Project

General

Profile

Actions
Copy link

Bug #19880

closed

Patch 10146 in Version 4.2.4 does not work for me. None of the FE Sessions are beeing kept

Added by Michael Fritz almost 16 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Michael Stucki
Category:
Communication
Target version:
-
Start date:
2009-01-21
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.2
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

if (!$id || !$this->isExistingSessionRecord($id)) {
// New random session-$id is made
$id = substr(md5(uniqid('').getmypid()),0,$this->hash_length);
// New session
$this->newSessionID = TRUE;
}

(issue imported from #M10217)

Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #19831: Session fixation vulnerability in user authenticationClosedMarcus Krause2009-01-15

Actions
Is duplicate of TYPO3 Core - Bug #19867: DB session records are only created when users authenticateClosedMichael Stucki2009-01-20

Actions
Actions
Copy link
 #1

Updated by Michael Fritz almost 16 years ago

BTW: Powermail is not working with 4.2.4 because of patch 10146.

Actions
Copy link
 #2

Updated by Sys-Tech almost 16 years ago

I confirm, Powermail is broken with 4.2.4. Same thing with ext:Commerce. Rolled-back to 4.2.3

Actions
Copy link
 #3

Updated by Franz Holzinger almost 16 years ago

All versions of tt_products do not work in latest TYPO3 4.3 from svn and also not in 4.2.4. The basket is always empty.
In install tool I have deleted the 'Encryption key:'. but I cannot regenerate it any more. The button 'Generate random key' does not react in FF3 and IE6.

Actions
Copy link
 #4

Updated by Michael Fritz almost 16 years ago

Bug #19867 offers a fix that worked for me!

Actions
Copy link
 #5

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF