#166 Disabled cookies == inability to login
A Debian user reported the following bug (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=357844). I don't know if it is feasible to fix it, but perhaps you can look into it.
If cookies are not enabled (either from the domain of the server running phppgadmin, or by default) then even if everything is configured correctly, a succesful login ends by taking you back out to the login screen.
phppgadmin should really check to make sure the client has cookies enabled and provide a warning message on the login screen if they are disabled.
This bug should probably be forwarded upstream. (I checked the latest upstream tarball, version 4.0.1, but it did not have a changelog and the SourceForge bug tracker had no open or closed bugs relating to cookies).
Hi Peter,
Thanks for the report.
However, this bug is not related to our cookie policy.
We just use cookies in our left object's browser tree for persistance, and in our unit tests. Both are external libraries (xloadtree and selenium) and do not deal with authentication.
The only place we work on $_COOKIE is to strip slashes from it if the magic_quotes_gpc is on. This problem is related to the php configuration that uses cookies to keep track of the SESSIONID. So if user are disabling cookies, php can't find their session anymore.
So we should either :
1/ add some more tips in our INSTALL/FAQ
2/ get the php session conf and if cookies are used for SESSIONID, check if they are enabled in the browser side
3/ try to give a better error message when login fail, giving tips about cookies
I would prefer 1 or 3.