think I'll leave it up (at the risk of confusing a few users) so that it will be visible for those reading this thread.

Thanks for taking the time to look, btw.

I really wish I could get more people to check into this, but judging from my referrer logs, only two or three people have checked into it. :(

I'm concerned that this issue will affect 6.x as well, because the cache-handling code (for this part, at least) is the same as 5.x.

- Corey

rc2020’s picture

rc2020 commented

I am having this issue as well. It only happens when I have page caching enabled. Did you figure out a solution to this?

Thanks!

Leeteq’s picture

Leeteq commented

As this forum has been deprecated, is this one solved or documented/fixed elsewhere?

.
--
( Evaluating the long-term route for Drupal 7.x via BackdropCMS at https://www.CMX.zone )

coreyp_1’s picture

coreyp_1 commented

Well, there is an issue for it here. The fix is in D6 already, but I'm not seeing it in D7 yet, and D5 needs to be hacked in order to apply the patch. This is a big enough problem, though, that I make the change on every one of my sites, even though it involves hacking core. I have even been hired to port the fix to a 4.7 site before.

- Corey