[phpMyAdmin Developers] session_destroy conflicts with other applications

Michal Čihař michal at cihar.com
Fri Mar 9 08:49:30 CET 2018


Hello

On Thu, 2018-03-08 at 15:13 +0400, Selno Meria via Developers wrote:
> in "libraries\plugins\AuthenticationPlugin.php", line 96:
> 
>                  session_unset();
>                  session_destroy();
> 
> I think it's better that you manually unset the parameters that needs
> to 
> be deleted, instead deleting the whole session. I am having much 
> problems, because PMA destroys all my other sessions too.

Destroys other sessions? This destroys only currently active session,
what is phpMyAdmin owned one. In case you're sharing session with
phpMyAdmin, you're doing something wrong.

> (btw, it is nicely done like in:  "libraries\sessions.inc.php" ,
> line 
> 26, where it checks if session exists, it just closes);

This is only in case there is different session (just check the code
above).

-- 
	Michal Čihař | https://cihar.com/ | https://weblate.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.phpmyadmin.net/pipermail/developers/attachments/20180309/c075d281/attachment.sig>


More information about the Developers mailing list