Suhosin
Suhosin is a (somewhat) commonly installed PHP module used by shared hosting providers to prevent (to some degree) malicious PHP code from compromising a shared environment. Sounds great, but the problem is it spreads its tentacles into areas where, if unaware of its presence, can cause some very unexpected results.
This was the case in Blesta, until recently.
The issue experienced in Blesta was related to session handling. Blesta uses a database to maintain session information, for added security and to permit load balancing. Normally, a session ends when the user closes their browser, however it can be revive if a cookie is stored on the user’s machine and is then read when they revist the site. But because Suhosin encrypts session data by default, our revival code had access to only encrypted data. Essentially, the session couldn’t be revived. The only way to decrypt the data is to have Suhosin do it. So what we did was rename the session prior to starting it, which tricks PHP into thinking the session never ended, and so Suhosin takes over and decrypts the Session just in time.
The psuedo code looks something like this:
$session_id = $_COOKIE[‘session_id’];
session_name($session_id);
session_start();
Related Tags:
VPS.NET Robot
The team at VPS.NET was kind enough to send over one of their amazing little robots. Here he is right after I took him out of his anti-static (To prevent electrical issues during transport) bag.
A closeup..
The little guy wasted no time and promptly got to work. I switched the flip from “node management” to programming, and he started away filling in the stub methods for some objects in the new Blesta 3.0 that’s currently under development. Took him a few minutes to learn the Dvorak key mappings (He comes with native QWERTY support only) but once he got the hang of it, it was a sight to behold. I should have taken video.
He also loves to get into things. He finished up all his work early, and I caught him playing with the paper clips. Crazy little guy!! What a personality.
So, a big thank you to VPS.NET and all the staff! Nick, Ditlev, Terry, Carlos, and the rest, well done!
Related Tags:
Website gets a new look
I’m happy to announce that www.blesta.com has a new look. The last design went largely unchanged for about 2 years, so we were long overdue for a facelift. There may be a few issues with missing content, or the occasional broken page but we’ll have that all cleared up in the next few days. So, what do you think?
Related Tags:
CentovaCast Module Released
A beta version of the CentovaCast module has been released. For more information, or to download the module, visit this thread on our forums.
Related Tags:
Vision Helpdesk Integration
Our friends over at Vision Helpdesk have been hard at work, they just launched v2.3.2 with Blesta integration! Now you can create invoices in Blesta directly from Vision Helpdesk, and I’m told they’ve got login share working too.
Vision Helpdesk is emerging as a leader is the support desk industry, and we recommend you check them out. They even have a free trial, so there is no obligation to buy.