bug #1411996, support session.autostart=1 without the need of .htaccess

2006-03-02 16:14:45 +00:00
parent a6f407c343
commit df17ff7448
4 changed files with 14 additions and 18 deletions
--- a/.htaccess
+++ b/.htaccess
@@ -1,6 +0,0 @@
-# At least on web servers supporting the .htaccess mecanism,
-# we disable session.auto_start; on other servers, users will
-# get a warning that they have to disable this setting
-# See also FAQ 1.36 in Documentation.html
-
-php_flag session.auto_start 0
--- a/4
+++ b/4
@@ -5,6 +5,10 @@ phpMyAdmin - Changelog
 $Id$
 $Source$

+2006-03-02 Marc Delisle  <lem9@users.sourceforge.net>
+    * libraries/session.inc.php and removed .htaccess:
+      bug #1411996: now we destroy an auto-started session
+
 2006-03-02 Michal Čihař  <michal@cihar.com>
    * libraries/display_tbl.lib.php: Fix parameter to transformation (bug
      #1440926).
--- a/Documentation.html
+++ b/Documentation.html
@@ -2544,16 +2544,7 @@ RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
 </h4>
 <p>
    There can be many explanations to this and a look at your server's
-    error log file might give a clue. Here is a possible explanation.<br />
-    Since version 2.8.0, phpMyAdmin contains a <tt>.htaccess</tt> file
-    inside its main directory. On servers that support the htaccess feature,
-    this file is used to set a PHP behavior that phpMyAdmin relies on;
-    currently, <tt>php_flag session.auto_start 0</tt> is used to ensure
-    that a session is not already active. However, on some servers, usage
-    of <tt>.htaccess</tt> is forbidden, therefore an internal error is 
-    triggered. You can try to remove this <tt>.htaccess</tt> file, hoping
-    that the <tt>session.auto_start</tt> setting is not active on your
-    server.
+    error log file might give a clue.
 </p>


--- a/libraries/session.inc.php
+++ b/libraries/session.inc.php
@@ -30,8 +30,8 @@ if (!@function_exists('session_name')) {
            . '&type='  . urlencode($strError)
            . '&error=' . urlencode(sprintf($strCantLoad, 'session')));
    exit();
-} elseif (ini_get('session.auto_start') == true) {
-    $cfg = array('DefaultLang'           => 'en-iso-8859-1',
+} elseif (ini_get('session.auto_start') == true && session_name() != 'phpMyAdmin') {
+/*    $cfg = array('DefaultLang'           => 'en-iso-8859-1',
                 'AllowAnywhereRecoding' => false);
    // Loads the language file
    require_once('./libraries/select_lang.lib.php');
@@ -48,6 +48,13 @@ if (!@function_exists('session_name')) {
            . '&type='  . urlencode('Error') //($strError)
            . '&error=' . urlencode($strSessionAutostartError));
    exit();
+    */
+    $_SESSION = array();
+    if (isset($_COOKIE[session_name()])) {
+        setcookie(session_name(), '', time()-42000, '/');
+    }
+    session_unset();
+    @session_destroy();
 }

 // disable starting of sessions before all settings are done