[consulting] Looking for consultant
Gerhard Killesreiter
gerhard at killesreiter.de
Sat Mar 31 11:52:29 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rob Pierson schrieb:
> Hi,
>
> I help with the website for young professionals working in foreign policy (
> www.ypfp.org). It's a non-partisan site for young and mostly dc-based think
> tank folks, congressional staff, etc to discuss foreign policy.
>
> We've been running the site for about a year, and recently our web host (
> opensourcehost.com) installed a module (suhosin) for php that they say has
> corrupted the cookies of our users.
I've no experience with suhosin, but if I were to make an educated
guess, I'd think that they changed the mechanism by which php generates
session IDs.
If this guess is correct, then you'd need to empty the "sessions" table
of your Drupal install. This will log all your users out and they will
need to log in again. After that everythign should be back to normal.
> I've tried moving the site to another
> hosting company, reinstalled the database/cms, and unsuccessfully searched
> for a solution. They say the only solution is to tell all of our users to
> empty their cookies, which is not exactly what I would call a "solution".
That is a solution and a quite appropriate one. With Drupal you might
get away with simply emptying the sessions table as indicated above.
The suhosin module is a php module that tries to make php more secure
and you should thank your provider for installing it.
Cheers,
Gerhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGDkt9fg6TFvELooQRAq59AKDEV2/2Rc84p+cRBq6Gg6FNTogk/ACdFibM
nJQug6OKt7d/UIhsAOF3S+A=
=XOFw
-----END PGP SIGNATURE-----
More information about the consulting
mailing list