The problem in a nutshell: Status messages are being cached on the front page for anonymous users.
Example: Cache is set to "Normal". An anonymous visitor does anything resulting in a status or error message being displayed (sign up for an account, send a message through the contact form, etc.). The message is displayed to that user, but is then cached. The next anonymous user visits the site, and sees the cached message, and wonders why they are being told that their message has been sent.
What I think is happening:
- Cache is enabled (of course) as "Normal".
- An anonymous user does something resulting in a message to be displayed.
- Since a message is to be displayed, the cached version of the current page is not retrieved (page_get_cache()).
- The page is processed and themed.
- The
$message
variable in phptemplate is populated usingtheme('status_messages')
. - theme_status_messages() calls drupal_get_messages(), which clears the status messages from the user's session variable.
- The
- Everything winds down as drupal_page_footer() is called, which in turn calls page_set_cache().
page_set_cache()
saves the page to the cache table *if* there are no status messages in the user's session variable. Since that variable was wiped during thetheme_status_message()
call in step #4, the rendered messages are being cached along with the page, ready to be shown to the next anonymous user (search engine, too) that comes along.
This doesn't make sense to me. In step #3, when the decision is made not to show a cached page, ob_start()
is also not called, a seemingly necessary step for the caching to succeed. This is what I can't get around... Why are messages being cached?!?
I've had this happen on 2 different sites now, running different versions of 5.x. I know that it's not a browser caching issue because of the following:
- yesterday, I visited my site. I wasn't logged in, so I was seeing the cached version.
- A message about account activation was being displayed. I logged in, and, of course, the message disappeared, since I was now seeing the dynamically created front page.
- I logged back out, and was seeing the cached version of the front page.
- I logged back in and turned off caching. Logging out again confirmed that anonymous users were now seeing the dynamically generated version, too.
I need some help with this! I'm not some noob that's hasn't RTM. I've been using Drupal for a long time and have been active in the forums answering other's questions. I'm not saying that I know everything about Drupal, but I have done my homework tracing code on this problem, and I'm afraid that I'm stuck.
I've posted two other times about this same problem here in the forums, and not made any headway. I can't believe that no one else has run into this!
Does anyone have any ideas? I can't continue running my sites without cache. I'm surprised my host hasn't started complaining already!
Comments
I've never encountered this
I've never encountered this problem... not sure if this will make a difference, but have you tried the easy stuff, like clearing your cache*, history, and sessions tables in your DB? Resetting node permissions?
----------------------------------------------------------------------
http://www.bwv810.com/
I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.
Dealing with each
Dealing with each one:
Clearing the tables manually is what I did on my first site, the first time it happened. Then it happened again one week later, and I realized that:
Thanks for the reply. I'm really hoping we can figure this out. I'll see if I can come up with a specific set of events that causes this to happen.
Side note: I like your site. I'm a piano performance major in college right now. One of my sites (which, by the way, was the most recent in displaying this quirk) is www.evangelisticpiano.com .
- Corey
I re-enabled cache to see if
I re-enabled cache to see if I could replicate the problem. I could, and the result can be seen at www.evangelisticpiano.com . For the next 12 hours, all anonymous users will see the status message "Your message has been sent."
To duplicate this:
I used two browsers (IE and Firefox) so that I could see the site as an anonymous user as well as a logged-in user.
As a side note, my cache lifetime is set for 12 hours (so that as many people as possible can see the error message at this time), but I normally run it a lot shorter, and the problem has still been present.
Please note that I could not duplicate this on localhost, but can reliably produce it on my live site. This might be because I can't send e-mails from localhost, which is interrupting the process.
Others have reported this here and here. The second page identifies this as a possible privacy risk.
I have different configuration settings than the guy in the bug report:
PHP: 4.4.7
MySQL: 4.0.27
You may notice that my error message is themed. This can not be a factor, because the bug also shows up on another site that I have, in which the error messages are not themed. Besides, the bug report claims that this is reproducible with Garland.
Any other suggestions?
- Corey
What do your performance
What do your performance settings look like? I am grasping at straws here, as you can tell.
----------------------------------------------------------------------
http://www.bwv810.com/
I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.
nothing out of the ordinary...
cache mode: normal
cache lifetime: 12 hours
aggregate and compress css files: disabled
- Corey
A quick but obviously
A quick but obviously superficial fix: Perhaps go into your CSS and amend the
<div class="messages status clearfix">
with "display: none;" and see if that at least removes the message from visibility.----------------------------------------------------------------------
http://www.bwv810.com/
I am a writer and researcher. In my spare time I build websites with Drupal.
Je peux communiquer en français. / Я могу общаться на русском языке.
I may end up doing that, but
I may end up doing that, but for now, I think I'll leave it up (at the risk of confusing a few users) so that it will be visible for those reading this thread.
Thanks for taking the time to look, btw.
I really wish I could get more people to check into this, but judging from my referrer logs, only two or three people have checked into it. :(
I'm concerned that this issue will affect 6.x as well, because the cache-handling code (for this part, at least) is the same as 5.x.
- Corey
I am having this issue as
I am having this issue as well. It only happens when I have page caching enabled. Did you figure out a solution to this?
Thanks!
Is this thread moved elsewhere?
As this forum has been deprecated, is this one solved or documented/fixed elsewhere?
.
--
( Evaluating the long-term route for Drupal 7.x via BackdropCMS at https://www.CMX.zone )
Well, there is an issue for
Well, there is an issue for it here. The fix is in D6 already, but I'm not seeing it in D7 yet, and D5 needs to be hacked in order to apply the patch. This is a big enough problem, though, that I make the change on every one of my sites, even though it involves hacking core. I have even been hired to port the fix to a 4.7 site before.
- Corey