Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Cookie Problem (bug?)

edited October 2007 in Vanilla 1.0 Help
Hey Folks. I was running vanilla for a few months, yesterday i decided to delete the database an install a completely fresh version. The problem is, that the cookies seem to say "user id=4 login=true" or something like that, i don't know how that stuff works exactly. So some users of the old install before were now logged in as completely different users. I hope you can follow me, my english is not the best


  • I think you need to put something like this in conf/settings.php:$Configuration['COOKIE_USER_KEY'] = 'forgetoldcookieone'; $Configuration['COOKIE_VERIFICATION_KEY'] = 'forgetoldcookietwo';

    by default they should be 'lussumocookieone/two' so I renamed the defaults to make it forget those cookies that are already out there.
  • aah, i see. thank you very much for the quick support.
  • How could they get logged-in with a wrong verification key?
  • i don't know how this could happen, we tested it serveral times and everytime it happened again...
  • Which extensions are you using?
  • edited October 2007
    Also try to change in your browser the cookie value of *cookieone and *cookietwo (and remove the session cookie) to check if you can log-in an other user account this way.
  • hm this also appeared with no extension loaded
  • Can you log in an other user account by just changing the value of whatevercookieone in your browser (you can use the "web developper toolbar " > Cookies > view cookies information > edit cookie)
  • Hm i din't try that. Now it's too late, everythink works fine again..
This discussion has been closed.