Login cookie change from 1.3.3 to 1.4.10 Login cookie change from 1.3.3 to 1.4.10
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Login cookie change from 1.3.3 to 1.4.10

Started by outdoorresearch, May 16, 2007, 09:37:51 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

outdoorresearch

May 16, 2007, 09:37:51 PM
We recently upgraded from 1.3.3 to 1.4.10. It appears that the method of knowing whether a user is logged in or not has changed. In 1.3.3, there were two cookies set (cpg133_uid and cpg133_pass) when a user logged in. By setting these cookies, I could basically "force" a specific user to be "logged in" without having to go through the Coppermine login screen. In 1.4.10, this does not seem to work anymore.

Does anyone know how Coppermine maintains user login status in 1.4? Is it done through a PHP session now rather than cookies?

Nibbler

#1
May 16, 2007, 09:58:10 PM
It's done using a single session (not php sessions) cookie. See bridge/coppermine.inc.php

outdoorresearch

#2
May 17, 2007, 01:27:21 AM
Thanks for the reply. It appears that the way 1.4.10 handles logins is quite a bit differently than 1.3.3 . It was nice in 1.3.3 to be able to just set two cookies and be logged in. Now there is interaction with a record in the session table which requires a bit more manuvering to get around.
Print
Go Up Pages1
User actions