One of my sites has an strange behaviour that makes impossible to login if you don't delete cookies before, or if wait for a long long time (may be 1 day, not sure).

My site is configured like this:
- URL is a subfolder of main domain: https://www.????mydomain.com/courses/

- PHP Version 5.2.17
- Xoops: 2.5.6.
- Protocol: https
- Name for user cookies: x??????_user
- Use custom session: yes
- Session name: x?????_session
- Session expiration: 60

This error happens in this way:

- Fist login try of the day: everything goes ok, I can use the site normally.
- After use, I don't close session manually, simply leave the site loaded in the browser.
- After 1 hour or more, if I try to navigate again through the site I get the usual permissions error (needed to be logged to use the site).
- I try to log and the site shows that I have logged correctly with the redirect page (It doesn't use jGrowl redirect)
- After been redirected the main page is shown, but always logging block is displayed as sessions is actually closed.
- If I directly load site home page, It shows the login block.

If I delete cookies (only the ones of my site) I can log again without troubles.

Please help.

Don't have any specifics to help other than XOOPS 2.5.6 says it requires:

Quote:

This site is running with no update from 3-4 years ago.
My hoster says that no php upgrade/change has been done in this time.

The problem used to happen from time to time previously, but now it happens every time.

Quote:
It can't, as XOOPS 2.5.6 was released in April 2013

As Zyspec said earlier, you should upgrade to PHP 5.3.7+, with PHP 5.4 recommended! Most good hosts offer just to change one setting in the config, and you're running the upgraded PHP in 3 minutes!

Please read:

5 Reasons to Consider Upgrading Your PHP Platform

The author, Lorna Mitchell, offers her list of five things, each with a bit of summary and a few links to more information on the topics:

- Improved Performance
- Security and Support
- New Syntax
- Traits
- Built In Webserver

Also, XOOPS won't act strange "out of the blue" - there had to be a change to cause it. Check the logs fort the host changes, and go back and see if you have changed something but forgot about it ...

Turn off custom session, you may need to do this via the config table in the database if you cant login. If your host implemented something like mod_security this may be the issue.