My Configuration: - Squirrelmail 1.4.2 - PHP 4.3 - Apache 2.0 - Mozilla 1.6
My Problem:
When the user logs in with correct username and password he sees the error message, "You must be logged in to access this page." All configurations are apparently correct. No session cookie is set, but two cookies ("key" and "squirrelmail_language") are set.
Cause Of My Problem:
Mozilla was ignoring/rejecting the session cookie because it was configured to accept cookies from the originating server only. This means that Mozilla examines the domain field of any cookie that is set and compares it to the hostname of the current URL. In the case of the Squirrelmail session cookie, but not the other cookies set by Squirrelmail, the domain field is blank.
My Solution:
I could have just re-configured Mozilla to accept cookies from anywhere, but I consider this to be a bug in Squirrelmail; I believe that Squirrelmail should work with the browser configuration I had. I instead patched functions/global.php to behave better with the session cookie. Now with no browser configuration changes, and thus no unnecessary concessions on browser privacy, I can login without problems.
(This patch also times out sessions after 20 minutes of user idle time.)
=============================================================
$ cd squirrelmail/functions
$ diff -Naur global.php.bak global.php
--- global.php.bak Wed Mar 31 17:40:33 2004
+++ global.php Wed Mar 31 18:39:05 2004
@@ -34,6 +34,7 @@
* it is run via a require_once directive in validate.php
* and redirect.php. Patch submitted by Ray Black.
*/
+session_set_cookie_params(1200, '/', $domain);
sqsession_is_active();
if ( !check_php_version(4,1) ) {
global $_COOKIE, $_ENV, $_FILES, $_GET, $_POST, $_SERVER, $_SESSION;
=============================================================Thanks everyone for offering suggestions on this problem.
-- Will Berry Co-founder, Second Brain website hosting http://www.secondbrainhosting.com/
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click -- squirrelmail-users mailing list List Address: [EMAIL PROTECTED] List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
