View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004683 | OXID eShop (all versions) | 4.02. Session handling | public | 2012-11-05 13:27 | 2018-12-05 14:57 |
Reporter | alfonsas_cirtautas | Assigned To | |||
Priority | high | Severity | minor | Reproducibility | always |
Status | closed | Resolution | unable to reproduce | ||
Product Version | 4.7.0_5.0.0_RC2 | ||||
Summary | 0004683: PHP Warning is produced when session cookies are disabled and form with empty force_sid is submitted | ||||
Description | When session cookie usage is disable in config.inc.php using $this->blSessionUseCookies = false and production server is misconfigured (showing errors/warnings to users, instead of log) user can get a Warning. It is just a warning, shop functionality is not broken by this issue. | ||||
Steps To Reproduce | Disable cookie usage in config.inc.php $this->blSessionUseCookies = false; Try to Login with clean browser (no previous shop sessions or cookies) Warning: session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in .../core/oxconfig.php on line 902 | ||||
Additional Information | Fixes can be applied to several places, oxconfig::getShopId() and oxsession::hiddenSid() | ||||
Tags | Cookies | ||||
Theme | Not defined | ||||
Browser | All | ||||
PHP Version | Not defined | ||||
Database Version | Not defined | ||||