Re: [Phpgroupware-developers] Remote login

phpgroupware-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-developers] Remote login

From:	Dave Hall
Subject:	Re: [Phpgroupware-developers] Remote login
Date:	Wed, 25 Sep 2002 22:23:43 +1000

Hey Zone,

Thanks for the info ... but it is .14 latest cvs.  I had a look through
things, and I think i have found the culprit.  You are right it is a
cookie issue.  I use php4 sessions.  My domain is a subdomain of a ccTLD
(ie myserver.mydomain.com.au).

I noticed skeeter applied a patch to the php4 sessions class, 9 days ago.  

On IE I set cookies to prompt, but when trying to login it was not
trying to set any cookies, so I thought i would check what Mozilla and
Netscape 4.7x were doing.  Surprisingly on Mozilla 1.1 (Windoze98) it is
prompting to accept cookies from domain ".com.au", N4.79 reports the
same thing.  If those cookies are accepted it allow the login.

I have tested this and posted it as a patch on savannah (allocated to
skeeter), it doesn't completely comply with the guidelines ... but I was
in a hurry.  Here is the code if anyone is interested:
class.sessions_php4.inc.php lines 284-288 replaced with this:
                        if (count($parts) > 2)
                        {
                                if(strlen($parts[count($parts)-1]) == 2) // for 
ccTLD names
                                {
                                        $this->cookie_domain =
'.'.$parts[count($parts)-3].'.'.$parts[count($parts)-2].'.'.$parts[count($parts)-1];
                                }
                                else
                                { 
                                        $this->cookie_domain =
'.'.$parts[count($parts)-2].'.'.$parts[count($parts)-1];
                                }
                        }

Or see patch the patch:
https://savannah.gnu.org/patch/index.php?func=detailpatch&patch_id=537&group_id=509

Cheers

skwashd

Jason Wies <address@hidden> wrote:

> Assuming you're using HEAD, then this is probably a problem with 
> the session changes I made.  Since your report is browser 
> specific, it might be a cookie problem.  First of all, go to 
> http://yourhost.com/phpgroupware/setup/ and complete the API 
> upgrade.  Chances are very high that will fix it.  If not, fill in 
> the info below.
> 
> Session type: db or php4
> Using cookies?:
> Check IP address for sessions?:
> Timeout for sessions (listed in /setup/)?:
> Timeout for application session data (listed in /setup/)?:
> Output of "SELECT * FROM phpgw_config WHERE config_name LIKE 
> '%session%'"Database: MySQL or Postgres or ...
> Version that is displayed in login box?:
> 
> Jason Wies aka Zone
> 
> On Wed, Sep 25, 2002 at 05:05:26AM +0000, Bob Crandell wrote:
> > A little more info:  Using IE and Opera doesn't work.  Using 
> Mozilla and Galeon
> > does work.
> > 
> > Dave Hall (address@hidden) wrote*:
> > >
> > >Bob,
> > >
> > >This is strange.  I tested on the LAN last nite after running a cvs
> > >update and it all worked fine.  But now trying external access 
> it don't
> > >work.  No error nothing ... just no access :(
> > >
> > >Will try to look into it.  I am at uni and they run a fascist 
> firewall> >so I can't access my logs until late tonight my time 
> (GMT+10).> >
> > >If you figure it out please let me know.
> > >
> > >Cheers
> > >
> > >skwashd
> > >
> > >Bob Crandell <address@hidden> wrote:
> > >
> > >> Hi,
> > >>
> > >> I did a CVS update yesterday and now noone can log in from
> > >> outside.  The LAN side
> > >> still works.  I tried turning on and off using cookies and
> > >> verifying sessions.  No
> > >> joy.  That's all I know to do.
> > >>
> > >> What do I do next?
> > >>
> > >> Slackware
> > >> Apache
> > >> MySQL
> > >>
> > >> Thanks
> > >> --
> > >> Bob Crandell
> > >> Assured Computing
> > >> When you need to be sure.
> > >> Voice 541-689-9159
> > >> FAX   240-371-7237
> > >> address@hidden
> > >> www.assuredcomp.com
> > >> Eugene, Or. 97402
> > >>
> > >>
> > >>
> > >>
> > >> _______________________________________________
> > >> Phpgroupware-developers mailing list
> > >> address@hidden
> > >> http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
> > >>
> > >
> > --
> > Bob Crandell
> > Assured Computing
> > When you need to be sure.
> > Voice 541-689-9159
> > FAX   240-371-7237
> > address@hidden
> > www.assuredcomp.com
> > Eugene, Or. 97402
> > 
> > 
> > 
> > 
> > _______________________________________________
> > Phpgroupware-developers mailing list
> > address@hidden
> > http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
> 
> 
> _______________________________________________
> Phpgroupware-developers mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>

dave.hall.vcf
Description: Card for <dave.hall@mbox.com.au>

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-developers] Remote login, Bob Crandell, 2002/09/24
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/24
- Re: [Phpgroupware-developers] Remote login, Bob Crandell, 2002/09/25
  - Re: [Phpgroupware-developers] Remote login, Jason Wies, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall <=
- Re: [Phpgroupware-developers] Remote login, Bob Crandell, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Bob Crandell, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Dave Hall, 2002/09/25
- Re: [Phpgroupware-developers] Remote login, Bob Crandell, 2002/09/26

Prev by Date: Re: [Phpgroupware-developers] Remote login
Next by Date: [Phpgroupware-developers] Everyone developing phpGW needs to read this
Previous by thread: Re: [Phpgroupware-developers] Remote login
Next by thread: Re: [Phpgroupware-developers] Remote login
Index(es):
- Date
- Thread