Phoca Forum

Hi all,
i had the same error. Cause is the (useful !!!) php-setting "session.cookie_httponly = On". This setting marks the session-cookie as accessible only through the HTTP protocol.

Solution 1: Set session.cookie_httponly = 0 in /etc/php5/apache2/php.ini. Restart apache.

or better

Solution 2: Add
<param name="readCookieFromNavigator" value="false">
<param name="specificHeaders" value="Cookie: <?php echo $this->session->getName().'='.$this->session->getId();?>">
in ./administrator/components/com_phocagallery/views/phocagallerym/tmpl/form_javaupload.php after line 35 and after line 18.

Systemdata: Suse-Linux 10.3, Apache/2.2.4, PHP 5.2.11, Joomla 1.5.15, Phoca_Gallery 2.5.8

Best regards
Günter

Hi, thank you for this information.

Jan

Hi, can i hope that solution 2 will be considered in the next version?

Hi, I will take a look at it (2), but it seems this solution can be security problem for the site

Solution 1 could be a problem, because session.cookie_httponly = 1 can effectively help to reduce identity theft through XSS attacks. So I prefer solution 2. Perhaps this behavior should be configurable.

Hi,
please forget it and delete the complete thread!

This solved my problem, my question now is if it is ok to use this hack or not?