Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-7332

Session database sesskey field too small when using sha1 as hashing function for php session

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.6.3
    • Fix Version/s: 1.7
    • Component/s: Database SQL/XMLDB
    • Labels:
      None
    • Environment:
      Server 2003 with latest security updates and IIS 6.0 for web.
      Server 2003 with latest security updates and MySQL 5.0.11 for database backend.
    • Database:
      MySQL
    • Affected Branches:
      MOODLE_16_STABLE
    • Fixed Branches:
      MOODLE_17_STABLE

      Description

      There is a problem with the field size of sesskey in the sessions database. It is currently set to char(32) but that is too small to hold the entire key. It should be set to char(40). Activate dbsessions with the sesskey still set to char(32) and try to log into your moodle site and it will complain at the footer of the front page and the login page about Session Replace: Duplicate key '...........' for key 1 and never let you log in.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  7/Nov/06