[ postfixadmin-Feature Requests-2899733 ] add session test to setup.php
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
[ postfixadmin-Feature Requests-2899733 ] add session test to setup.php
|
From: SourceForge.net <no...@so...> - 2009-11-18 11:35:59
|
Feature Requests item #2899733, was opened at 2009-11-18 12:35 Message generated for change (Tracker Item Submitted) made by christian_boltz You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937967&aid=2899733&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: add session test to setup.php Initial Comment: I had to debug some problems with the session cookies in #postfixadmin over the last weeks . There were various reasons why it failed, for example: - chrooted apache on openbsd, and the session.safe_path (/tmp) did not exist in chroot - broken setting of session.cookie_path We should add a test to setup.php: (the code below needs some enhancements before it goes to setup.php) session_start(); $_SESSION['works'] = 1; header ('Location: session.php?sessiontest=' . session_id() ); and with sessiontest=1 set: session-start(); if ($_SESSION['works'] == 1) { echo "session works"; } elseif (session_id() != $_GET['session_id']) { echo "error with session cookie - does your browser allow cookies?"; } elseif ($_SESSION['works'] != 1) { echo "Session did not save data"; } else { echo "unknown session problem"; } The cookie check should also be implemented in login.php by adding the session id to a hidden field in the login form. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937967&aid=2899733&group_id=191583 |
