On Mon, Mar 21, 2005 at 01:27:29PM -0800, Brion Vibber wrote:
Jaroslaw Fedevych (UALUG wrote:
Yes, but why in mediawiki-1.3.11, I have the same
result when I'm using the
canonical edit form? Tokens just fail to match. As well as some users get
logged out right when they try to edit anything (cookies are ok on both
server and clients), but I cannot reproduce this.
Sounds like a failure of PHP's session data. Make sure this is set up
correctly; if you're on a server farm (such as SourceForge's project web
space) PHP may be incorrectly configured to save session data onto the
local hard drive where it won't be picked up by subsequent hits on other
servers.
Well, well... It seems to pass wsEditToken for some articles, while for others
it just fails to (I wrote a quick'n'dirty script which dumps the session).
I just don't know what can be reason for that. When you're calling editToken()
for the first time it generates the token and saves it in the session, while
upon subsequent calls it doesn't touch it. Truly, it is a mystery.
By the way, the script dumping the session does not use $_SESSION. It goes
directly where PHP puts session files and reads the one for current session.
Could it be so that session data is silently destroyed and some values restored
from cookies (I mean user login/password hash which stay there)?
--
X windows: Never had it. Never will.