Re: [Phplib-users] is phplib compatible with Apache 2.0?
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] is phplib compatible with Apache 2.0?
|
From: Nathaniel P. <np...@te...> - 2005-06-25 00:08:05
|
Fabrizio Ermini wrote: >Hi! > >Is there still someone around here? :-) > >After all these years I continue to use my dear library (with pre-php4 >session). Until lately I didin't have any problem. >But I've a couple installation made under apache 2.0 (that's starting to be >the default on many recent distros) that give me serious trouble: >it appears that erratically it happens some sort of "server side session >hijacking": a user logs in and "inherits" session data of a DIFFERENT user >that it's logged at the same time. This is quite rare, but not so much to >be explained with an MD5 collision! >The subject of this post refers to Apache 2 because that is the fact that >those two installations have in common. I've never seen something like this >in a apache 1.3.x installation. > >Is there anybody that can share come thought on this? Should I upgrade to >session4? Downgrading Apache version seem quite difficult to do. > > Although I have no idea what's causing the problem (and Apache versions /shouldn't/ have anything to do with it) I'd recommend upgrading to session4, myself. Provided you didn't alter the existing session API, it should be a drop-in replacement. -- ___________________________ Nathaniel Price http://www.tesserportal.net Webmaster |
