MantisBT - Piwigo
View Issue Details
0001452Piwigoauthenticationpublic2010.02.22 00:152010.02.23 19:46
plg 
plg 
normalfeatureN/A
closedfixed 
2.0.8 
2.0.92.0.9 
any
Apache 1.3.x
0001452: check cookies on login form
Currently, when cookies are disabled, Piwigo returns no error, you just don't get connected. It's very annoying and I see more and more users disabling their cookies (I don't understand why).

I'm thinking about adding the session_id in the POST data to identification.php and check if it is present and equal to the one in $_COOKIES['pwg_id'].
No tags attached.
Issue History
2010.02.22 00:15plgNew Issue
2010.02.22 00:15plgStatusnew => assigned
2010.02.22 00:15plgAssigned To => plg
2010.02.22 00:15plgbrowser => any
2010.02.22 00:15plgWeb server => Apache 1.3.x
2010.02.23 16:50svnCheckin
2010.02.23 16:50svnNote Added: 0003435
2010.02.23 16:51plgNote Added: 0003436
2010.02.23 16:52svnCheckin
2010.02.23 16:52svnNote Added: 0003437
2010.02.23 16:55plgStatusassigned => closed
2010.02.23 16:55plgResolutionopen => fixed
2010.02.23 16:55plgFixed in Version => 2.0.9
2010.02.23 19:46svnCheckin
2010.02.23 19:46svnNote Added: 0003439

Notes
(0003435)
svn   
2010.02.23 16:50   
[Subversion] r4955 by plg on branch 2.0

-----[Subversion commit log]----------------------------------------------------
bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.
(0003436)
plg   
2010.02.23 16:51   
As suggested by nicolas, it was useless to transmit the session id in POST. A simple check on $_COOKIE[session_name()] is enough (and avoid to make templates like gally or simple incompatible with Piwigo 2.0.9)
(0003437)
svn   
2010.02.23 16:52   
[Subversion] r4956 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
merge r4955 from branch 2.0 to trunk

bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.
(0003439)
svn   
2010.02.23 19:46   
[Subversion] r4958 by samli on branch 2.0

-----[Subversion commit log]----------------------------------------------------
bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.