[dev] Session issues since php 7.2

Ralf Lang lang at b1-systems.de
Fri Jan 11 13:38:07 UTC 2019


Hi,

Am 11.01.19 um 14:19 schrieb SSRI:
>
> Ralf Lang <lang at b1-systems.de> a écrit :
>
>> Hi,
>>
>> if I understand http_login script correctly, it assumes if you got
>> behind the http-level auth using the auth header, the supplied auth_user
>> and auth_pw must be valid to login in.
>>
>> This is similar to using the auto driver and providing
>> $_SERVER['PHP_AUTH_USER'] as username,
>> $_SERVER['PHP_AUTH_PW'] as password.
>>
>> Do you experience the same issues in a lab environment using the
>> original, unmodified http_login?
>>
>
> No. Unmodified http_login works fine ( using it as alternate login ).
>
> Moved Horde_Registry::appInit piece of code at the beginning of
> customized alternate login page ( before code retrieving credentials )
> and works fine now.
>
> Never had issue with previous Horde_Registry::appInit location inside
> customize code. Do you think this could come from PHP 7.2 that
> introduced some changes in session handling ?
>
>>
Can't rule this out without looking deeper into it. Are you using the
default php session handler or some other backend?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pEpkey.asc
Type: application/pgp-keys
Size: 1757 bytes
Desc: not available
URL: <https://lists.horde.org/archives/dev/attachments/20190111/88f7c07e/attachment.bin>


More information about the dev mailing list