Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-7332

Session database sesskey field too small when using sha1 as hashing function for php session

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.6.3
    • Fix Version/s: 1.7
    • Component/s: Database SQL/XMLDB
    • Labels:
      None
    • Environment:
      Server 2003 with latest security updates and IIS 6.0 for web.
      Server 2003 with latest security updates and MySQL 5.0.11 for database backend.
    • Database:
      MySQL
    • Affected Branches:
      MOODLE_16_STABLE
    • Fixed Branches:
      MOODLE_17_STABLE

      Description

      There is a problem with the field size of sesskey in the sessions database. It is currently set to char(32) but that is too small to hold the entire key. It should be set to char(40). Activate dbsessions with the sesskey still set to char(32) and try to log into your moodle site and it will complain at the footer of the front page and the login page about Session Replace: Duplicate key '...........' for key 1 and never let you log in.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              skodak Petr Skoda
              Reporter:
              m3741 Adam Kouse
              Tester:
              Nobody
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                7/Nov/06