Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#545 authentication doesn't persist

User_Authentication
closed
Reini Urban
5
2012-10-11
2006-07-17
Antonio Bonifati
No

Hi, I'm having problems with authentication in phpwiki
1.3.12p3.
Navigation works, but authentication does not persist:
on the first
request after a successfull authentication, all goes
well and the user is
signed and authenticated. But on the following requests
I am only signed
but not authenticated (even for ADMIN_USER).

I had a look at the client cookie named PhpWiki_WIKI_ID
and I'm wondering
why it expires immediately instead of expiring at quit
time or after a
while. I know there is:

COOKIE_EXPIRATION_DAYS = 365

into config.ini but it doesn't seem to be honored.

thanks a lot for helping

PS:
Some more details about my installation follows, if needed:

I'm using the default config.ini, just a copy of
config-dist.ini, except
for the following simple differences:

diff config.ini config-dist.ini

157c157
< ADMIN_USER = admin


;ADMIN_USER =
161c161
< ADMIN_PASSWD = "my encrypted password"


;ADMIN_PASSWD =
322c322
< CACHE_CONTROL = NO_CACHE


CACHE_CONTROL = LOOSE
378c378
< DATABASE_TYPE = SQL


DATABASE_TYPE = dba
406c406
< DATABASE_DSN =
"mysql://www:mydbpwd\1@unix(/tmp/mysql.sock)/phpwiki"


DATABASE_DSN =
"mysql://guest@unix(/var/lib/mysql/mysql.sock)/test"

I have apache-2.2.2, Php 5.1.4 and MySQL 5.0.22. Here
is what I changed
into php.ini:

diff php.ini php.ini-recommended

314c314
< memory_limit = 16M ; Maximum amount of memory a
script may consume
(8MB)


memory_limit = 8M ; Maximum amount of memory a
script may consume
(8MB)
579c579
< upload_tmp_dir = /tmp


;upload_tmp_dir =
949c949
< session.save_path = "/tmp"


;session.save_path = "/tmp"

I've also uncommented this into index.php:

// define('VIRTUAL_PATH', $_SERVER['SCRIPT_NAME']);

because otherwise I only get blank pages.

Discussion

  • Logged In: YES
    user_id=875057

    (quick fix)
    I found out that setting register_long_arrays to "on" into
    php.ini solved the problem.

    (suggested long term solution)
    The problem is not caused by a cookie that expires too early
    but with accessing session data in PHP5. Files:

    lib/Request.php
    lib/WikiUser/Session.php

    still use the deprecated $HTTP_SESSION_VARS array and don't
    support the auto global $_SESSION (available as of PHP 4.1.0).

    It would be nice if phpwiki authentication will work even
    with register_long_arrays = off, but I haven't tried to fix
    it and I don't know if there are other files to fix.

     
  • Reini Urban
    Reini Urban
    2007-06-07

    Logged In: YES
    user_id=13755
    Originator: NO

    Fixed with the latest release.

     
  • Logged In: YES
    user_id=1312539
    Originator: NO

    This Tracker item was closed automatically by the system. It was
    previously set to a Pending status, and the original submitter
    did not respond within 14 days (the time period specified by
    the administrator of this Tracker).