View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0022844||mantisbt||security||public||2017-05-08 08:45||2017-06-28 14:48|
|Status||closed||Resolution||no change required|
|Summary||0022844: Application Error #2800 after PHP upgrade from 7.1.3 to 7.1.4|
After upgrading the PHP version from 7.1.3 to the latest 7.1.4 I'll get for every form action the application error #2800.
|Steps To Reproduce|
On all form actions I'll get this error.
|Tags||No tags attached.|
I already had a look on this but all these points do note result in a solution. I also installed a complete new Mantis instance on the same machine and logged in for the first time.
Mantis runs just fine on 7.1.4 for me (tested on WampServer 3.0.8).
I suggest you enable debugging information to help understanding the problem. Please follow these steps:
WARNING - SECURITY RISK: the 'show_detailed_errors' config can cause MantisBT to display sensitive information about your system. We recommend to restrict its activation to a Test environment, only for as long as necessary. If possible, do not turn it ON globally, instead limit it for specific user(s) using the Manage Configuration page.
If the output does not help you resolving the issue and you need further assistance,
I had the same issue after deleting a file in a comment.... killing all my cookies fixed the problem
I changed the debug level but this does not help to solve the problem. I used a complete new installation of mantis and tried to update the password during logging in the first time as administrator. Attached you'll find the complete html page with the detailed error.
The problem occurs in Firefox as well as in the Internet Explorer. I also deleted all cookies and tried again. But this does also not help.
mantis_error_page.zip (261,022 bytes)
Attached you'll find the php.ini session part.
@TicketSolver I looked at the attached error page; indeed it does not help much, just showing you're trying to open account_update.php and that no tokens were retrieved from the user's session. Note that accessing this page is only valid when coming from account_page.php (just mentioning that since you did not provide any context / detailed steps you followed to produce the error).
If you indeed went through the Update button on account_page.php, then maybe there is something broken with sessions handling. Since I can't reproduce the problem here, there is not much more I can do to help. I suggest you try to trace what is happening in form_security_token() function, when it is called (via form_security_field() ), to initialize the token and store it in the session. Is the token properly generated ? Is it stored in the user's session ?
Can you confirm that the change from PHP 7.1.3 to 7.1.4 is the only change between the working and broken installs ?
I found the solution. The problem was not related to Mantis but more to the upgrade of PHP. We're using a custom apache user. During our PHP upgrade the default apache user is used to create the folder /var/lib/php7. Because of this our custom apache user was not able to set Session variables due to access to this folder. Sorry for your effort you did on solving this problem. This ticket can be closed now. Thank you very much.
|2017-05-08 08:45||TicketSolver||New Issue|
|2017-05-08 08:45||TicketSolver||File Added: error2800.PNG|
|2017-05-08 10:00||atrol||Note Added: 0056804|
|2017-05-08 10:16||TicketSolver||Note Added: 0056805|
|2017-05-08 11:24||dregad||Note Added: 0056806|
|2017-05-08 11:31||Kyle_Katarn||Note Added: 0056807|
|2017-05-09 04:08||TicketSolver||File Added: mantis_error_page.zip|
|2017-05-09 04:08||TicketSolver||Note Added: 0056812|
|2017-05-09 04:42||TicketSolver||File Added: php_session_config.PNG|
|2017-05-09 04:42||TicketSolver||Note Added: 0056813|
|2017-05-09 06:21||dregad||Status||new => feedback|
|2017-05-09 06:21||dregad||Note Added: 0056814|
|2017-05-09 07:28||TicketSolver||Note Added: 0056815|
|2017-05-09 07:28||TicketSolver||Status||feedback => new|
|2017-05-09 07:31||atrol||Assigned To||=> dregad|
|2017-05-09 07:31||atrol||Status||new => resolved|
|2017-05-09 07:31||atrol||Resolution||open => no change required|
|2017-05-21 03:41||atrol||Status||resolved => closed|
|2017-06-28 14:48||atrol||Relationship added||related to 0022831|