This is not necessarily a bug, but an annoyance. I am using the XOOPS 2.2 autologin hack on XOOPS 2.2.4 and it does work well. The only thing is it shows a PHP session id in the URL (on initial autologin) when I have the "session.use_trans_sid" set to off.
Is there anyway to adjust the hack so it does not do this?
It sounds a problem.
Quote:
The only thing is it shows a PHP session id in the URL (on initial autologin) when I have the "session.use_trans_sid" set to off.
Is it not a typo off->on ?
If PHP session id displayed in URL with "session.use_trans_sid off", tell me the version of PHP.
No I have it set to off. And it is registered as off in protector.
My PHP version is 4.4.2.
No custom sessions are off. The session id only shows at initial login, after that any page does not show the session id.
But after a period of idle time and you refresh the site you will get a login redirect (or even a login button sometimes) and the session id is again in the URL.
Hope I am making sense, You can test it at
www.tutorialmasters.com.Thanks.
OK. I've just found.
The session_id is added by redirect_header() in the core.
Thus, I have to modify the hack like this:
line 590 in include/autologin_main.php
// RMV-NOTIFY
// Perform some maintenance of notification records
$notification_handler =& xoops_gethandler('notification');
$notification_handler->doLoginMaintenance($user->getVar('uid'));
$_COOKIE[ session_name() ] = session_id() ;
redirect_header($url, 1, sprintf(_US_LOGGINGU, $user->getVar('uname')));
} else {
The archive will be updated tomorrow.
Thank you for reporting, jseymour!