Hi,

just for anybody who is not running SSL on their server.

Did a new install 2.4.11, and every time I clicked on any link, it went back to the login page and after new login to link destination.

Found the culprit after a while of searching ...

In includes/session.inc, function sessionStart:

$https = isset($secure) ? $secure : (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');

$https got set to 1, even though I'm definitely not running https.

Further search is on line 405 (Or around there ... forgive me for not trying to remove all my little debugs)

$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)), 0, '/', null, True);

That sets $secure=True and in turn sets $https above to 1.

That results into cookie parameters being wrong and the session being restarted all the time.

Hope it helps.