[Mediawiki-l] User can't stay logged in

Jonathan Pennington penningj at engr.orst.edu
Mon Feb 7 15:56:18 UTC 2005 

Brion,
Thank you so much. I started thinking that I was going crazy. I'll look 
into the session handling functions and see what I can do about 
security. I wonder why SF would have such security issues. I'll 
especially remember your advice about database passwords and session files.

Cheers,
-John

Brion Vibber wrote:
> Jonathan Pennington wrote:
> 
>> I'm trying to build a mediawiki page on the Sourceforge servers
>> (project: Pyarie). I've got the problem that whenever I log in, either
>> as an account or as WikiSysop, I can't stay logged in. If I go to
>> another page, it seems to log me out.
> 
> 
> Sourceforge's project web hosting provides very poor PHP support
> unfortunately. First, it's set up fairly insecurely, so remember that
> for instance any other Sourceforge user with a developer login can read
> your database password.
> 
> Regarding sessions in particuar: the project web hosting is on a cluster
> of several servers, and they do not by default share session files. This
> means that when you open a login session, and then go to another page,
> the second page is probably loaded from a different server which doesn't
> see your session data. Load another page, maybe you hit the first server
> again, maybe you don't.
> 
> You can create a directory in your project space and set the
> session.save_path configuration variable with ini_set() in your
> LocalSettings.php. This should allow sessions to work and be shared
> across servers, but note that other Sourceforge account holders will be
> able to read and probably write to your session data.
> 
> http://www.php.net/session
> http://www.php.net/ini_set
> 
> -- brion vibber (brion @ pobox.com)
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at Wikimedia.org
> http://mail.wikipedia.org/mailman/listinfo/mediawiki-l

-- 
JW Pennington	| My Mind Map:http://oregonstate.edu/~penningj/
Masters Student: Bioresource Engineering & Geosciences
Oregon State Univ., Wilkinson 017, Corvallis Or. 97331
     "A computer without windows is like a dog
         without bricks tied to its head."

More information about the MediaWiki-l mailing list