Did not realize what a firestorm I created. It seems like whatever browser I use to install in mamp works fine. Opera was the first browser I used to install symphony that actually showed me the admin links on the home page. Now I have it working in Safari 4, Camino, and opera, but cannot for the life of me get to the admin pages with firefox (3.0.11). Buy the way, this is all with symphony 2.0.3. Did not realize that they just released 2.0.4.

I’m running MAMP 1.7.2, only change from the standard install is enabling the ZIP extension in PHP, as detailed here:

Hope that helps.

We believe we’ve isolated the problem and it’s to do with the sessions class. More details soon.

Found the problem. Fix is on github, see the commit here.

Line 71 of /lib/core/class.session.php, which reads:

if(in_array($_SERVER['HTTP_HOST'], array('localhost', '')) || $_SERVER['SERVER_ADDR'] == ''){

needed to instead be:

if(preg_match('/(localhost|127\.0\.0\.1)/', $_SERVER['HTTP_HOST']) || $_SERVER['SERVER_ADDR'] == ''){

I changed from a preg_match() to a in_array() from v2.0.3, but misread the logic. That fix just reverts to the 2.0.2 code.

Don’t forget to escape the . ;)

Don’t forget to escape the . ;)

Eh. Stupid Markdown. Fixed.


This fix does not work for me, did a fresh install of Symphony (2.0.4) on my Testserver (no local install) and can’t login into backend. Just getting redirected to the login page again, no error message is shown.

Using Lamp system PHP 5.2.10, MySQL 5.0.70-r1



mgoeben: Did you install 2.0.4 from zip or the newest “nightly” from GitHub?

From zip.

The zip doesn’t have that fix. You’ll have to do it manually.


That’s why I wrote: the fix did it not for me, I applied it manually, and login is still not possible. Second, I don’t use a local (localhost or setup. So this fix should not help in my case.



Edit: It seems that there is no session cookie created. Edit: Deleted URL

Second, I don’t use a local (localhost or setup. So this fix should not help in my case.

Perhaps there are 2 bugs here. I’ll dig some more.

mgoeben, I created a test site (running locally) using a fresh copy of 2.0.4. I modified the session class to make sure it was not executing the localhost portion, and everything worked fine.

Have you managed to get Symphony running on that server successfully in the past?

No, I didn’t get it running. I will now look more into the source.

Everytime I try to login, the session id changes twice. somehow the session.start function is called twice.

I found the problem, and one solution, but there must be another solution/fix, not all people could change php.ini values.

Setting session.auto_start = 1 works here.

Ok, found the problem, when using session.auto_start = 1 PHP creates a session before any of your session calls, so session_set_save_handler is not known, and php uses the session.save_handler “file” instead of “user” as you implement in lib/core/class.session.php.

So your session storage does not work here, PHP stores the session in filesystem, found my “working” sessions in /tmp.

Normally you have to destroy any of the auto started sessions, before setting session_set_save_handler.

Ah. session_set_save_handler will return false if the session has already been started. Im thinking that a call to session_destroy() might do the trick. I’ll experiment. At least now I can replicate the problem.

I turned on session.auto_start and it didn’t prevent me from logging in. The session_save_handler was indeed files instead of user, but I could log in.

See if putting session_destroy(); just above line 29 (above the calls to ini_set()) helps at all.


If session.auto_start is enabled I could log in, but I can’t if it’s disabled, I never get a session cookie.

And session.auto_start should be off by default.

Adding session_destroy() kills the auto_start session as you stated, but then I could not login again.



Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details