Brion Vibber wrote:
Stephen Warren wrote:
It seems that there's a missing call to
session_start...
If I edit includes/SpecialUpload.php, class UploadForm, function
UploadForm (constructor) and add "session_start();" prior to first
referencing $_SESSION, then everything works just fine.
session_start() is called in Setup.php if a session cookie is present. Check if
you have a bogus session name or something.
OK. Here's the problem then:
session_start is only called from User::SetupSession (includes/User.php)
SetupSession is called in 3 scenarios:
1) includes/Setup.php *if* the user already has a valid session cookie,
to "restart" the session.
2) index.php *if* the users performs form action 'submit' on a page (or
at least, some kinds of pages)
3) in function wfSpecialUserlogin in includes/SpecialUserlogin.php,
which doesn't seem to be used anywhere.
Now, on my current test computer, I have never submitted an edit to the
wiki; I'm just trying to upload a new version of an image to test this.
As such, I don't already have a session cookie.
I think that SpecialUpload should be calling User::SetupSession(), to
ensure that there's a session cookie, just like index.php does upon page
submit.
Note: I actually have 3 test machines; 2 fail and 1 works. On the
working machine, the browser has been open a while, and I suppose must
have session cookie.
On a failing machine, I did a dummy edit on a page, so as to obtain a
session cookie, then retried the reupload, and everything worked.
Note: I'm running extensions/Auth_remoteuser.php to re-use HTTP AUTH in
the web server. I'm hoping that's not causing this problem?