Login!
Register as a new user Lost password?
 

MODx Bug/Feature Tracker and Feature Requests

Welcome to the MODx CMS Tracker. Please choose the appropriate project from the drop down menu and provide as much information as possible regarding your server environment and browser. Thanks!

FS#377 — id field in cookie

Attached to Project — MODx
Opened by Honoré (Honoré) - Friday, 05 May 2006, 12:22PM
Last edited by Jason Coward (opengeek) - Wednesday, 21 November 2007, 10:41AM
Task Type Bug Report
Category Core Distribution
Status Requires testing
Assigned To Jason Coward (opengeek)
Timon Reinhard (netnoise)
Operating System All
Severity High
Priority Normal
Reported Version 0.9.2/0.9.2.1
Due in Version 0.9.7-beta
Due Date Undecided
Percent Complete 80%

Details

I ran into some stability problems when using id field in cookies.

Test case : Create a snippet with the following code

setcookie("id", session_id(), time() + ((3600 * 24) * 30));
and call it from your template.
Open the page. Go back to the manager interface and try to open a document.

Result :
Javascript error msgs : document not found.
SQL errors.
Clear cookies and restart, it works again.

There is no problem if you replace the id field with another string. I just had bad luck -).

This is how it behaves on my computer.

This task depends upon

This task blocks these from closing
Comment by Ryan Thrash (rthrash) - Sunday, 13 August 2006, 05:46PM
"id" is currently a reserved word for MODx and should not be used. This should be changed for 1.0 though.

Comment by Timon Reinhard (netnoise) - Friday, 29 December 2006, 08:26AM
Should already work in 0.9.5.1 since $_REQUEST won't be anymore polluted by cookies.

Comment by Timon Reinhard (netnoise) - Tuesday, 02 January 2007, 07:17AM
Update: This won't be fixed in 0.9.5.1. to keep the standard behavior of $_REQUEST.

Comment by Jason Coward (opengeek) - Wednesday, 21 November 2007, 10:41AM
You can now configure the parameter keys (id, q traditionally) to be used by MODx via system settings. This should help those that absolutely need to use id or q in any $_REQUEST variable without conflicting with MODx behavior.

However, we still need to address how to configure this automatically in .htaccess (if possible/supported).