@anonymous-piwik-user opened this Issue on July 25th 2009

I run my server with session.auto_start at on, which causes a problem due to the way the Zend Session Object is done.

I would suggest a htaccess with the following rule:

```php_flag session.auto_start off


At any rate, this .htaccess coule eventually be used for url routing purposes, for clean urls.
@mattab commented on July 27th 2009 Owner

we should not rely on .htaccess for application level logic;
what exactly is the problem you mention? please post steps to reproduce.

@robocoder commented on July 27th 2009 Contributor

I believe mt's configuration would have been an issue even before #828 because Zend_Auth depended on Zend_Session indirectly.

session.auto_start is off in a default PHP configuration.

It's specifically wrong for it to be "on" for Zend Framework apps (http://framework.zend.com/manual/en/zend.session.advanced_usage.html) because it causes an E_NOTICE to be thrown when Zend_Session::start() is called (either directly or by Zend_Session_Namespace).

We can't guard against this programmatically, e.g.,

<a class='mention' href='https://github.com/ini_set'>@ini_set</a>('session.auto_start', 0);

because the session has already been started by the time the PHP executes.

We should document this as a system requirement rather than adding the .htaccess rule. (In fact, we should probably remove piwik/.htaccess from the build so that it doesn't overwrite the user's configuration.)

@robocoder commented on July 28th 2009 Contributor

opened #887 to exclude .htaccess from future builds

This Issue was closed on March 19th 2010
Powered by GitHub Issue Mirror