Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-10137

Login problems in IE7 when persistent cookies are not allowed

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.6
    • Fix Version/s: 2.0
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      IE7
    • Affected Branches:
      MOODLE_16_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE

      Description

      If a learner using IE7 tries to login when IE is configured to block persistent cookies, she will fail since set_moodle_cookie() in moodlelib tries to write a persistent MOODLEID cookie and blocks access if this is not found. Other browser than IE will try to write a session cookie if persistent cookies are blocked by config.
      IMHO moodle should in no way rely on persistent cookies, they should only be optional. MOODLEID for filling login form is IMHO obsolete for most users since form filling is a feature build in most browsers, where user or admin can configure it accordingly. This data should not be saved in a cookie.

      As a workaround we changed cookie expiration in set_moodle_cookie() to zero, loosing MOODLEID functionality but unlocking IE7 users having set very convincing cookie treatment.

      We also set MOODLEID cookie to $CFG->sessioncookiepath not to root. This is the reason why $CFG->sessioncookiepath was invented.

      function set_moodle_cookie($thing) {
      global $CFG;

      if ($thing == 'guest')

      { // Ignore guest account return; }

      $cookiename = 'MOODLEID_'.$CFG->sessioncookie;

      $days = 60;
      $seconds = DAYSECS*$days;

      setCookie($cookiename, '', 0, $CFG->sessioncookiepath);
      setCookie($cookiename, rc4encrypt($thing), 0, $CFG->sessioncookiepath);
      }

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                skodak Petr Skoda
                Reporter:
                pallifons Alfred Kohnert
                Tester:
                Nobody
                Participants:
                Component watchers:
                Jake Dallimore, Jun Pataleta, Ryan Wyllie
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  24/Nov/10