Issue with FreeBSD hosted site where one keeps getting prompted to login on nvaigating to new page
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Triaged
|
Medium
|
Unassigned |
Bug Description
Issue: keep getting prompted to login
some of the later conversation about the issue:
<robertl> in htdocs/init.php we set up $USER
<robertl> then hit the auth_setup() function
<rellwood> what file does auth_setup() live in?
<robertl> htdocs/auth/lib.php
<rellwood> WHAT THE...? It suddenly and mysteriously started working!
<rellwood> I added a trivial line in lib.php: log_debug(
<rellwood> and as I click around it's not asking me to login anymore.
<robertl> ok sounds like one of the log_debug() calls is setting things correctly to session so the session exists
<rellwood> what the heck?
<robertl> I suspect if you remove the log_debug() lines the session issue will come back
<robertl> it's forcing the staring of a session
<rellwood> This is in auth/lib.php, around line 396: log_debug(
<robertl> yeah there is a bit in lib/errors.php that check to see if session doesn't exist and starts it
<robertl> for the debugging output
<robertl> this bit: if (!$SESSION && function_
<robertl> require_
<robertl> $SESSION = Session:
<robertl> }
<rellwood> Yes, that's confirmed. I removed the other log_debug lines except that one: still works. Removed that one: doesn't work. put it back: works again
<robertl> so ok we know mahara will work on your system if the session is started correctly
<robertl> so now we need to know why it isn't
<rellwood> exactly.
So this is where we are at - the session does not seem to be restarted correctly unless we add a log_debug() line in auth_setup() function - which restarts the session if it is not started.
I suspect either the session is started correctly but then is destroyed before reaching auth_setup() or the session is not started correctly in htdocs/init.php
Changed in mahara: | |
status: | New → Triaged |
importance: | Undecided → Medium |
It seems that the "fix" of adding log_debug( $USER-> get('sessionid' )); to auth/lip.php only affected the admin account. When I tried creating other users, they found they had to sign in again after every page. Not that that was a real fix anyway.