From 612ddd7050889974fc1f7e449e715b4c1129c0bb Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 18 Dec 2010 11:55:04 -0800
Subject: Warn admins after login if their PHP install has the
 session.use_trans_sid feature enabled, since this will cause random logouts. 
 Partial fix for #1316.

---
 modules/gallery/helpers/gallery_event.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'modules')

diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index cbb939bb..5d3ee6ee 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -178,6 +178,10 @@ class gallery_event_Core {
     }
     Session::instance()->set("active_auth_timestamp", time());
     auth::clear_failed_attempts($user);
+
+    if ($user->admin && ini_get("session.use_trans_sid")) {
+      message::info(t("PHP is configured with <a href=\"url\">session.use_trans_sid</a> enabled which will cause random logouts.  Please disable this setting.", array("url" => "http://www.php.net/manual/en/session.configuration.php#ini.session.use-trans-sid")));
+    }
   }
 
   static function user_auth_failed($name) {
-- 
cgit v1.2.3