Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Session use fails in safemode #8438

Closed
diosmosis opened this issue Jul 27, 2015 · 4 comments
Closed

Session use fails in safemode #8438

diosmosis opened this issue Jul 27, 2015 · 4 comments
Labels
Bug For errors / faults / flaws / inconsistencies etc. worksforme The issue cannot be reproduced and things work as intended.
Milestone

Comments

@diosmosis
Copy link
Member

When a fatal error triggers safemode, the session is read/written when a nonce is accessed or created (see ControllerPluginAdmin/Controller.php). This seems to cause an exception, covering up the original error, see #8427

@diosmosis diosmosis added the Bug For errors / faults / flaws / inconsistencies etc. label Jul 27, 2015
@diosmosis diosmosis added this to the 2.15.0 milestone Jul 27, 2015
@tsteur
Copy link
Member

tsteur commented Jul 29, 2015

I tried to reproduce it with an API call and a Controller call but couldn't. Worked fine. Possible that it only occurs when bootstrapping Piwik in a custom environment. I can see from the looks that it can happen when including dispatch.php (here we setup safemode) but not calling FrontController::doDispatch().

Not sure what a proper fix is as I'm not sure how people use Piwik when bootstrapping it themselves. We could start a session in safemode if needed or we could just not show the deactivate/activate link.

@tsteur tsteur self-assigned this Jul 29, 2015
@tsteur
Copy link
Member

tsteur commented Jul 29, 2015

Actually it should start a session here if needed as it should bootstrap Piwik and start session: https://github.com/piwik/piwik/blob/2.14.2/core/FrontController.php#L179

I cannot reproduce it. Need a concrete example to fix.

Edit: User did set define('PIWIK_ENABLE_SESSION_START', false); which prevents session from starting. We need to check if session was started and if not, either not show safemode at all or hide the plugin list which allows to deactivate plugin (which needs in Nonce which needs session)

Edit 2: I still cannot reproduce it

@tsteur tsteur assigned tsteur and unassigned tsteur Jul 29, 2015
@mattab mattab removed this from the 2.15.0 milestone Aug 10, 2015
@mattab
Copy link
Member

mattab commented Aug 10, 2015

Thanks for investigating, we're postponing for now. @diosmosis could you maybe take another look at reproducing this?

@diosmosis diosmosis self-assigned this Aug 18, 2015
@diosmosis diosmosis removed their assignment Aug 26, 2015
@diosmosis
Copy link
Member Author

@mattab Issue hasn't reoccurred as far as I know, so I think it's not that important. I will close, if someone reports an issue like this we can re-open.

@mattab mattab modified the milestone: 2.15.0 Sep 23, 2015
@mattab mattab added the worksforme The issue cannot be reproduced and things work as intended. label Oct 13, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug For errors / faults / flaws / inconsistencies etc. worksforme The issue cannot be reproduced and things work as intended.
Projects
None yet
Development

No branches or pull requests

3 participants