session key in url on admin login

Help with getting the CMS CORE package up and running. This does not include 3rd party modules, PHP scripts, anything downloaded via module manager or from any external source.
Locked
turniphead
Forum Members
Forum Members
Posts: 40
Joined: Thu Jul 31, 2008 12:16 pm

session key in url on admin login

Post by turniphead »

I have a new install that puts a session key in the url when the admin logs in like :
http://mysite.com/admin/index.php?_s_=c3bc3d6f

This didn't happen on a previous install and I am wondering what causes the session key to display on one site and not another. I don't see anything obvious in the config.php or settings.

I'm using 1.5.4 on a LAMP environment.

I am only concerned because I have other problems in the admin area and I am wondering is this is the cause. For example, in content->pages the move up/down and collapse/expand buttons return a javascrip alert:
"Error: The XML response that was returned from the server is invalid"
I am wondering if the session thing is causing it.

Thanks for looking.
Top
viebig

Re: session key in url on admin login

Post by viebig »

Hello, session key is an additional security implementation on 1.5.4+. Nothing to do with your XML as far as I know.

I never experienced this error, maybe mark can help you with that. Did you run site verification?

Regards

G
Top
RonnyK
Support Guru
Support Guru
Posts: 4962
Joined: Wed Oct 25, 2006 8:29 pm

Re: session key in url on admin login

Post by RonnyK »

As Viebig mentioned.... The session key is a security-check to prevent CrossSideScripting.

The XML error in listcontent is often caused by some error in a lang-file, the second line often tells you which file is causing it.....

Ronny
Top
Locked

Return to “[locked] Installation, Setup and Upgrade”