>>>> Thomas Schmidt <tschmidt@suse.de> 08/07/10 10:43 AM >>>
>On 08/07/2010 05:56 AM, Matthew Ehle wrote:
>> Hello Everyone,
>>
>> I have rolled a fix for Bug 619735 to the production wiki. I have provided details about the problem and solution there, but here's the short of it:
>>
>> PHP requires session_start() to be called before any session data can be saved. The javascript login only passes login information to iChain and never explicitly calls the MediaWiki login, where the
>> session_start() function is called. Thus, when using the javascript login, no session is started, and no session data is saved. Editing a page also calls session_start(), which is why it starts
>> working after trying it one time.
>>
>> I added a session_start() call in the automatic iChain login script, and I have not been able to duplicate the problem on stage since. As this appears to solve the problem, I have moved it out to the
>> live wiki. Please test it out and report any issues to me. If I don't hear anything over the weekend, I'll close the bug out on Monday.
>>
>> In addition to the fix, the latest deployment also contains the code for email validation. It won't do anything until it is provided certain header information by iChain, which should be set up to do
>> that on Monday morning.
>
>Cool, thanks Matthew for finding this nasty bug!

No problem!  Looks like I was a little hasty in trying to blame this on your login form (I'm assuming that you were involved in its development).  It actually works really well, aside from originally sending passwords in plain text ;)

Actually, I think a lot of the random login/session problems that have been reported in the forums were because of this long-standing bug.  The javascript login only made it more apparent, so it turned out to be quite a good thing!