Продукт | Версия |
MediaWiki | 1.31.6 (c168a3f) 20:28, 19 декабря 2019 |
PHP | 7.4.2 (fpm-fcgi) |
MariaDB | 10.3.21-MariaDB-1:10.3.21+maria~disco-log |
ICU | 64.2 |
LuaSandbox | 3.0.3 |
Lua | 5.1.5 |
LilyPond | 2.18.2 |
In PHP 7.4 a bug was fixed: Bug #78929, plus signs in cookie values are converted to spaces.
Now, I cannot login under a username consisting of two words. One-word usernames still work. The login screen displays the username with a plus sign instead of the space.
If I keep it, login fails with "wrong username or password". If I replace it with a space, I am redirected to the page version shown to anonymous users, and my subsequent edits are anonymous. The cookies for user name and user ID are set correctly. The debug log says:
… User: cache miss for user 22 … User: loading options for user 22 from database … Session "ecd5g7rtb2mnckj8mg5tben39blchujn" requested with mismatched UserID and UserName cookies. … [session] SessionBackend "834q3173a0ovtdfqocreua0pq447su39" is unsaved, marking dirty in constructor [session] SessionBackend "834q3173a0ovtdfqocreua0pq447su39" save: dataDirty=1 metaDirty=1 forcePersist=0 [cookie] setcookie: "…_session", "", "1548417355", "/", "", "", "1" [cookie] setcookie: "…UserID", "", "1548417355", "/", "", "", "1" [cookie] already deleted setcookie: "…Token", "", "1548417355", "/", "", "", "1" [cookie] already deleted setcookie: "forceHTTPS", "", "1548417355", "/", "", "", "1" …
LocalSettings.php:
$wgSessionCacheType = CACHE_DB;
php.ini:
session.save_handler = files session.save_path = "/var/cache/session"
I have managed to temporarily fix the issue by wrapping $this->getCookie( $request, 'UserName', $prefix ) in CookieSessionProvider::getUserInfoFromCookies () with urldecode ().