The "invalid session" error problem now seems to be a thing of the past. The 2.0.8a version of the phpBB software is the most secure and stable yet and everything seems to be rock solid. I'm going to wait a couple more weeks but if no more complaints come I think I can delete the link to this thread.
October 5th 2003: Forum Software Updated to 2.0.6
I just updated the phpBB forum software from 2.0.4 to 2.0.6. It's possible that this will solve the "invalid session" errors problem -- if anyone still receives an invalid session error please let me know about it. Thanks!
===============================================
Important Note:
Please only mail me in response to this announcement if you are a member of the Help & Manual Forums! Some bright sparks have posted links to this announcement at other forums that use the same phpBB forum software and a lot of people clicking on these links are sending me mails about problems at the other forums.
About Invalid_Session errors:
Some users may get an "Invalid_Session" error with the new forum software when posting a longer message or reply. This is due to a new "security" feature that I'm not particularly happy about -- or rather, I'm happy about the security feature but definitely not happy about the way it's implemented.
If you are a member of the Help & Manual Forums (and only then, I will not answer mails from members of other forums) please mail me at webmaster@it-authoring.com if you are experiencing these problems. I need to know how many people are affected!
What is causing the problem:
Basically this feature protects against hacker attacks by giving every active user a Session ID, part of which is derived from your current IP address. If your Internet account uses dynamic IP addresses and a timeout so that your machine goes offline and then online again while you are composing posts your IP address will change and your Session ID will become invalid. phpBB will then assume that you're a hacker and not allow you to post.
Users of AOL worldwide and T-Online in Germany will be particularly strongly affected by this problem, as will all other users with providers who change the entire IP address every time you log on.
If you're interested in the technical details see this message from the phpBB staff:
http://www.phpbb.com/phpBB/viewtopic.php?t=69493
Workaround:
If you experience this problem while trying to post a message or reply do this:
- 1:
Immediately click on BACK in your browser. This will display your editing screen with the text you just entered.
2:
Copy all the text you wrote to the clipboard, then return to the forum and select New Message or Reply as appropriate for what you were trying to do.
3:
Paste the text you just copied into the editing window and immediately click on SUBMIT, while your current session is still valid.
Sorry for any inconvenience.