From 9ae2b21e220cde1cb9605dc1d3827bcee4cd4ba4 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Fri, 5 Jan 2007 11:57:04 +0000 Subject: [PATCH] bug #1538132, remove the setting of session.save_handler to 'files' --- ChangeLog | 4 ++++ libraries/session.inc.php | 7 +++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index d9e67bfd4..e4265d916 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog $Id$ $Source$ +2007-01-05 Marc Delisle + * libraries/session.inc.php: bug #1538132, remove the setting of + session.save_handler to 'files' + 2007-01-02 Marc Delisle * pdf_pages.php: undefined $pdf_page_number when no auto layout * server_privileges.php: bug #1614087, deleting a user having a diff --git a/libraries/session.inc.php b/libraries/session.inc.php index c1146d091..781b4258f 100644 --- a/libraries/session.inc.php +++ b/libraries/session.inc.php @@ -74,9 +74,8 @@ if (version_compare(PHP_VERSION, '5.0.0', 'ge') // on some servers (for example, sourceforge.net), we get a permission error // on the session data directory, so I add some "@" -// [2006-01-25] Nicola Asuni - www.tecnick.com: maybe the PHP directive -// session.save_handler is set to another value like "user" -ini_set('session.save_handler', 'files'); +// See bug #1538132. This would block normal behavior on a cluster +//ini_set('session.save_handler', 'files'); @session_name('phpMyAdmin'); @session_start(); @@ -90,7 +89,7 @@ if (!isset($_SESSION[' PMA_token '])) { } /** - * trys to secure session from hijacking and fixation + * tries to secure session from hijacking and fixation * should be called before login and after successfull login * (only required if sensitive information stored in session) *