The problem was that if ($_framed) the $SESS_HIDDEN_FIELD was completely replaced instead of extended. This should be $SESS_HIDDEN_FIELD .= "\n".'<input ...' and not $SESS_HIDDEN_FIELD = "\n".'<input ...'
This is corrected in the current CVS version. Sorry for that!
Thomas
Stephen wrote:
Hi,
Whenever someone adds an adddressbook entry, they loose the session and end up with a login screen in the box. I noticed the following:
// add framed parameter if ($_framed) { $COMM_PATH .= '&_framed=1'; $SESS_HIDDEN_FIELD = "\n".'<input type="hidden" name="_framed" value="1" />'; }
If I change the value to this, it solves the problem.
$SESS_HIDDEN_FIELD = sprintf('<input type="hidden" name="_auth"value="%s" />', $sess_auth);
I think the problem is that if it doesn't get the auth id when its framed, it can't look up the "changed" value correctly in the database for how long as elapsed and thinks the session has timed out. Comments?
Thanks, Stephen Blackstone