View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 2
IDProjectCategoryView StatusDate SubmittedLast Update
04199Bug reportsOtherpublic2010-03-13 11:522010-03-19 17:02
ReporterSchelm Assigned Toc_schmitz  
PrioritylowSeveritytweak 
Status closedResolutionfixed 
Product Version1.87+ 
Fixed in Version1.87+ 
Summary04199: A Cookie named "sid" messes things up
Description

I guess I'm not the only person who runs LimeSurvey within another web application. My web application stores the PHP session ID in a cookie named "sid". Whenever this cookie is set and I try to access a survey, this cookie overwrites the URL-parameter (index.php?sid=12345) and therefore a survey with sid=ea0kpca2tk... can't be found and results in a stop of LimeSurvey with the error message ("Sorry. There is no matching survey.").

To solve this problem, you shouldn't read "sid" from cookies, especially not from cookies that are not in the LimeSurvey root URL (in my case LimeSurvey is installed to example.com/survey/ but the cookie is stored for www.example.com/)

Steps To Reproduce

Create cookie named "sid" with garbage in it.
Try to access a survey.

TagsNo tags attached.
Bug heat2
Complete LimeSurvey version number (& build)8472
I will donate to the project if issue is resolved
Browser
Database type & versionnot important
Server OS (if known)Debian Lenny
Webserver software & version (if known)Apache
PHP Version5+

Relationships

Relationship GraphDependency Graph
related to 04968 closedc_schmitz Issue ID # 4199 (also related 4201) should be reopened, has not been resolved. 
child of 04201 closedc_schmitz SQL-Error after Login 

Users monitoring this issue

There are no users monitoring this issue.

Activities

c_schmitz

c_schmitz

2010-03-15 22:36

administrator   ~11372

Fixed in rev. 8488

Issue History

Date Modified Username Field Change
2010-03-13 11:52 Schelm New Issue
2010-03-13 13:40 c_schmitz Severity crash => tweak
2010-03-15 17:38 Mazi Relationship added related to 04201
2010-03-15 21:30 c_schmitz Priority normal => low
2010-03-15 22:03 c_schmitz Relationship replaced child of 04201
2010-03-15 22:03 c_schmitz Status new => assigned
2010-03-15 22:03 c_schmitz Assigned To => c_schmitz
2010-03-15 22:36 c_schmitz Note Added: 11372
2010-03-15 22:37 c_schmitz Status assigned => resolved
2010-03-15 22:37 c_schmitz Fixed in Version => 1.87+
2010-03-15 22:37 c_schmitz Resolution open => fixed
2010-03-19 17:02 c_schmitz Status resolved => closed
2011-02-23 17:06 Mazi Relationship added related to 04968