I'm developping a module with comments enable feature.

At first, it worked fine, but now, the comments won't save due to a "No valid token found in request/session" error. It is the same with everything that needs a token like profile update.

When I output the $_POST and $_SESSION vars, I can see the token var in $_POST but there is only xoopsUserId and xoopsUserGroups in $_SESSION. It does the exact same thing when I manually enter a $_SESSION var.

What I've done wrong?
Is there a security thing that flush the $_SESSION var when something happens?


Thanks in advance.

It will works, but I also want new users to be shared between the 2 websites

I have 2 xoops websites with their own database.
The thing is I want to use the same user table for both of them and keep the databases separated.
The two sites don't use the same table prefix.

What is the best way to do that?
If I have to do it manually, what are the files to change?

Thanks in advance.