Dear all,
I am a real PhpBB 3.0 fan and I have to report a serious issue with sessions / cookie management.
Phpbb 3.0 has been running fine during three months.
Suddently users complained that PhpBB was frequently disconnecting.
Then I modified cookie name and path in PhpBB admin panel.
I seached cookies on the server and was not able to find server-side cookies.
Users wrote me that normal users had access to the admin panel.
Okay I disconnecter the board.
Now how can I make sure that all cookies/sessions have expired?
How can I clean a PhpBB installation when changing cookie information.
Also, I read : http://www.phpbb.com/bugs/phpbb3/ticket ... t_id=18025
Did it cause the bug?
This is issue :
http://www.phpbb.com/bugs/phpbb3/ticket ... t_id=23045
Now what should I do?
Install PhpBB 3.0 svn?
kind regards,
Jean-Michel
PhpBB 3.0 cookie management
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
-
Prince of area51
- Registered User
- Posts: 133
- Joined: Mon Jun 27, 2005 8:46 pm
- Location: Manchester, UK
- Contact:
Re: PhpBB 3.0 cookie management
Its not the perfect place to ask because this forum is for the development purposes. You will get more support if you ask in 3.0.x Support Forum.
I also do not think you should run the SVN version of phpBB because that code might have some other bugs as that code is work in progress. What I've done is gone through the commit and found the change that fixed the problem. Apply this small edit and hopefully it should solve your problem (if it was related to that bug). If it still doesn't work you would ask your webhost whether they made any updates to your webhosting account.
OPEN:
FIND:
REPLACE WITH:
Hope this helps.
I also do not think you should run the SVN version of phpBB because that code might have some other bugs as that code is work in progress. What I've done is gone through the commit and found the change that fixed the problem. Apply this small edit and hopefully it should solve your problem (if it was related to that bug). If it still doesn't work you would ask your webhost whether they made any updates to your webhosting account.
OPEN:
Code: Select all
/includes/session.phpCode: Select all
header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);Code: Select all
header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);Re: PhpBB 3.0 cookie management
Thanks. I already have this value in code. Are you sure this is an SVN fix?