-
Type:
Problem report
-
Resolution: Fixed
-
Priority:
Blocker
-
Affects Version/s: 5.2.3
-
Component/s: Frontend (F)
-
None
-
Sprint 72 (Jan 2021), Sprint 73 (Feb 2021), Sprint 74 (Mar 2021)
-
0.125
Steps to reproduce:
- You need an old installation with IDs from distributed monitoring or any configid != 1
Result:
CEncryptHelper::updateKey() has "dbConditionInt('configid', [1])" as condition. So the update query to the DB doesn't do anything and session_key will never be set. Resulting in a failing cookie signature validation.
All users will be downgraded to the guest user.
Expected:
"dynamic" configid condition, so session_key will be set if it's empty.
- caused by
-
ZBXNEXT-5965 Zabbix UI and API must not keep any local states like PHP sessionid
-
- Closed
-
- is duplicated by
-
-
- Closed
-
