Hello.
As I've now seen sess_deleted files show up in the php
cache, it seems to be an issue with the sess_deleted php / IE bug.
If I run from cron pretty aggressively
find /var/spool/php -name '*deleted*' -print | xargs -I {} sh -c "ls
-lT {} | /var/qmail/bin/mailsubj "sess_deleted" [EMAIL PROTECTED]"
I detect the file. Maybe some IE users have the date badly set in
their hardware and IE doesn't do
the fall-back aged session deletion.
Can someone help me with the php workaround for squirrelmail to avoid this
and/or
recommend a solid version of php that does a better job of closing
out sessions?
As a quick ugly patch, if I just delete the sess_deleted file from
cron, the effective user would have to
log in again. Wouldn't they get a valid session token the second time around?
thanks.
John
At 05:12 PM 10/27/2005, Rafael Martinez wrote:
On Wed, 2005-10-26 at 14:16 -0500, Jonathan Angliss wrote:
[........]
>
> Would it be possible to perform a few tests? Open a browser on user A, go
> to the login page, login, see what cookies you have been assigned and find
> out the session id... make a note... restart the browser... rinse, repeat..
>
Hello Jonathan
I really think this has something to do with a problem we had in our
system some months ago. More information here:
http://sourceforge.net/mailarchive/message.php?msg_id=12715881
We patched our code so it does not use a SID with a value like 'deleted'
or not a 32 long char string and the problem is gone.
--
Rafael Martinez, <[EMAIL PROTECTED]>
Center for Information Technology Services
University of Oslo, Norway
PGP Public Key: http://folk.uio.no/rafael/
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
--
squirrelmail-users mailing list
Posting Guidelines:
http://www.squirrelmail.org/wiki/MailingListPostingGuidelines
List Address: [email protected]
List Archives:
http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
