ID: 41853
User updated by: gundja at hotmail dot com
Reported By: gundja at hotmail dot com
-Status: Open
+Status: Bogus
Bug Type: Session related
Operating System: Redhat Enterprise
PHP Version: 5.2.3
New Comment:
It was a pb of caching in a web farm, sorry.
Previous Comments:
------------------------------------------------------------------------
[2007-06-29 16:49:47] gundja at hotmail dot com
Important note :
PHP is a compiled version
The application is on 64B environment
------------------------------------------------------------------------
[2007-06-29 15:22:14] gundja at hotmail dot com
Description:
------------
Users share the same session when there is a peak of charge.
Actually, the process is:
User 1 starts a session with a specific session_id() (S1)
User 2 starts a session with a specific session_id() (S2)
User 1 clicks on links
User 2 clicks on links
When there a lot of session, User 1 session = S2...
Thank you very much for your help.
Reproduce code:
---------------
<?
//version 0.2
session_start();
echo("Server name:".$_SERVER["SERVER_ADDR"]);
echo("<br/>SESSION ID : ".session_id()."<br/>");
$customControl = $_SERVER
['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']."|".$_SERVER['HTTP_ACCEPT_LANGUAGE']."|".session_id();
echo("Associated informations : <br/>".$customControl."<br/>");
if(isset($_SESSION["CUSTOM_CONTROL"]))
{
$controlFromSession = $_SESSION["CUSTOM_CONTROL"];
echo("Informations from session :
<br/>".$controlFromSession."<br/>");
if($customControl!=$controlFromSession)
{
echo("Informations from session and information provided by
client
are differents<br/>");
echo("We will destroy the session<br/>");
session_destroy();
echo("Session is destroyed<br/>");
echo("Session will be started<br/>");
session_start();
echo("Session is started<br/>");
$customControl = $_SERVER
['REMOTE_ADDR']."|".$_SERVER['HTTP_USER_AGENT']."|".$_SERVER['HTTP_ACCEPT_LANGUAGE']."|".session_id();
echo("Value of custom control :<br/>".$customControl);
}
}
$_SESSION["CUSTOM_CONTROL"] = $customControl;
echo("Value of Session :<br/>".$_SESSION["CUSTOM_CONTROL"]);
?>
Expected result:
----------------
SESSION ID : e1dd4e5ce39242a52c7db9d7f23fec8c
Associated informations :
195.68.126.90|Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.4) Gecko/20070515
Firefox/2.0.0.4|en-us,en;q=0.5|e1dd4e5ce39242a52c7db9d7f23fec8c
Informations from session :
195.68.126.90|Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.4) Gecko/20070515
Firefox/2.0.0.4|en-us,en;q=0.5|e1dd4e5ce39242a52c7db9d7f23fec8c
Value of Session :
195.68.126.90|Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.4) Gecko/20070515
Firefox/2.0.0.4|en-us,en;q=0.5|e1dd4e5ce39242a52c7db9d7f23fec8c
Actual result:
--------------
SESSION ID : 979747d25bc9e21291aad70a1f886491
Associated informations :
195.68.126.90|Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.4) Gecko/20070515
Firefox/2.0.0.4|en-us,en;q=0.5|979747d25bc9e21291aad70a1f886491
Informations from session :
82.228.147.184;Mozilla/5.0 (Windows: U: Windows NT 5.1: fr:
rv:1.8.0.12) Gecko/20070508
Firefox/1.5.0.12;fr,fr-fr:q=0.8,en-us:q=0.5,en:q=0.3;979747d25bc9e21291aad70a1f886491;9508e4f5a18916a88ac39f0c64aecd0a
Informations from session and information provided by client are
differents
We will destroy the session
Session is destroyed
Session will be started
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=41853&edit=1
