[Mediawiki-l] Multiple wikis - dealing with cookies

[Joshua Yeidel]

On 3/29/06 10:28 AM, "Rob Church" <robchur at gmail.com> wrote:

> On 29/03/06, Sy Ali <sy1234 at gmail.com> wrote:
> 
>> Perhaps the cookies should be automatically named based on both the
>> database name and the tag name.
> 
> I have a vision of a page on Meta somewhere which details a workaround
> for this; it involves changing the session_name line somewhere.

Perhaps you are thinking of this:

    if ( $wgDBprefix ) {
        session_name( $wgDBname . '_' . $wgDBprefix . '_session' );
    } else {
        session_name( $wgDBname . '_session' );
    }

... Which is lines 120ff. of Setup.php in MW 1.5.6.

This seems to make it unnecessary to use $wgCookiePath in the case where
wikis are sharing the same database, and their tables are distinguished by
$wgDBprefix.  The session cookies will also be distinguished by $wgDBprefix.

But the situation may be a little more complex:

In 1.5.6, there are four cookies that are issued by MW: the PHP session
cookie, the UserID cookie, the Username cookie, and the Token cookie.  The
name of the PHP session cookie is qualified by the DBname and the DBprefix
(if any); the last three are qualified by the Dbname _only_, regardless of
the DBprefix.  (See User.php, function setCookies() , lines 1222 ff.) All
four have their path and domain set by $wgCookiePath and $wgCookieDomain,
respectively.

It appears to me that the main purpose of the three MW-specific cookies is
to cope when the PHP cookie does not behave as the wiki owner would like
(e.g., in hosting situations, where PHP session may not be supported at
all).  Therefore, a fix that just involves the PHP session cookie may work
in some environments, and break in others.

-- Joshua





> 
> 
> Rob Church
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at Wikimedia.org
> http://mail.wikipedia.org/mailman/listinfo/mediawiki-l