[pmwiki-users] UserAuth2 problems (wanted: help with broken session support)

ThomasP pmwikidev at sigproc.de
Wed Mar 28 04:11:47 CDT 2007


Hello all,

has anybody an idea why the session variables are sometimes not working as
expected. I had the same problem as we just came across again, but somehow
it worked in the end for me.

There seem to be some undocumented conditions in PHP which have to be
fulfilled for the session vars to work. BTW this has nothing to do with
wrongly set session save path (at least not in my case), since the data
was saved correctly into the session file. (I looked this up once.) Rather
data was not loaded correctly into the _SESSION array upon session
revival. (Quite a PHP bug one would say.)

(I used a hard workaround for a while to verify the userauth code by
writing my own session support and write-closing the array with an exit
handler, but this unfort'ly needs mods in the pmwiki engine. And clearly
it isn't the preferred choice of countering this problem.)

Thomas

> ThomasP ha scritto:
> > Hello Paolo,
> >
> > it seems to me that, since neither pwchange nor edit is allowed, you are
> > not really authenticated. (Because "admin" could do everything.) A
> > prominent latest reason for this in my case was that the session
variables
> > did not work as expected. (They were saved upon php exit, but somehow not
> > loaded into the _SESSION array on session_start.)
> >
> > Thus, can you do me the favour and try the following: At the beginning of
> > TryAccessingPage insert a
> >
> > echo "-" . $_SESSION['username'] . "-<br>\n";
> >
> > and see whether it really displays the user name ("admin" in this case).
> > If not, the session support is broken.
> >
> > Thomas
> >
> Thanks for your support Thomas,
> yes, the session support is broken :(
>
> $_SESSION['username'] is empty (the above echo echoes "--")
>
> Paolo
>





More information about the pmwiki-users mailing list