I thought I had tried that before, but that did seem to solve the problem. Thank you, Gerhard.<br><br>We are, btw, still looking for a consultant on our shoestring budget. Please feel free to email me off-list if you are interested.
<br><br><div><span class="gmail_quote">On 3/31/07, <b class="gmail_sendername">Gerhard Killesreiter</b> <<a href="mailto:gerhard@killesreiter.de">gerhard@killesreiter.de</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>Rob Pierson schrieb:<br>> Hi,<br>><br>> I help with the website for young professionals working in foreign policy (<br>> <a href="http://www.ypfp.org">www.ypfp.org
</a>). It's a non-partisan site for young and mostly dc-based think<br>> tank folks, congressional staff, etc to discuss foreign policy.<br>><br>> We've been running the site for about a year, and recently our web host (
<br>> <a href="http://opensourcehost.com">opensourcehost.com</a>) installed a module (suhosin) for php that they say has<br>> corrupted the cookies of our users.<br><br>I've no experience with suhosin, but if I were to make an educated
<br>guess, I'd think that they changed the mechanism by which php generates<br>session IDs.<br><br>If this guess is correct, then you'd need to empty the "sessions" table<br>of your Drupal install. This will log all your users out and they will
<br>need to log in again. After that everythign should be back to normal.<br><br>> I've tried moving the site to another<br>> hosting company, reinstalled the database/cms, and unsuccessfully searched<br>> for a solution. They say the only solution is to tell all of our users to
<br>> empty their cookies, which is not exactly what I would call a "solution".<br><br>That is a solution and a quite appropriate one. With Drupal you might<br>get away with simply emptying the sessions table as indicated above.
<br><br>The suhosin module is a php module that tries to make php more secure<br>and you should thank your provider for installing it.<br><br>Cheers,<br> Gerhard<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.6
(GNU/Linux)<br><br>iD8DBQFGDkt9fg6TFvELooQRAq59AKDEV2/2Rc84p+cRBq6Gg6FNTogk/ACdFibM<br>nJQug6OKt7d/UIhsAOF3S+A=<br>=XOFw<br>-----END PGP SIGNATURE-----<br>_______________________________________________<br>consulting mailing list
<br><a href="mailto:consulting@drupal.org">consulting@drupal.org</a><br><a href="http://lists.drupal.org/mailman/listinfo/consulting">http://lists.drupal.org/mailman/listinfo/consulting</a><br></blockquote></div><br>