HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

i imported an old db and my session ids changed. now my users are logged in as each other

i think there's an issue with people having stored an old session id, or perhaps having duplicates? i don't know how to get them to log out and log back in. any suggestions?

when i look in my db, the GDN_Session table is empty with no rows so that doesn't help.


  • Sessions aren't done that way, that table isn't relevant. Do you use single sign on solution.

    How did you import?

    grep is your friend.

  • i don't know what single sign on solution is

    what if i went into config-default

    and changed this line:

    $Configuration['Garden']['Cookie']['Name'] = 'Vanilla';

    to this:

    $Configuration['Garden']['Cookie']['Name'] = 'VanillaNew';

    then none of the old cookies would matter and people would have to re-log in

  • how did i import... i use bluehost, i just imported using the myphpadmin tool. in every other way the import worked well, but people had already made usernames and logged in to the database that was superseded and stored cookies with userids.

  • solved it by changing cookie salt

Sign In or Register to comment.