Piwigo Bugtracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001452Piwigoauthenticationpublic2010.02.22 00:152010.02.23 19:46
Reporterplg 
Assigned Toplg 
PrioritynormalSeverityfeatureReproducibilityN/A
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.0.8 
Target Version2.0.9Fixed in Version2.0.9 
Summary0001452: check cookies on login form
DescriptionCurrently, when cookies are disabled, Piwigo returns no error, you just don't get connected. It's very annoying and I see more and more users disabling their cookies (I don't understand why).

I'm thinking about adding the session_id in the POST data to identification.php and check if it is present and equal to the one in $_COOKIES['pwg_id'].
TagsNo tags attached.
browserany
Database engine and version
PHP version
Web serverApache 1.3.x
Attached Files

- Relationships

-  Notes
(0003435)
svn (reporter)
2010.02.23 16:50

[Subversion] r4955 by plg on branch 2.0

-----[Subversion commit log]----------------------------------------------------
bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.
(0003436)
plg (manager)
2010.02.23 16:51

As suggested by nicolas, it was useless to transmit the session id in POST. A simple check on $_COOKIE[session_name()] is enough (and avoid to make templates like gally or simple incompatible with Piwigo 2.0.9)
(0003437)
svn (reporter)
2010.02.23 16:52

[Subversion] r4956 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
merge r4955 from branch 2.0 to trunk

bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.
(0003439)
svn (reporter)
2010.02.23 19:46

[Subversion] r4958 by samli on branch 2.0

-----[Subversion commit log]----------------------------------------------------
bug 1452 fixed: check cookies are enabled in web browser and notify user
otherwise that she can't connect.

- Issue History
Date Modified Username Field Change
2010.02.22 00:15 plg New Issue
2010.02.22 00:15 plg Status new => assigned
2010.02.22 00:15 plg Assigned To => plg
2010.02.22 00:15 plg browser => any
2010.02.22 00:15 plg Web server => Apache 1.3.x
2010.02.23 16:50 svn Checkin
2010.02.23 16:50 svn Note Added: 0003435
2010.02.23 16:51 plg Note Added: 0003436
2010.02.23 16:52 svn Checkin
2010.02.23 16:52 svn Note Added: 0003437
2010.02.23 16:55 plg Status assigned => closed
2010.02.23 16:55 plg Resolution open => fixed
2010.02.23 16:55 plg Fixed in Version => 2.0.9
2010.02.23 19:46 svn Checkin
2010.02.23 19:46 svn Note Added: 0003439


Copyright © 2000 - 2015 MantisBT Team
Contact
Powered by Mantis Bugtracker