session, php.ini, session.hash_function = sha256
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| webtrees |
Fix Released
|
Low
|
fisharebest |
Bug Description
ref: forum, #19526
Login is in a loop (always renewing a login)
Cause: php.ini, session.
exceeds the session_id column length in our wt_session table.
Symptoms: webtrees is silent and does not generate any error messages or warnings
fisharebest (fisharebest) wrote : | #1 |
Changed in webtrees: | |
assignee: | nobody → fisharebest (fisharebest) |
Lex Oulu (lexoulu) wrote : | #2 |
I did a test, changed the length of from char(32) to char(128).
when session.
php.ini, session.
=> session.
eg. vlhao31rl8pp0vk
==> generates 32 char
php.ini, session.
=> session.
eg. e6p22gtfdr8ejs0
==> generates 52 char
php.ini, session.
=> session.
4uri9ipv69picau
==> generates 102 char
Table field length 128 seems to cover them both.
sha256 requiring 52 char was a small surprise to me, as I though 64 would be needed as shown in eg. http://
I suppose the session.
Lex Oulu (lexoulu) wrote : | #3 |
I did a test, changed the length of session_id column from char(32) to char(128).
Changed in webtrees: | |
status: | New → In Progress |
importance: | Undecided → Low |
Changed in webtrees: | |
status: | In Progress → Fix Committed |
fisharebest (fisharebest) wrote : | #4 |
Fix released in webtrees 1.2.7
Changed in webtrees: | |
status: | Fix Committed → Fix Released |
It would help if you could confirm the length of your generated session IDs.