[pmwiki-users] Need to Enter Password Repeatedly?

Patrick R. Michaud pmichaud at pobox.com
Mon Sep 10 14:45:45 CDT 2007


On Thu, Sep 06, 2007 at 09:50:41PM -0400, Jesse Heines wrote:
> The problem turned out to be that my site:
> 
>   http://www.performamatics.org
> 
> which is really:
> 
>   http://teaching.cs.uml.edu/Performamatics/
> 
> was registered on GoDaddy.com with Domain Forwarding **AND MASKING
> ENABLED**.  The masking prevents the domain name displayed in the address
> bar from being changed.  
> 
> I don't know why masking affects the storing of session data, but it most
> certainly does, at least on my system.  When I turned masking off,
> everything worked fine and I only needed to enter the password once per
> session.  Of course, with masking turned off, going to
> http://www.performamatics.org shows a visible redirect to
> http://teaching.cs.uml.edu/Performamatics/.  

I suspect the problem is that the session cookies being generated
by PHP are being associated with the "teaching.cs.uml.edu" site,
so that the browser doesn't send the cookie when accessing the
"www.performamatics.org" version of the site.

When a new PHP session is created, the browser is given a cookie
that it sends with each subsequent request to the same server.
But browsers think of "same server" as being "same domain name" --
i.e., a browser won't send a cookie from "teaching.cs.uml.edu"
to a server at "www.performamatics.org" because the browser
treats them as being separate servers (as it is supposed to).

Pm



More information about the pmwiki-users mailing list