NYCPHP Meetup

[nycphp-talk] Debugging Remote Problem - Solved

Hans Kaspersetz lamolist at cyberxdesigns.com
Wed Feb 22 10:08:14 EST 2006


The problem came down to Joomla and Mambo using the user's IP address 
authenticate users.  When users come from a proxy farm their IP address 
changes mid session and they loose the data that connects them to the 
stored session data and the user is logged out.

I would suggest reading: 
http://www.mambers.com/showthread.php?p=127067#post127067

 From the post:
----------------  snip -------------
The problem, as another poster outlined above, is that Mambo is using 
the users ip address to authenticate sessions ($_SERVER['REMOTE_ADDR']), 
and AOL users who use the AOL browser are coming through proxy banks, 
and could potentially have one of up to 128 different ip addresses for 
every separate page request.
----------------- end snip --------

When reading this post just substitute the word proxy farm for AOL.

I have implemented his suggested hack:

--------

|$test = explode('.', $_SERVER['REMOTE_ADDR']);
unset ($test[3]);
$test = join('.', $test);

------

My users in SA seem to be using the site successfully now.  One major 
problem with this hack is that you have to modify Mambo.php.  I hate 
making changes to the core of an application because now I have to track 
this thing and apply patches into the future manually or reapply my 
patch after the update.

Remember to apply this fix to any of your custom code that relies on 
session data.

I hope this helps, it certainly helped me.

Hans Kaspersetz
Cyber X Designs
http://www.cyberxdesigns.com

|


>> If a proxy is in the way
>> maybe this will help
>>
>>
>> http://forum.mamboserver.com/showthread.php?t=18759
>>
>>
>>
>>   
>>     




More information about the talk mailing list