[Koha] problem with cookie based authentication with koha-1.2.3

Tonnesen Steve tonnesen at cmsd.bc.ca
Fri Feb 14 09:10:16 NZDT 2003


On Thu, 13 Feb 2003 robweir at alum.drexel.edu wrote:

> Did anyone see or respond to following message a few days ago? I haven't seen a response and am seeing something similar with a windows install of koha-1.2.3 when in the Intranet module.
> 
> Does anyone have an idea of what to check to resove this?

It's a bug in the Auth.pm module.  It's assigning a new session cookie
immediately after the user has authenticated:


Line 176 in C4/Auth.pm reads:

$sessionID=int(rand()*100000).'-'.time();

and it should read:

$sessionID or $sessionID=int(rand()*10000).'-'.time();


Steve.





More information about the Koha mailing list