Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96301
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 78640 invoked from network); 10 Oct 2016 03:15:45 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 Oct 2016 03:15:45 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:33843] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 2F/91-52150-DD70BF75 for <internals@lists.php.net>; Sun, 09 Oct 2016 23:15:44 -0400
Received: (qmail 6479 invoked by uid 89); 10 Oct 2016 03:15:37 -0000
Received: from unknown (HELO mail-qt0-f180.google.com) (yohgaki@ohgaki.net@209.85.216.180)
  by 0 with ESMTPA; 10 Oct 2016 03:15:37 -0000
Received: by mail-qt0-f180.google.com with SMTP id s49so44007421qta.0
        for <internals@lists.php.net>; Sun, 09 Oct 2016 20:15:36 -0700 (PDT)
X-Gm-Message-State: AA6/9Rl0RyRRfcBAisAqREZPFXSFtMOgnXTVeKndZriocvf+XVr3Ay5uG5PJJhUwhltwGjihv3vxfruAj1UMHQ==
X-Received: by 10.200.36.154 with SMTP id s26mr31215366qts.0.1476069330931;
 Sun, 09 Oct 2016 20:15:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.84.168 with HTTP; Sun, 9 Oct 2016 20:14:50 -0700 (PDT)
Date: Mon, 10 Oct 2016 12:14:50 +0900
X-Gmail-Original-Message-ID: <CAGa2bXaaBazBKej3WJfwO-Njf9GUOqxF=K9QfdwNFtU4iwepZA@mail.gmail.com>
Message-ID: <CAGa2bXaaBazBKej3WJfwO-Njf9GUOqxF=K9QfdwNFtU4iwepZA@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: PHP 7.1RC3+HTTPS+WordPress = No admin page access
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

Hi all,

PHP 7.1RC3+HTTPS+WordPress does not allow admin pages access somehow. You'll get

Sorry, you are not allowed to access this page

for admin pages.
PHP 5.6 works fine, not sure about 7.0.

You can use local self signed certificate https server and fresh
WordPress 4.6.1 install to reproduce this by ignoring TLS warning.
Install with "https://" URL or change "http://" site URL to "https://"
after installation.

It seems "https://" site URL revokes all permissions. (
$_wp_menu_nopriv is set for admin account somehow ) It works as long
as site URL is "http://".

Regards,

P.S. I didn't look into, but JetPack and Google's AdSense plugin seems
to have problem(s) with PHP 7.1. PHP 7.0.11/7.1.0 have additional
errors also.
https://bugs.php.net/bug.php?id=73238

Use 302 or 307 redirect, i.e. Do not use 301, if you would like to
redirect all http traffic to https for testing  purpose. Otherwise,
your browser remembers https usage. This makes test difficult. You
don't need redirect setting to reproduce this.

--
Yasuo Ohgaki
yohgaki@ohgaki.net