[pmwiki-users] Session Cookie Problem

Patrick R. Michaud pmichaud at pobox.com
Fri Jun 2 12:03:25 CDT 2006


On Fri, Jun 02, 2006 at 12:14:35PM -0400, Justin Shepard wrote:
> I have a couple of Wikis using PmWiki (which is great, first off) and
> I recently upgraded them both to version 2.1.7.  One of the Wikis has
> many view-protected pages, and since the upgrade an author has to
> enter a password (it doesn't seem to matter if the password used is
> the global admin password or that page's specific view password) to
> view the page /every/ time they try to view the page.  The other Wiki
> has only a few view-protected pages so I can't test as thoroughly, but
> it doesn't seem to be experiencing the problem.

Very odd.  Are both wikis running on the same server, or are they
on different servers?  (And, if you know, what versions of PHP and 
webserver software is being used?)

Also, what skin are you using?

> Some additional things I've discovered in the course of investigating
> the problem:  If an author edits the pages (which are also
> edit-protected), and enters the Wiki's global admin password, they no
> longer need to enter a password to view the view-protected pages.

That's correct.  PmWiki remembers every password entered during a
session, so once someone enters the admin password, they are never
prompted for a password again until something happens to cause PmWiki
to "forget" the current session's passwords.

> Secondly, I noticed that simply viewing a view-protected page doesn't
> set the PHPSESSID cookie, but editing a page does.

That's definitely odd.  Is there a url we could look at?

Pm





More information about the pmwiki-users mailing list