Hi!
I have a problem, tried to debug it, but no solution.
config: "Powered by Serendipity 1.2.1 and PHP 4.4.7" apache 1.3
When I log in, and try to preview a new entry, I got the login page in the iframe.
After the login, I got the $_SESSION['author_token'] right. But when I click Preview, in the iframe, it will be empty.
after login:
after the preview button:
This because a server setting I guess, but I cant figure it out.
I tried to play with phpvalue settings, but none of the combinations helped. Currently I use this in .htaccess:
DirectoryIndex /~roti/serendipity/index.php
php_value session.use_trans_sid 0
php_value register_globals off
php_value session.use_cookies 1
Looking forward a solution.
Thanx
Roti
_SESSION problem
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: _SESSION problem
Hi!
You always get a new author token, because when it is not set, s9y will create one for you.
Your problem happens because your server's PHP sessions are not properly utilized. Either becaues your session.save_path is wrong, or your browser rejects the cookie?
Regards,
Garvin
You always get a new author token, because when it is not set, s9y will create one for you.
Your problem happens because your server's PHP sessions are not properly utilized. Either becaues your session.save_path is wrong, or your browser rejects the cookie?
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
I was happy too early ...
with this settings, the preview is good, but I can't install new plugins.
When I click on "Install" next to a plugin,
this page flashs in:
Trying to open URL package_event_hu.xml...
Fetched 257066 bytes from already existing file on your server. Saving file as /www/chroot/home/roti/public_html/serendipity/templates_c/package_event_hu.xml...
Trying to open URL serendipity_event_mymood.php?rev=1.9999...
Fetched 30289 bytes from the URL above. Saving file as /www/chroot/home/roti/public_html/serendipity//plugins/serendipity_event_mymood/serendipity_event_mymood.php...
Data successfully fetched.
Trying to open URL lang_cs.inc.php?rev=1.9999...
Fetched 11430 b ...
and after that, I get the login screen. Actually I not logged out, because I can go back with the back button, and operate further ...
Ant the plugin not installed.
I try to investigate further, but any help would be good
with this settings, the preview is good, but I can't install new plugins.
When I click on "Install" next to a plugin,
this page flashs in:
Trying to open URL package_event_hu.xml...
Fetched 257066 bytes from already existing file on your server. Saving file as /www/chroot/home/roti/public_html/serendipity/templates_c/package_event_hu.xml...
Trying to open URL serendipity_event_mymood.php?rev=1.9999...
Fetched 30289 bytes from the URL above. Saving file as /www/chroot/home/roti/public_html/serendipity//plugins/serendipity_event_mymood/serendipity_event_mymood.php...
Data successfully fetched.
Trying to open URL lang_cs.inc.php?rev=1.9999...
Fetched 11430 b ...
and after that, I get the login screen. Actually I not logged out, because I can go back with the back button, and operate further ...
Ant the plugin not installed.
I try to investigate further, but any help would be good
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Your ini_set method actually only bypassed the problem so that serendipity puts the session ID into the URL. Serendipity does not like that, it wants the session id in your cookie.
So your PHP is still not utilizing Cookie Sessions. Make sure session.save_path points to a proper directory.
Regards,
Garvin
Your ini_set method actually only bypassed the problem so that serendipity puts the session ID into the URL. Serendipity does not like that, it wants the session id in your cookie.
So your PHP is still not utilizing Cookie Sessions. Make sure session.save_path points to a proper directory.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
I use this:
ini_set("session.save_path","/www/chroot/home/roti/session");
and I can see the sessions:
[root@elod session]# ls -la /www/chroot/home/roti/session
total 16
drwxrwxr-x 2 roti www 4096 Feb 15 14:31 .
drwxr-x--x 13 roti roti 4096 Feb 15 14:30 ..
-rw------- 1 www www 37 Feb 15 14:31 sess_7c8fda3f88c0e3080dabd9f8bb15a004
-rw------- 1 www www 37 Feb 15 14:31 sess_d4c248793bae9a685f5f1f8c13d4e908
[root@elod session]#
[root@elod session]# cat *
SERVER_GENERATED_SID|b:1;no_smarty|N;SERVER_GENERATED_SID|b:1;no_smarty|N;[root@elod session]#
[root@elod session]#
In the other hand, there is a session in /tmp too:
/tmp/sess_8a49f44663d491017eeee7c370582261
SERVER_GENERATED_SID|b:1;serendipityLanguage|s:2:"hu";author_token|s:40:"92df7729e6f5103860933de6b68b26cb928d0202";serendipityUser|s:4:"roti";s
erendipityRealname|s:14:"Hrotkó Gábor";serendipityPassword|s:32:"7dfe1860c98ee42e7907271c0e408acf";serendipityEmail|s:15:"roti@myserver";sere
ndipityAuthorid|s:1:"1";serendipityUserlevel|s:3:"255";serendipityAuthedUser|b:1;serendipityRightPublish|s:1:"1";no_smarty|N;
what should I set to make it work?
ini_set("session.save_path","/www/chroot/home/roti/session");
and I can see the sessions:
[root@elod session]# ls -la /www/chroot/home/roti/session
total 16
drwxrwxr-x 2 roti www 4096 Feb 15 14:31 .
drwxr-x--x 13 roti roti 4096 Feb 15 14:30 ..
-rw------- 1 www www 37 Feb 15 14:31 sess_7c8fda3f88c0e3080dabd9f8bb15a004
-rw------- 1 www www 37 Feb 15 14:31 sess_d4c248793bae9a685f5f1f8c13d4e908
[root@elod session]#
[root@elod session]# cat *
SERVER_GENERATED_SID|b:1;no_smarty|N;SERVER_GENERATED_SID|b:1;no_smarty|N;[root@elod session]#
[root@elod session]#
In the other hand, there is a session in /tmp too:
/tmp/sess_8a49f44663d491017eeee7c370582261
SERVER_GENERATED_SID|b:1;serendipityLanguage|s:2:"hu";author_token|s:40:"92df7729e6f5103860933de6b68b26cb928d0202";serendipityUser|s:4:"roti";s
erendipityRealname|s:14:"Hrotkó Gábor";serendipityPassword|s:32:"7dfe1860c98ee42e7907271c0e408acf";serendipityEmail|s:15:"roti@myserver";sere
ndipityAuthorid|s:1:"1";serendipityUserlevel|s:3:"255";serendipityAuthedUser|b:1;serendipityRightPublish|s:1:"1";no_smarty|N;
what should I set to make it work?
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
I think you should set the session.save_path in your vhost config, not inside a PHP script. That might be too late.
Also check the HTTP headers you receive in your browser to see if the Session-ID fluctuates. Use a tool like LiveHTTPHeader or Firebug.
Regards,
Garvin
I think you should set the session.save_path in your vhost config, not inside a PHP script. That might be too late.
Also check the HTTP headers you receive in your browser to see if the Session-ID fluctuates. Use a tool like LiveHTTPHeader or Firebug.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
I set this:
php_value session.save_path "/www/chroot/tmp"
in the server's conf
I can see all the sessions in that directory.
I inspected the headers, but I don't see any error:
http://al.pmmf.hu/~roti/headers.txt
The session and cookie numbers are the same.
This is the method inspecting the headers:
Login/new entry/preview
php_value session.save_path "/www/chroot/tmp"
in the server's conf
I can see all the sessions in that directory.
I inspected the headers, but I don't see any error:
http://al.pmmf.hu/~roti/headers.txt
The session and cookie numbers are the same.
This is the method inspecting the headers:
Login/new entry/preview
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
In your headers.txt you can see that your browser does not submit the "PHPSESSID" cookie string! It always only submits other variables, but never PHPSESSID.
The last call should look like this:
You can also see from your output that PHP *NEVER* sets a Set-Cookie: PHPSESSID variable.
This can only happen if your PHP does not utilize Cookie sessions. Check all your php.ini cookie.* settings, there must be something wrong with the PHP setup.
Regards,
Garvin
In your headers.txt you can see that your browser does not submit the "PHPSESSID" cookie string! It always only submits other variables, but never PHPSESSID.
The last call should look like this:
Code: Select all
GET /~roti/serendipity/serendipity_admin.php?serendipity[is_iframe]=true&serendipity[iframe_mode]=preview HTTP/1.1
Referer: http://myserver/~roti/serendipity/serendipity_admin.php?
Cookie: PHPSESSID=9ff9e955ce1aa1780aa5eaef25785d65
Cookie: serendipity[old_session]=9ff9e955ce1aa1780aa5eaef25785d65; serendipity[userDefLang]=hu; serendipity[author_token]=4529f9b411aca97c3e332d946b5214adfada04b4
This can only happen if your PHP does not utilize Cookie sessions. Check all your php.ini cookie.* settings, there must be something wrong with the PHP setup.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Finally, I got the final solution.
I got this in apache config:
<IfModule mod_userdir.c>
UserDir /www/chroot/home/*/public_html
UserDir disabled root
<Directory /www/chroot/home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Options
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
</Directory>
php_admin_value open_basedir "/www/chroot/home/:/usr/local/lib/php/:/tmp/"
php_value session.save_path "/www/chroot/tmp"
</IfModule>
and in my public_html/.htaccess:
php_value session.use_trans_sid 0
php_value register_globals off
php_value session.use_cookies 1
php_value session.use_only_cookies 1
Now everything works so fine!
Yes, it was a server misconfig, so I thank you very much for your patient.
Now I will have time on hungarian translation.
I got this in apache config:
<IfModule mod_userdir.c>
UserDir /www/chroot/home/*/public_html
UserDir disabled root
<Directory /www/chroot/home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Options
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
</Directory>
php_admin_value open_basedir "/www/chroot/home/:/usr/local/lib/php/:/tmp/"
php_value session.save_path "/www/chroot/tmp"
</IfModule>
and in my public_html/.htaccess:
php_value session.use_trans_sid 0
php_value register_globals off
php_value session.use_cookies 1
php_value session.use_only_cookies 1
Now everything works so fine!
Yes, it was a server misconfig, so I thank you very much for your patient.
Now I will have time on hungarian translation.