Can't login if there are multiple cookies for the server
Status: Inactive
Brought to you by:
bantik
Menu
▾
▴
#1 Can't login if there are multiple cookies for the server
I have WebGUI as well as Projectory installed on our Apache
Server. The WebGUI system places a cookie at / of our
server with "wgSession" as the cookie name. Projectory
also places a cookie at /projectory/ with the name "token".
Projectory doesn't remember logins if there is more than one
cookie returned when the cookies are retrieved. e.g. you
login and then it takes you right back to http://
SERVER_NAME/projectory/projectory.cgi?
command=showTaskPad&authtoken=XXXX and ignores your
login.
The fix is probably to improve the Regex in decryptCookie so
that it doesn't suck up the other cookies that might be
included. Cookies are separated by semi-colons, so this
Regex should fix the problem:
OLD:
$_encrypted =~ s/^token\=(.+)//i;
FIXED:
$_encrypted =~ /token=(\w+)/i;
$_encrypted = ;
I made this change and it works fine now.
Thank you. We look forward exploring this product.
Mark Alway, always@u.washington.edu
Logged In: YES
user_id=575649
Nice catch, Mark! I'll make an incremental release next week with your
fix.
Logged In: YES
user_id=986151
Projectory works great on my laptop, even with Mac OS X 10.28 and
mySQL 3.23.51-entropy.ch, however, I experience the same login
problem -- but the current line of code looks different from what was
previously posted.
CURRENT CODE:
$_encrypted =~ s/^token\=(.+)//i;
I delete old cookies to get around it for now.
I don't know any Perl, so there may be an obvious fix, but changing
the code to the previous recommendation didn't work. Any
suggestions?
Thank you.
Logged In: YES
user_id=575649
Here's the fix that will be in 1.1. Find sub decryptCookie (line 3633) and
replace this:
my $_encrypted = $ENV{'HTTP_COOKIE'};
$_encrypted =~ s/^token\=(.+)//i;
with this:
my @_cookies = split(";",$ENV{'HTTP_COOKIE'});
my $_encrypted;
foreach my $_cookie (@_cookies) {
if ($_cookie =~ /^token\=.+/) {
$_encrypted = $_cookie;
$_encrypted =~ s/^token\=(.+)//i;
}
}
if (!($_encrypted)) { return ("error","error","error","error"); }
Logged In: YES
user_id=986151
Thank you for the fix. I modified it slightly, as follows, and everything
seems to work great. I will be testing it out this week.
My projectory.cgi's sub decryptCookie code had an extra '' in it and
looked like this:
my $_encrypted = $ENV{'HTTP_COOKIE'};
$_encrypted =~ s/^token\=(.+)//i;
so I modified the replacement code with an extra '', like this:
my @_cookies = split(";",$ENV{'HTTP_COOKIE'});
my $_encrypted;
foreach my $_cookie (@_cookies) {
if ($_cookie =~ /^token\=.+/) {
$_encrypted = $_cookie;
$_encrypted =~ s/^token\=(.+)//i;
}
}
if (!($_encrypted)) { return ("error","error","error","error");
}
Logged In: YES
user_id=986151
My last post doesn't display correctly. The extra characters that were
needed for it to work, were a dollar symbol and a numeral one
between the two forward slashes near the end of the following line in
both the old code and the new code
$_encrypted =~ s/^token\=(.+)//i;
Thank you.
Logged In: YES
user_id=162168
look at correction for bug 934458, it may also solve this one...