I had deployed one copy of w3pw which was working fine. Then a different department asked me to set them up with their own copy and that seemed to work fine as well. When I tried logging into both of them at once, though, one of them would only display gibberish. I imagine the problem is that they use the same session data and the one can't decrypt the data.
I've fixed this by adding a few lines of PHP to the main.php file to verify that only one copy is running. The code looks like this, if anyone is interested:
---- from include/config.php ----
// The page titles (default: w3pw)
$title="My Custom Title";
---- end of config.php edits ----
---- from main.php----
<body>
<?php
global $title;
if(isset($_SESSION['safetydance']) && $_SESSION['safetydance'] != $title)
{
echo "You must log out of your other w3pw session before accessing this one!<p>\n";
exit;
}
...
...
// delete cleartext pw in memory
unset($cleartext_pw);
$_SESSION['version']=$entries->version;
$_SESSION['safetydance']=$title;
}
---- end of main.php edits ----
I used $title since I had already replaced the conventional titles with $title to help me keep track of which copy I was using. It could also be done with some random number generation or by using separate cookies but this seemed to be the quickest fix at the time.
I guess if anyone else stumbles upon this problem and would like a more eloquent solution, I'd be willing to throw something together. But I don't imagine there's enough demand for it now to warrant it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I had deployed one copy of w3pw which was working fine. Then a different department asked me to set them up with their own copy and that seemed to work fine as well. When I tried logging into both of them at once, though, one of them would only display gibberish. I imagine the problem is that they use the same session data and the one can't decrypt the data.
I've fixed this by adding a few lines of PHP to the main.php file to verify that only one copy is running. The code looks like this, if anyone is interested:
---- from include/config.php ----
// The page titles (default: w3pw)
$title="My Custom Title";
---- end of config.php edits ----
---- from main.php----
<body>
<?php
global $title;
if(isset($_SESSION['safetydance']) && $_SESSION['safetydance'] != $title)
{
echo "You must log out of your other w3pw session before accessing this one!<p>\n";
exit;
}
...
...
// delete cleartext pw in memory
unset($cleartext_pw);
$_SESSION['version']=$entries->version;
$_SESSION['safetydance']=$title;
}
---- end of main.php edits ----
I used $title since I had already replaced the conventional titles with $title to help me keep track of which copy I was using. It could also be done with some random number generation or by using separate cookies but this seemed to be the quickest fix at the time.
I guess if anyone else stumbles upon this problem and would like a more eloquent solution, I'd be willing to throw something together. But I don't imagine there's enough demand for it now to warrant it.