Piwigo Bugtracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000458Piwigonavigationpublic2006.07.08 11:072008.01.28 17:05
Reporterchrisaga 
Assigned Tonikrou 
PriorityurgentSeverityblockReproducibilityalways
StatusclosedResolutionfixed 
Platformonline.frOSLinuxOS VersionDebian
Product Version1.6.0 
Target VersionFixed in VersionBSF branch (dev) 
Summary0000458: Cannot log due to broken session cookie when $_SERVER["PATH_INFO"] is empty or unset
Descriptionfound on online.fr platform.
$_ENV["REDIRECT_URL"] is set but $_SERVER["PATH_INFO"] is not.
The cookie_path functions set path in the cookie to $_SERVER['REDIRECT_URL']
It's something like "www.domain.tld/path" but should be like "/path"
or even better, according to some posts on php.net, like "/path/".

The wrong path prevent the cookie to be used for the session mecanism
so the login is successful but the user is redirected to the guest page.
Steps To Reproduce1) Install or upgrate to pwg 1.6.0 on a platform where
$_SERVER["PATH_INFO"] is empty or unset

2) try to log on
Additional InformationWe don't set any "domain" in the cookie.
I don't know if it's important.
TagsNo tags attached.
browserany
Database engine and version3.23.47-log
PHP version4.3.10-2
Web serverApache 1.3.x
Attached Files

- Relationships
related to 0000619closedrub Fonction cookie_path() renvoie une chaine vide. 
related to 0000509closed cookie_path = erreur si nom de domaine sans repertoire derriere 

-  Notes
(0001183)
chrisaga (developer)
2006.07.08 11:33

The variable $_SERVER['REDIRECT_SCRIPT_NAME'] hold a perfectly suitable
path when it's set (and not REDIRECT_URL like I wrote in my svn comment)

I added a trailing '/' but I don't know if it's realy mandatory

Fixed in trunk [Subversion] r1442 merged in branch 1.6 in [Subversion] r1443

I let Nicolas review this correction and close it.

- Issue History
Date Modified Username Field Change
2006.07.08 11:07 chrisaga New Issue
2006.07.08 11:07 chrisaga browser => any
2006.07.08 11:07 chrisaga MySQL version => 3.23.47-log
2006.07.08 11:07 chrisaga PHP version => 4.3.10-2
2006.07.08 11:07 chrisaga Web server => Apache 1.3.x
2006.07.08 11:33 chrisaga Status new => resolved
2006.07.08 11:33 chrisaga Fixed in Version => BSF branch (dev)
2006.07.08 11:33 chrisaga Resolution open => fixed
2006.07.08 11:33 chrisaga Assigned To => chrisaga
2006.07.08 11:33 chrisaga Note Added: 0001183
2006.07.08 11:36 plg Status resolved => assigned
2006.07.08 11:36 plg Assigned To chrisaga => nikrou
2006.07.08 11:36 plg Status assigned => resolved
2006.08.09 14:30 nikrou Relationship added related to 0000509
2008.01.28 17:05 mathiasm Relationship added related to 0000619
2008.01.28 17:05 mathiasm Status resolved => closed


Copyright © 2000 - 2015 MantisBT Team
Contact
Powered by Mantis Bugtracker