Mantis Bug Tracker - Forums

Posted: **12 Dec 2013, 17:14**

Hi,

I recently migrated my web servers to a new hosting. The new setup is using a load balanced environment.
This means that the session handler can't use the default 'php' setting. Trying to do so results in numerous errors like this:

Code: Select all

APPLICATION ERROR #2800
Invalid form security token. This could be caused by a session timeout, or accidentally submitting the form twice.

One solution for this issue is to store the sessions in the database ($g_session_handler='adodb';), rather than on the web server ($g_session_handler='php';).
I've updated mantis to the latest stable version (1.2.15) and updated the config to store the sessions in the database.
Once I opened mantis, I got error #2700 (invalid session handler).

Doing some digging, I found that only $g_session_handler='php'; is implemented.

Code: Select all

	switch( utf8_strtolower( $g_session_handler ) ) {
		case 'php':
			$g_session = new MantisPHPSession( $p_session_id );
			break;

		case 'adodb':

			# Not yet implemented
		case 'memcached':

			# Not yet implemented
		default:
			trigger_error( ERROR_SESSION_HANDLER_INVALID, ERROR );
			break;
	}

Yet the documentation mentions the options for storing in the database or memcaching.
Are there plans to implement the other session handlers or are they missing by error?
If they are not yet implemented, as the code suggests, may I suggest to remove the option for the session handler from the documentation so others don't have to lose time on investigating why setting the configuration option results in errors?

Thank you

Posted: **12 Dec 2013, 22:37**

The developer who started to implement it, did not finish his work.
https://github.com/mantisbt/mantisbt/co ... 5b21efc816

You could enter a report at http://www.mantisbt.org/bugs

Submitting a patch is always a good idea, as it increases the chances of improvement eventually making it into MantisBT core. All contributions are welcome and greatly appreciated.

Patch submissions can be made in several ways. In the order of preference:

1. Send us a Pull Request on our Github repository [1]
2. Attach a GIT patch to the issue
3. Attach a Unified Diff, clearly specifying the patch's base release

Kindly avoid to upload entire modified PHP files.

Please make sure that your submissions adhere to our Coding Guidelines [2], if they don't your patch might be rejected.

[1] https://github.com/mantisbt/mantisbt
[2] http://www.mantisbt.org/wiki/doku.php/m ... guidelines

Posted: **12 Dec 2013, 22:49**

Found an old report where another user tried adodb session handler
http://www.mantisbt.org/bugs/view.php?id=11564

Posted: **13 Dec 2013, 00:55**

OK, I'll look into it.

Mantis Bug Tracker - Forums

$g_session_handler

$g_session_handler

Re: $g_session_handler

Re: $g_session_handler

Re: $g_session_handler