Ticket #533 (fixed bug)
Dots aren't allowed in cookie name
- Created: 2011-11-06 09:35:02
- Reported by: daris
- Assigned to: Reines
- Milestone: 2.0-alpha1
- Component: authentication
- Priority: normal
Branch: fluxbb-2.0-sessions
The install.php script generates unique cookie name:
// Add some random bytes at the end of the cookie name to prevent collisions
$cookie_name = 'pun_cookie_'.PasswordHash::random_key(6);
But the PasswordHash::random_key can return a dot character (eg. pun_cookie_u9B.rE) which is not allowed in cookie name. This way you won't be able to login as that cookie doesn't exist.
BTW You should add a new ticket component -> sessions