ID: 16890
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Session related
Operating System: WinXP
PHP Version: 4.2.0
New Comment:
I also am troubled by the same bug. In the Nusphere package I use for
development on a Windows XP machine and on the webserver which runs
linux.
The problem is occuring since the 4.1.2 upgrade. I hoped it would be
resolved in 4.2.0.
The bug Id for the same incident on version 4.1.2 is 15909.
BTW: In my case it only happens on pages which use Mysql.
Example:
I use a login-page which check the user-credentials with those found in
a Mysql-table -> All goes well.
Next the user enters a menu which is composed, depending on user rights
which are stored in Mysql -> All goes well.
When users try to make or alter a news-message the Session variables
which were previously stored (i.e. whether or not a user is logged in,
what his/her roles are), stay in the Session; however, all new
variables such as message-text, title and so on, are not stored. So
when performing an insert-statement, the new data is lost. This is
before any MySql statements are parsed or even sent to the database.
The only differences I can see with other forms using PHP are:
1) The form uses TEXTAREA
2) Some of the Mysql table columns used are LONGTEXT.
Previous Comments:
------------------------------------------------------------------------
[2002-05-02 12:08:24] [EMAIL PROTECTED]
I have similar trouble on
------------------------------------------------------------------------
[2002-04-29 02:57:31] [EMAIL PROTECTED]
Problem remains.
------------------------------------------------------------------------
[2002-04-29 02:56:30] [EMAIL PROTECTED]
Oops, yep I agree. The test script has a remnant from some "clutching
at straws" testing. Apologies.
Rest assured though that the problem is there even if you remove the
first switch and call session_start() for all cases.
------------------------------------------------------------------------
[2002-04-28 19:40:40] [EMAIL PROTECTED]
If you want to use sessions, you need to ALWAYS have
session_start() before trying to access $_SESSION[]
(or $HTTP_SESSION_VARS[] )
--Jani
------------------------------------------------------------------------
[2002-04-28 17:27:29] [EMAIL PROTECTED]
Hi all,
Globals are Off!
I am logging in from a form on one page (sessions.php), sending the
data via GET (for test purposes) to another script (setSession.php)
which should display the contents of the session vars once set. Then
there is a hyperlink to take me back to the sessions.php script where I
should be presented with a welcome message as opposed to the original
log in form. The problem is that there appears to be great
inconsistency with how session vars perform. I have included the test
scripts I have been using below for your convenience.
Problem exhibited
Test Case 1 (see Test Code):
This is the method recommended for when Globals are On but I ran this
test with Globals Off to see if it helped. This results with me not
being able to see the session var contents on the page they are created
BUT following the link which takes me back to the login Form does
result with me being logged in automatically.
Test Case 2:
This results with me being able to display the contents of the session
vars on the page which created them BUT they appear to get lost when
following the link which should auto log me in.
Test Case 3:
Results are exactly the same as Test Case 2.
Note: To simulate a test case, copy the two scripts below and set the
$testcase number at the top of each script.
==============
sessions.php
==============
<?
$testcase = 1;
switch ($testcase){
case 1:
session_start();
break;
default:
break;
}
?>
<html>
<head>
</head>
<body>
<?
switch ($testcase) {
case 1:
if ($HTTP_SESSION_VARS['username']){
echo "Welcome ".$HTTP_SESSION_VARS['username'];
} else {
echo "Running Test Case $testcase <br />";
echo "<form method=\"GET\" action=\"setSession.php\">\n"
. "User: <input type=\"text\" name=\"user\" value=\"\"><br
/>\n"
. "ID: <input type=\"text\" name=\"id\" value=\"\"><br />\n"
. "<input type=\"submit\" value=\"Set Session\"><br />\n"
. "</form>\n";
}
break;
case 2;
if ($_SESSION['username']){
echo "Welcome ".$_SESSION['username'];
} else {
echo "Running Test Case $testcase <br />";
echo "<form method=\"GET\" action=\"setSession.php\">\n"
. "User: <input type=\"text\" name=\"user\" value=\"\"><br
/>\n"
. "ID: <input type=\"text\" name=\"id\" value=\"\"><br />\n"
. "<input type=\"submit\" value=\"Set Session\"><br />\n"
. "</form>\n";
}
break;
case 3:
if ($HTTP_SESSION_VARS['username']){
echo "Welcome ".$HTTP_SESSION_VARS['username'];
} else {
echo "Running Test Case $testcase <br />";
echo "<form method=\"GET\" action=\"setSession.php\">\n"
. "User: <input type=\"text\" name=\"user\" value=\"\"><br
/>\n"
. "ID: <input type=\"text\" name=\"id\" value=\"\"><br />\n"
. "<input type=\"submit\" value=\"Set Session\"><br />\n"
. "</form>\n";
}
break;
default:
echo "Invalid Test Case Specified";
exit (1);
}
?>
</body>
</html>
===============
setSession.php
===============
<?
$testcase = 1;
switch ($testcase){
case 1:
session_start();
break;
default:
break;
}
?>
<html>
<head>
</head>
<body>
<?
$testcase = 3;
switch ($testcase){
case 1:
if ($_GET['user']){
//Globals On - test case 1
$username = $HTTP_GET_VARS['user'];
$userid = $HTTP_GET_VARS['id'];
session_register('username');
session_register('userid');
}
break;
case 2:
if ($_GET['user']){
//Globals Off with $_SESSION[] - test case 2
$_SESSION['username'] = $HTTP_GET_VARS['user'];
$_SESSION['userid'] = $HTTP_GET_VARS['id'];
}
break;
case 3:
if ($_GET['user']){
//Globals Off with $HTTP_SESSION_VARS[] - test case 3
$HTTP_SESSION_VARS['username'] = $HTTP_GET_VARS['user'];
$HTTP_SESSION_VARS['userid'] = $HTTP_GET_VARS['id'];
}
break;
default:
echo "Invalid test case specified";
exit (1);
}
echo "Running Test Case $testcase <br />";
echo "<hr>";
?>
Session Vars are set to:<br />
<?
switch ($testcase){
case 1:
echo "User = ".$HTTP_SESSION_VARS['username']."<br />";
echo "Userid = ".$HTTP_SESSION_VARS['userid']."<br />";
break;
case 2:
echo "User = ".$_SESSION['username']."<br />";
echo "Userid = ".$_SESSION['userid']."<br />";
break;
case 3:
echo "User = ".$HTTP_SESSION_VARS['username']."<br />";
echo "Userid = ".$HTTP_SESSION_VARS['userid']."<br />";
break;
default:
echo "Invalid Test Case Specified";
exit(1);
}
?>
<hr>
<a href="sessions.php">Click here to test your session vars</a>
</body>
</html>
Thanks
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=16890&edit=1
