suhosin php patches have an option to encrypt sessions, certain configurations cause breakage due to decryption failing and sessions being killed
changeset to follow which implements
xinha_pass_to_backend_without_php_sessions()
that avoids this issue, the new method stores keys in it's own files instead of the PHP session
Old method cedes to the new method if suhosin is found to be configured and the usage appears default, this should fairly transparently allow it to "just work" for more people.
suhosin php patches have an option to encrypt sessions, certain configurations cause breakage due to decryption failing and sessions being killed
changeset to follow which implements xinha_pass_to_backend_without_php_sessions() that avoids this issue, the new method stores keys in it's own files instead of the PHP session
Old method cedes to the new method if suhosin is found to be configured and the usage appears default, this should fairly transparently allow it to "just work" for more people.
Updated to latest MFM from my github
Reported by @sleemanj, migrated from http://trac.xinha.org/ticket/1595