I recently upgraded a wiki (I can't provide a link) from v1.20.2 to v1.24.1. Now certain users are able to login while others cannot. The ones that cannot are presented the need to login page repeatedly (input credentials, hit submit, need to login page returns). I have access to two user accounts, one that can login and one that cannot, and I can test them on the same laptop at the same time.
I turned on all the debugging I could and was able to note the wikiToken and wiki_session values in the browser for each user. I compared these values to the user_token in the database table "users" and I compared these to the session file values. For the both user accounts, the wiki_session and session file name are the same value and change with each login (I assume this is the expected behavior).
For the user account that works, the wikiToken (from the browser), user_token (from the database) and wsloginToken (from the session file) all remain the same for each login/logout. If I don't check the keep me logged in, the wikitoken (from the browser) disappears.
For the user account that doesn't work, wikiToken (from the browser) and the wsloginToken (from the session file) are equal to each other but they change for every login attempt. The user_token (from the database) remains the same and never equal to the other two values.
I assume this is an issue with the session file creation but I have no idea where to look or how to address it.
Thanks Bill MW v1.24.1, PHP v5.5.20, MySQL v5.7.2