[Phpmyadmin-devel] about transparent session ids

Hi, Working on this bug [0], I noticed that when using the 'signon' auth_type - invalid JSON is produced - lots of XHTML errors can be seen with HTML Validator However, disabling @ini_set('session.use_trans_sid', true); in libraries/session.inc.php fixes all these problems. Doing so would require users to enable cookies in their browser but it's already a requirement per Documentation.html. Opinions? [0] https://sourceforge.net/tracker/?func=detail&aid=3398788&group_id=23067&atid... -- Marc Delisle http://infomarc.info

Le 2011-12-04 06:19, Marc Delisle a écrit :
Hi,
Working on this bug [0], I noticed that when using the 'signon' auth_type - invalid JSON is produced - lots of XHTML errors can be seen with HTML Validator
However, disabling @ini_set('session.use_trans_sid', true); in libraries/session.inc.php fixes all these problems.
Doing so would require users to enable cookies in their browser but it's already a requirement per Documentation.html.
Opinions?
[0] https://sourceforge.net/tracker/?func=detail&aid=3398788&group_id=23067&atid...
Note: the XHTML errors (but not the invalid JSON) can also be fixed by enabling ini_set('arg_separator.output', '&'); and I wonder why this line was disabled. -- Marc Delisle http://infomarc.info

Hi Dne Sun, 04 Dec 2011 06:24:25 -0500 Marc Delisle <marc@infomarc.info> napsal(a):
Note: the XHTML errors (but not the invalid JSON) can also be fixed by enabling ini_set('arg_separator.output', '&');
and I wonder why this line was disabled.
Because there are servers which use someting else as separator? (;) -- Michal Čihař | http://cihar.com | http://phpmyadmin.cz

Le 2011-12-04 09:21, Michal Čihař a écrit :
Hi
Dne Sun, 04 Dec 2011 06:24:25 -0500 Marc Delisle<marc@infomarc.info> napsal(a):
Note: the XHTML errors (but not the invalid JSON) can also be fixed by enabling ini_set('arg_separator.output', '&');
and I wonder why this line was disabled.
Because there are servers which use someting else as separator? (;)
OK. Did you see my initial question in this thread, about disabling transparent session ids? -- Marc Delisle http://infomarc.info

Hi Dne Sun, 04 Dec 2011 06:19:56 -0500 Marc Delisle <marc@infomarc.info> napsal(a):
Working on this bug [0], I noticed that when using the 'signon' auth_type - invalid JSON is produced - lots of XHTML errors can be seen with HTML Validator
However, disabling @ini_set('session.use_trans_sid', true); in libraries/session.inc.php fixes all these problems.
Doing so would require users to enable cookies in their browser but it's already a requirement per Documentation.html.
Opinions?
Makes sense (though I think PHP should not append SID when cookies are enabled). -- Michal Čihař | http://cihar.com | http://phpmyadmin.cz

Le 2011-12-05 02:08, Michal Čihař a écrit :
Hi
Dne Sun, 04 Dec 2011 06:19:56 -0500 Marc Delisle<marc@infomarc.info> napsal(a):
Working on this bug [0], I noticed that when using the 'signon' auth_type - invalid JSON is produced - lots of XHTML errors can be seen with HTML Validator
However, disabling @ini_set('session.use_trans_sid', true); in libraries/session.inc.php fixes all these problems.
Doing so would require users to enable cookies in their browser but it's already a requirement per Documentation.html.
Opinions?
Makes sense (though I think PHP should not append SID when cookies are enabled).
It does, when we are using the signon auth_type; maybe because there are two sessions involved, or because output has occurred before opening the sessions. I could not find the exact reason. -- Marc Delisle http://infomarc.info
participants (2)
-
Marc Delisle
-
Michal Čihař