Fixed in CVS.

The data is what I expected. The encrypted credential data contains a 
pipe character that breaks our preg_split()'ing.

See attached (intended to preserve the non-ASCII characters).



You'll notice I took a printout of $vars[$auth+1] and then the first 
section of the $session_data variable which should show you the 
characters leading up to it that are getting misparsed.  This was 
probably similar to the case earlier (forgot to save the session 
before), and causes the same problem.  At this point it's character 90 
of the unserialize



"Notice: unserialize(): Error at offset 90 of 131 bytes in 
/var/www/horde/lib/Horde/SessionHandler.php on line 217"

What's the complete string before the split in this case 
($session_data)? If it's too large, it might sufficient to provide 
only the characters of the "credential" string.

a:8:{s:13:"authenticated";b:1;s:6:"userId";s:20:"email@domain.com";s:11:"credentials";s:40:"ùªaA34°? 
ñd36¸ì¸õǐÁÂ???¼



And then the input string just stops.  The session file keeps going, 
but the string it is unserializing ( $vars[$auth+1] ) fails to be 
complete, and hence fails on the unserializing as it just stops.

I seem to be getting a few of these on about 1/3 of the sessions 
active.  I'd imagine there's some character not being escaped properly 
in the session?



Notice: unserialize(): Error at offset 93 of 130 bytes in 
/var/www/horde/lib/Horde/SessionHandler.php on line 217



Notice: unserialize(): Error at offset 92 of 121 bytes in 
/var/www/horde/lib/Horde/SessionHandler.php on line 217



Notice: unserialize(): Error at offset 93 of 130 bytes in 
/var/www/horde/lib/Horde/SessionHandler.php on line 217



Notice: unserialize(): Error at offset 92 of 121 bytes in 
/var/www/horde/lib/Horde/SessionHandler.php on line 217