'PHP website not loging to CMS after migration from apache to nginx
I have a PHP website that has a CMS, but ever since we migrated the website from apache to nginx, users can't log in to the CMS.
I don't know much about PHP and nginx, but here are some things that I managed to identify and believe that might have something to do with the problem:
- When running in apache, the login form makes a request to ajax/cms_users/login.php, and then the cms index is called (the dashboard appears). That is not happening when running in nginx, where only the login.php is called. This image shows this in the Network tab.
↓The ajax.php
<?php
include_once("config.php");
include_once("verificaLogado.php");
$modulo = $_CMS_CONFIG["modulo_padrao"];
if(trim($_REQUEST["modulo"]) <> "")
{
$modulo = trim($_REQUEST["modulo"]);
}
$acao = $_CMS_CONFIG["acao_padrao"];
if(trim($_GET["acao"]) <> "")
{
$acao = trim($_GET["acao"]);
} else if(trim($_POST["acao"]) <> "")
{
$acao = trim($_POST["acao"]);
}
?>
<script language="javascript">
console.log("<?php echo $modulo; ?>");
console.log("<?php echo $acao; ?>");
</script>
<?php
$status_operacao = "";
if(trim($_REQUEST["status_operacao"]) <> "")
{
$status_operacao = trim($_REQUEST["status_operacao"]);
}
$id = null;
if(trim($_REQUEST["id"]) <> "")
{
$id = trim($_REQUEST["id"]);
}
if(file_exists(ROOT_CMS . "classes/models/" . $modulo . "_model.php")){
include_once(ROOT_CMS . "classes/models/" . $modulo . "_model.php");}
if(file_exists(ROOT_CMS . "classes/views/" . $modulo . "_view.php")){
include_once(ROOT_CMS . "classes/views/" . $modulo . "_view.php");}
if(file_exists(ROOT_CMS . "classes/controllers/" . $modulo . "_controller.php")){
include_once(ROOT_CMS . "classes/controllers/" . $modulo . "_controller.php");}
$error = "";
?>
<script language="javascript">
console.log("<?php echo $modulo; ?>");
console.log("<?php echo $acao; ?>");
CMS_MODULO = "<?php echo $modulo; ?>";
CMS_ACAO = "<?php echo $acao; ?>";
</script>
<?php
if(file_exists(ROOT_CMS . "classes/" . $modulo . ".php"))
{
$classe = $modulo."_controller";
$controller = new $classe();
if(trim($acao) == "")
{$acao = "acaoPadrao";}
if($acao == "login" || !method_exists($classe,"valida_permissao") || $controller->valida_permissao($modulo))
{
if(method_exists($classe,$acao))
{
if($acao == "get_registros") {
$controller->$acao(null, null);
} else {
$controller->$acao();
}
}
else if(method_exists($classe,"acaoPadrao"))
{
$controller->acaoPadrao();
}
} else {
$error = "401";
}
} else {
$error = "404";
}
if(trim($error) != "") {
ob_clean();
?>
<iframe class="error-frame fullScreen" src="<?php echo ROOT_SERVER . ROOT . $error; ?>.html"></iframe>
<?php
die();
}
?>
↓The login verification (verificaLogado.php):
<?php
// Verifica sessão ou tentativa de login
if((!isset($_SESSION["btLogin"]) || $_SESSION["btLogin"] == false || $_SESSION["ROOT_SESSION"] <> ROOT) &&
$_REQUEST["modulo"] != "cms_usuarios" &&
$_REQUEST["acao"] != "login"
) {
// Verifica cookies
$btLogin = false;
if(intval($_COOKIE[$projectName . "_idUser"]) > 0) {
carrega_classe("cms_usuarios");
$user = new cms_usuarios();
$btLogin = $user->login(intval($_COOKIE[$projectName . "_idUser"]));
}
if(!$btLogin) {
// Se falhou em todas, garante o logout e mandar para autenticação
$_SESSION["btLogin"] = false;
header ("location: " . ROOT_SERVER . ROOT . "login.php");
die();
}
}
?>
The login.php have, mostly, the html for the login form, so I won't put it here.
↓And that's the conf.d file for the website in nginx:
gzip on;
gzip_vary on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/x-component application/xhtml+xml application/rss+xml application/atom+xml image/x-icon image/svg+xml application/vnd.ms-fontobject ap$
map $sent_http_content_type $expires {
default +1M;
text/cache-manifest 0;
text/html 0;
text/xml 0;
application/xml 0;
application/json 0;
application/rss+xml +1h;
application/atom+xml +1h;
image/x-icon +1w;
image/gif +1M;
image/png +1M;
image/jpg +1M;
image/jpeg +1M;
video/ogg +1M;
audio/ogg +1M;
video/mp4 +1M;
video/webm +1M;
text/x-component +1M;
application/x-font-ttf +1M;
font/opentype +1M;
application/x-font-woff +1M;
image/svg+xml +1M;
application/vnd.ms-fontobject +1M;
text/css +1w;
application/javascript +1w;
application/x-javascript +1w;
}
server {
listen 80;
server_name formalegno.com.br www.formalegno.com.br;
root /ftp/Websites/formalegno;
location /{
return 301 https://$server_name$request_uri;
}
error_page 401 /401.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 401 /401.html;
error_page 404 /404.html;
expires $expires;
rewrite ^/cms?$ /cms/index.php;
rewrite ^/cms/?$ /cms/index.php;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/([a-z0-9-_]+)/(.*)?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4&titulo_def=$5;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/([a-z0-9-_]+)/(.*)/?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4&titulo_def=$5;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/(.*)?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/(.*)/?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4;
rewrite ^/idioma/([a-z0-9-_]+)?$ /index.php?lang=$1;
rewrite ^/idioma/([a-z0-9-_]+)/?$ /index.php?lang=$1;
rewrite ^/lang/([a-z0-9-_]+)?$ /index.php?lang=$1;
rewrite ^/lang/([a-z0-9-_]+)/?$ /index.php?lang=$1;
rewrite ^/ajax/contato/enviar?$ /post-contact.php last;
rewrite ^/ajax/contato/enviar/?$ /post-contact.php last;
rewrite ^/ajax/cadastro/enviar?$ /post-cadastro.php last;
rewrite ^/ajax/cadastro/enviar/?$ /post-cadastro.php last;
rewrite ^/ajax/blog/posts?$ /blog-lista.php last;
rewrite ^/ajax/blog/posts/?$ /blog-lista.php last;
rewrite ^/ajax/representantes/([0-9]+)?$ /representantes-lista.php?id_estado=$1 last;
rewrite ^/ajax/representantes/([0-9]+)/?$ /representantes-lista.php?id_estado=$1 last;
rewrite ^/ajax/download/(.*)?$ /custom_file_download.php?key=$1 last;
rewrite ^/ajax/([a-z0-9-_]+)?$ /ajax-data.php?id=$1 last;
rewrite ^/ajax/([a-z0-9-_]+)/?$ /ajax-data.php?id=$1 last;
rewrite ^/ajax/(.*)?$ /$1 last;
rewrite ^/index?$ /redirect.php?module=index last;
rewrite ^/index/?$ /index.php last;
rewrite ^/home?$ /redirect.php?module=home last;
rewrite ^/home/?$ /index.php last;
rewrite ^/search?$ /redirect.php?module=search last;
rewrite ^/search/?$ /search.php last;
rewrite ^/sobre?$ /redirect.php?module=sobre last;
rewrite ^/sobre/?$ /sobre.php last;
rewrite ^/colecao?$ /redirect.php?module=colecao last;
rewrite ^/colecao/?$ /colecao.php last;
rewrite ^/encontre?$ /redirect.php?module=encontre last;
rewrite ^/encontre/?$ /encontre.php last;
rewrite ^/representantes?$ /redirect.php?module=representantes last;
rewrite ^/representantes/?$ /representantes.php last;
rewrite ^/produtos?$ /redirect.php?module=produtos last;
rewrite ^/produtos/?$ /produtos.php last;
rewrite ^/produtos/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=produtos&titulo=$1&id=$2 last;
rewrite ^/produtos/([a-z0-9-_]+)/([0-9]+)/?$ /produtos-detalhe.php?titulo=$1&id=$2 last;
rewrite ^/produtos/categoria/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=produtos&acao=categoria&titulo=$1&id=$2 last;
rewrite ^/produtos/categoria/([a-z0-9-_]+)/([0-9]+)/?$ /produtos.php?tit=$1&id=$2 last;
rewrite ^/blog?$ /redirect.php?module=blog last;
rewrite ^/blog/?$ /blog.php last;
rewrite ^/blog/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=blog&titulo=$1&id=$2 last;
rewrite ^/blog/([a-z0-9-_]+)/([0-9]+)/?$ /blog-detalhe.php?titulo=$1&id=$2 last;
rewrite ^/blog/categoria/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=blog&acao=categoria&titulo_categoria=$1&id_categoria=$2 last;
rewrite ^/blog/categoria/([a-z0-9-_]+)/([0-9]+)/?$ /blog.php?titulo_categoria=$1&id_categoria=$2 last;
rewrite ^/cadastro?$ /redirect.php?module=cadastro last;
rewrite ^/cadastro/?$ /cadastro.php last;
rewrite ^/contato?$ /redirect.php?module=contato last;
rewrite ^/contato/?$ /contato.php last;
}
server {
listen 443 ssl http2;
server_name formalegno.com.br www.formalegno.com.br;
# Bad Bot Blocker
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
root /ftp/Websites/formalegno;
include /etc/nginx/global/wordpress-producao-base.conf;
ssl_certificate /etc/letsencrypt/live/formalegno.com.br/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/formalegno.com.br/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000";
error_page 500 /500.html;
error_page 401 /401.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 401 /401.html;
error_page 404 /404.html;
expires $expires;
rewrite ^/cms?$ /cms/index.php;
rewrite ^/cms/?$ /cms/index.php;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/([a-z0-9-_]+)/(.*)?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4&titulo_def=$5;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/([a-z0-9-_]+)/(.*)/?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4&titulo_def=$5;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/(.*)?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4;
rewrite ^/download/([a-z0-9-_]+)/([0-9]+)/([a-z0-9-_]+)/(.*)/?$ /custom_file_download.php?modulo=$1&id=$2&campo=$3&titulo=$4;
rewrite ^/idioma/([a-z0-9-_]+)?$ /index.php?lang=$1;
rewrite ^/idioma/([a-z0-9-_]+)/?$ /index.php?lang=$1;
rewrite ^/lang/([a-z0-9-_]+)?$ /index.php?lang=$1;
rewrite ^/lang/([a-z0-9-_]+)/?$ /index.php?lang=$1;
rewrite ^/ajax/contato/enviar?$ /post-contact.php last;
rewrite ^/ajax/contato/enviar/?$ /post-contact.php last;
rewrite ^/ajax/cadastro/enviar?$ /post-cadastro.php last;
rewrite ^/ajax/cadastro/enviar/?$ /post-cadastro.php last;
rewrite ^/ajax/blog/posts?$ /blog-lista.php last;
rewrite ^/ajax/blog/posts/?$ /blog-lista.php last;
rewrite ^/ajax/representantes/([0-9]+)?$ /representantes-lista.php?id_estado=$1 last;
rewrite ^/ajax/representantes/([0-9]+)/?$ /representantes-lista.php?id_estado=$1 last;
rewrite ^/ajax/download/(.*)?$ /custom_file_download.php?key=$1 last;
rewrite ^/ajax/([a-z0-9-_]+)?$ /ajax-data.php?id=$1 last;
rewrite ^/ajax/([a-z0-9-_]+)/?$ /ajax-data.php?id=$1 last;
rewrite ^/ajax/(.*)?$ /$1 last;
rewrite ^/index?$ /redirect.php?module=index last;
rewrite ^/index/?$ /index.php last;
rewrite ^/home?$ /redirect.php?module=home last;
rewrite ^/home/?$ /index.php last;
rewrite ^/search?$ /redirect.php?module=search last;
rewrite ^/search/?$ /search.php last;
rewrite ^/sobre?$ /redirect.php?module=sobre last;
rewrite ^/sobre/?$ /sobre.php last;
rewrite ^/colecao?$ /redirect.php?module=colecao last;
rewrite ^/colecao/?$ /colecao.php last;
rewrite ^/encontre?$ /redirect.php?module=encontre last;
rewrite ^/encontre/?$ /encontre.php last;
rewrite ^/representantes?$ /redirect.php?module=representantes last;
rewrite ^/representantes/?$ /representantes.php last;
rewrite ^/produtos?$ /redirect.php?module=produtos last;
rewrite ^/produtos/?$ /produtos.php last;
rewrite ^/produtos/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=produtos&titulo=$1&id=$2 last;
rewrite ^/produtos/([a-z0-9-_]+)/([0-9]+)/?$ /produtos-detalhe.php?titulo=$1&id=$2 last;
rewrite ^/produtos/categoria/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=produtos&acao=categoria&titulo=$1&id=$2 last;
rewrite ^/produtos/categoria/([a-z0-9-_]+)/([0-9]+)/?$ /produtos.php?tit=$1&id=$2 last;
rewrite ^/blog?$ /redirect.php?module=blog last;
rewrite ^/blog/?$ /blog.php last;
rewrite ^/blog/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=blog&titulo=$1&id=$2 last;
rewrite ^/blog/([a-z0-9-_]+)/([0-9]+)/?$ /blog-detalhe.php?titulo=$1&id=$2 last;
rewrite ^/blog/categoria/([a-z0-9-_]+)/([0-9]+)?$ /redirect.php?module=blog&acao=categoria&titulo_categoria=$1&id_categoria=$2 last;
rewrite ^/blog/categoria/([a-z0-9-_]+)/([0-9]+)/?$ /blog.php?titulo_categoria=$1&id_categoria=$2 last;
rewrite ^/cadastro?$ /redirect.php?module=cadastro last;
rewrite ^/cadastro/?$ /cadastro.php last;
rewrite ^/contato?$ /redirect.php?module=contato last;
rewrite ^/contato/?$ /contato.php last;
}
As I said, I don't know much about PHP and nginx, so I'm not sure if the code I provided is of any help to understand the issue. To anyone open to help me with this, I'm happy to provide more information. Thanks in advance.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|