| Author |
|
yon
Newbie
Joined: 22 December 2011
Online Status: Offline
Posts: 30
|
| Posted: 23 December 2012 at 12:54am | IP Logged
|
|
|
v6.5.1 can't work in suhosin php5.4.10.
when I login webmail, it is show Token invalid. I can't login. when disable suhosin can login.
what's wrong and How I fix it? 
|
| Back to Top |
|
| |
yon
Newbie
Joined: 22 December 2011
Online Status: Offline
Posts: 30
|
| Posted: 23 December 2012 at 1:42am | IP Logged
|
|
|
when I enable suhosin.cookie.encrypt=on, webmail can't login.
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6122
|
| Posted: 24 December 2012 at 12:38am | IP Logged
|
|
|
Can you please check if this persists with the latest 6.5.2 release? No need to upgrade the existing install for now, just install the latest package separately and see if it works for you.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
yon
Newbie
Joined: 22 December 2011
Online Status: Offline
Posts: 30
|
| Posted: 24 December 2012 at 7:50am | IP Logged
|
|
|
I have use v6.5.2, but it is still can't normal work now.
I can normal login other php software, just I can't login webmail.
php.ini
[suhosin]
suhosin.cookie.encrypt=on
suhosin.cookie.cryptkey=e8d5e21kolpd71f902b8
suhosin.session.encrypt=on
suhosin.session.cryptkey=e8d5e21sertk71f902b9
suhosin.session.cryptua=on
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6122
|
| Posted: 25 December 2012 at 2:39am | IP Logged
|
|
|
That looks like a known problem for other clients as well including Roundcube, see this forum thread, and it is suggested to turn encryption off. If that's not an option for any reason, there's another solution. You can disable token check by adding the following item into the array defined in data/settings/config.php file:
Code:
| 'labs.webmail.csrftoken-protection' => false, |
|
|
The setting is experimental and cannot be tested for each and every environment configuration, still it might be helpful in your case.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
yon
Newbie
Joined: 22 December 2011
Online Status: Offline
Posts: 30
|
| Posted: 25 December 2012 at 8:55am | IP Logged
|
|
|
Igor wrote:
That looks like a known problem for other clients as well including Roundcube, see this forum thread, and it is suggested to turn encryption off. If that's not an option for any reason, there's another solution. You can disable token check by adding the following item into the array defined in data/settings/config.php file:
Code:
| 'labs.webmail.csrftoken-protection' => false, |
|
|
The setting is experimental and cannot be tested for each and every environment configuration, still it might be helpful in your case.
--
Regards,
Igor, AfterLogic Support |
|
|
good. I can login webmail now!
thank you!
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: bugs of work in suhosin and php5.4.10
Privacy policy |
Refund policy