Invalid Session Problems

durand · Post by **durand** » Sun Oct 22, 2006 4:38 pm

hey I dunno why but I can't stay logged in for more than 1 page. Even after I login, I'm not logged in.. I'm trying to post this. Let's see if it works. Just letting you know.

chase · Post by **chase** » Sun Oct 22, 2006 4:58 pm

durand wrote:hey I dunno why but I can't stay logged in for more than 1 page. Even after I login, I'm not logged in.. I'm trying to post this. Let's see if it works. Just letting you know.

If anyone else is having this problem please email me at [email protected].

Durand - try clearing you browsers cache and restarting it. Please let me know the result. I've tried both a normal account and an admin account under IE 7 and Firefox 1.5 and both are working fine although I'm running with standard security settings. Can you try another web browser?

Combuster · Post by **Combuster** » Mon Oct 23, 2006 6:09 am

durand wrote:hey I dunno why but I can't stay logged in for more than 1 page. Even after I login, I'm not logged in.. I'm trying to post this. Let's see if it works. Just letting you know.

Check wether cookies are enabled or not. Otherwise try (de)select the remember login checkbox.

As for the accounts, I'd like to have my posts back as well.

chase · Post by **chase** » Mon Oct 23, 2006 7:48 am

As Combuster said check your cookie settings. Seems that if cookies are disabled than some urls will cause you to escape your session. I'll see if there is any work around but I doubt it....

durand · Post by **durand** » Mon Oct 23, 2006 7:50 am

Nah, it's not that. My cookies are all good. If I've managed to stay logged in for a while and then Logout, I get an "Invalid_session" error from the PHP boards.

This seems to happen to other people as well with phpBB. For example: http://www.phpbb.com/phpBB/viewtopic.ph ... 18e4c725aa

Other posts indicate that there were password and other problems in earlier versions of phpBB which have been fixed. I dunno which version this board is running but the latest is 2.0.21 in June 2006, i think. The copyright at the bottom of these boards say 2005. I think I've just triggered some odd bug that a small minority of other people also experience. I'll wait until the boards are updated and try again then.

chase · Post by **chase** » Mon Oct 23, 2006 9:03 am

The OSDev board is already running the latest version. I sent you an email with some with some more things to test. Even if it's a minority I want to figure out the cause, with our increased user base it's more likely to happen to other people.

Edit: In the interest of information sharing; It's starting to look like the problem might be proxy servers that are shifting ip addresses. We are currently working via email to fix the problem.

chase · Post by **chase** » Mon Oct 23, 2006 5:16 pm

Split this topic out of the MT merge topic. Seems the problem was because of transparent proxy servers that have very different ip address. For security phpbb stores the first 24 bits of your ip address in memory. If you suddenly trying to connect from a different class C subnet the it assumes that someone is trying to steal your sesssion. This problem seems to be pretty rare so I don't want to turn this feature off. If you hit this problem just post here or contact me directly and I can turn off this feature just for your account.