Hi,
I'm struggling with a session bug that apparently no one can reproduce - so it's low priority. It's really annoying though!
Can anyone else reproduce it?
To reproduce:
-You must have register globals on
-Have the Users login block active on your homepage
-Login, go to Admin -> Settings -> Security options, then set 'Duration until users become inactive' to 1 minute (this just speeds things up).
-Now logout, and wait over 1 minute.
-Refresh the homepage.
Do you see a 'Session initialisation failed' message in the Users login block? What version of PHP are you using?
I have a good idea of the order of events, but don't know why it happens. When this occurs when you are logged in, you get a nice neat message telling you that your session expired, rather than this mess...
Thanks for any help
Watch
GitHub Core
Show your support for Zikula! Sign up at Github account and watch the Core project!
GitHub Modules
Forum Activity
- mazdev responded to »Hide "Register new account" and change template to 3 col« 07:50 AM
- mesteele101 created topic »Zikula 1.3.3 - Site Search 1.5.2 - Unable to turn off plug-ins« 07:48 AM
- internetking created topic »password problem« 25. May
- mesteele101 responded to »ERR (3): E_USER_ERROR: Smarty error: [in pagesvar:pagesitem2en line XXX]…« 25. May
- mazdev responded to »Pages 2.5.0 and updating - Page not found« 25. May
- mesteele101 responded to »Zikula 1.3.3 - Selecting a category in Pages not working« 25. May
- mdee created topic »How to implement returnpage ?« 25. May
Zikula Blog
- Anatomy of Open Source Projects on Mar 07
- Continuous Review on Mar 01
- Not Invented Here on Feb 24
- How to Contribute Your Code at Github on Jan 13
- 10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
- Submitting Bug Report Tickets That Get Results on Aug 17
- Cozi Tricks #1: Syntax Highlighting on Aug 07
Login
Session init fails bug help
-
- Rank: Registered User
- Registered: Jan 28, 2007
- Last visit: Apr 16, 2009
- Posts: 43
Posted: Mar 17, 2007 - 11:57 PM
-
- Rank: Software Foundation
- Registered: Jul 21, 2001
- Last visit: May 31, 2010
- Posts: 624
Posted: Mar 18, 2007 - 09:57 PM
Just to let you know I'm following the thread. This is .8 specific. I'd be keen to see if this is PHP version related and upping to 4.3.3 or higher may solve the problem although we do not recommend 0.8 on PHP less than 4.3.11 I believe (although saying that some enterprise linux version run lower PHP version but are still patched to incorporate the latest security fixes - since they dont have the new features they are numbered a.b.c-x)
Drak
--
Zikula Lead Developer
Board Member of the Zikula Foundation
Follow me on twitter.com/zikuladrak -
- Rank: Team Member
- Registered: Jan 02, 2003
- Last visit: Oct 21, 2009
- Posts: 800
Posted: Mar 19, 2007 - 04:00 AM
Quote
-You must have register globals on
Stop.
There is no need for register_globals on in PostNuke, the baseline security analyzer warns you if it detects this setting (both in .764 and .8). If this solves your problem, turn it off.
--
"He is not dangerous, he just wants to play...." -
- Rank: Registered User
- Registered: Jan 28, 2007
- Last visit: Apr 16, 2009
- Posts: 43
Posted: Mar 19, 2007 - 04:46 AM
Yes, but I don't have the option to turn it off, otherwise I would.
So I thought I'd try and chase this up on behalf of those that can't turn it off. PN should function correctly with it on, no? If it's not meant to, then fair enough...
- Moderated by:
- Support
