Captcha And Session

This issue has been fixed in R5.5.


If you want use Captcha, you must set these values in freecap.php if they differ from default values or your config settings,
so that Captcha can pass its values to the session. This is a workaround until a more general approach is found / implemented.


# setting location freecap.php default value
1 $this->config['cookie_prefix']
secondary config
COOKIE_PREFIX
_wacko
2 SESSION_HANDLER_ID
constants.php
SESSION_HANDLER_ID
sid
3 SESSION_HANDLER_PATH
constants.php
SESSION_HANDLER_PATH
null

  1. $this->config['cookie_prefix'] can be access via the Admin panel or phpMyAdmin and config table.
  2. The session handler path can be determined with get_cfg_var('session.save_path') or via phpinfo(); and session.save_path.
    1. You can also look up the value via Admin panel and System Informations.
    2. If you specify the SESSION_HANDLER_PATH then this must be done in in both files.
    3. If the path containing additional values like '3;600;/home/web-sessions' then add the entire string.
    4. In some cases the SESSION_HANDLER_PATH must be provided in any case to get it work.

Example

table prefix_config

config_name config_value
cookie_prefix wacko_

config/constants.php

define('SESSION_HANDLER_ID',			'sid');
define('SESSION_HANDLER_PATH',			null);	// if you are using specific path (instead of system default /tmp) for session variables storing, define it here


lib/captcha/freecap.php

define('COOKIE_PREFIX',            'wacko_');         // Part 1 of session_name - see init.php session function for details "  session_name($this->config['cookie_prefix'].SESSION_HANDLER_ID);  "
define('SESSION_HANDLER_ID',            'sid');       // Part 2 of session_name - see previous . Same setting as in config/constants.php
define('SESSION_HANDLER_PATH',            null);    // Where to find session files. Same setting as in config/constants.php


All three setting values must be equal in both files
  1. config table
  2. config/constants.php
  3. lib/captcha/freecap.php

and SESSION_HANDLER_PATH must match the value of your system.

$catch_session_name = COOKIE_PREFIX.SESSION_HANDLER_ID;

if(isset($_GET[$catch_session_name]))
{
	session_name($catch_session_name);
	session_id($_GET[$catch_session_name]);

	// Save session information where specified or with PHP's default
	session_save_path(SESSION_HANDLER_PATH);

	session_start();	// we don't actually start a new session - we open the existing one by name & id and add our variables
}


Read comment (1 comment)