2013-05-17, 10:43 AM
Hi MyBB community,
On my forum (gotlive.nl) i'm using the Arrowchat 3rd party software to let my users chat on the site. This has been very nice up until the last update.
What happened after the 1.6.10 update was as follows: after a user closes his session with the site, the SID cookie is deleted and when a user revisits the site, he is signed on like normal (he didn't sign out) and sees the forum which greets him with "Hello <user>". But the Arrowchat is listing him as offline.
Arrowchat uses the Session ID cookie to get the UserID and then use that for signing him into the chat and letting him use his username, avatar and whatnot.
While there are other methods to get this info (including global.php for instance) this has worked nicely for quite a while and its obvious the Session ID has to be recreated for the system to recognise the user.
But with the new 1.6.10 update, the SID cookie is no longer recreated. I'm not sure if this is supposed to work this way but now my users are signed in as guests on the chat (or if i disable that, not at all). The forum still works great but i'm not sure if this should be like this or not. I would imagine when a user revisits a new session gets created, but not sure about this.
So if somebody could explain this to me, that would be great.
Also, using the mybbuser cookie to get his ID seems to be working, so i currently have a workaround but its not really safe yet and i was hoping for some clarification.
On my forum (gotlive.nl) i'm using the Arrowchat 3rd party software to let my users chat on the site. This has been very nice up until the last update.
What happened after the 1.6.10 update was as follows: after a user closes his session with the site, the SID cookie is deleted and when a user revisits the site, he is signed on like normal (he didn't sign out) and sees the forum which greets him with "Hello <user>". But the Arrowchat is listing him as offline.
Arrowchat uses the Session ID cookie to get the UserID and then use that for signing him into the chat and letting him use his username, avatar and whatnot.
While there are other methods to get this info (including global.php for instance) this has worked nicely for quite a while and its obvious the Session ID has to be recreated for the system to recognise the user.
But with the new 1.6.10 update, the SID cookie is no longer recreated. I'm not sure if this is supposed to work this way but now my users are signed in as guests on the chat (or if i disable that, not at all). The forum still works great but i'm not sure if this should be like this or not. I would imagine when a user revisits a new session gets created, but not sure about this.
So if somebody could explain this to me, that would be great.
Also, using the mybbuser cookie to get his ID seems to be working, so i currently have a workaround but its not really safe yet and i was hoping for some clarification.