Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Login cookie change from 1.3.3 to 1.4.10  (Read 3480 times)

0 Members and 1 Guest are viewing this topic.

outdoorresearch

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Login cookie change from 1.3.3 to 1.4.10
« on: May 16, 2007, 09:37:51 pm »
We recently upgraded from 1.3.3 to 1.4.10. It appears that the method of knowing whether a user is logged in or not has changed. In 1.3.3, there were two cookies set (cpg133_uid and cpg133_pass) when a user logged in. By setting these cookies, I could basically "force" a specific user to be "logged in" without having to go through the Coppermine login screen. In 1.4.10, this does not seem to work anymore.

Does anyone know how Coppermine maintains user login status in 1.4? Is it done through a PHP session now rather than cookies?
Logged

Nibbler

  • Guest
Re: Login cookie change from 1.3.3 to 1.4.10
« Reply #1 on: May 16, 2007, 09:58:10 pm »
It's done using a single session (not php sessions) cookie. See bridge/coppermine.inc.php
Logged

outdoorresearch

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Re: Login cookie change from 1.3.3 to 1.4.10
« Reply #2 on: May 17, 2007, 01:27:21 am »
Thanks for the reply. It appears that the way 1.4.10 handles logins is quite a bit differently than 1.3.3 . It was nice in 1.3.3 to be able to just set two cookies and be logged in. Now there is interaction with a record in the session table which requires a bit more manuvering to get around.
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.026 seconds with 20 queries.