From: watermark86 at gmail dot com Operating system: Ubuntu 8.04 x32 PHP version: 5.2.8 PHP Bug Type: Session related Bug description: session_set_save_handler without session_start causes issues in IE
Description: ------------ Calling session_set_save_handler without calling session_start later will cause IE 7 to report that the website is having network problems. The site will work in all other browsers, including IE8. Disabled the great "Friendly HTTP errors" which lead to the same error. Reproduce code: --------------- class SessionManager { private $life_time; private $db; public function __construct() { // Read the maxlifetime setting from PHP $this->life_time = get_cfg_var("session.gc_maxlifetime"); ini_set('session.gc_probability','1'); // Register this object as the session handler session_set_save_handler( array( &$this, "open" ), array( &$this, "close" ), array( &$this, "read" ), array( &$this, "write"), array( &$this, "destroy"), array( &$this, "gc" ) ); } public function open() { global $dbhost, $dbuser, $dbpass, $dbname; //get a seperate connection for session management $this->db = new sql_db($dbhost, $dbuser, $dbpass, $dbname); } public function close() { //close the connection $this->db->close(); } public function read($sessionid) { global $dbprefix; $this->cleanSQL($sessionid); $id = $this->db->query( "SELECT data FROM {$dbprefix}sessions WHERE sessionid='{$sessionid}' AND expire > UNIX_TIMESTAMP() "); if( $this->db->numrows() == 0 ) return ''; else { $row = $this->db->fetchrow(0,MYSQLI_ASSOC); return $row['data']; } } public function write($sessionid, $data) { global $dbprefix; $this->cleanSQL($sessionid); $this->cleanSQL($data); $time = time() + $this->life_time; $this->db->query( "REPLACE {$dbprefix}sessions (sessionid,data,expire) VALUES ( '{$sessionid}', '{$data}', '{$time}' ) "); return TRUE; } public function destroy( $sessionid ) { global $dbprefix; $this->cleanSQL($sessionid); $this->db->query( "DELETE FROM {$dbprefix}sessions WHERE sessionid='{$sessionid}' "); return true; } public function gc() { global $dbprefix; $this->db->query( "DELETE FROM {$dbprefix}sessions WHERE expire < UNIX_TIMESTAMP() "); return true; } private function cleanSQL(&$var) { $var = mysql_real_escape_string($var); } } $sessionmanager = new SessionManager(); echo 'it works'; Expected result: ---------------- Will print "it works" in all browsers. Actual result: -------------- Prints "it works" in all browsers except IE7 (Unknown if IE6 is affected.) -- Edit bug report at http://bugs.php.net/?id=47483&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47483&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47483&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47483&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47483&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47483&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47483&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47483&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47483&r=needscript Try newer version: http://bugs.php.net/fix.php?id=47483&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47483&r=support Expected behavior: http://bugs.php.net/fix.php?id=47483&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47483&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47483&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47483&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47483&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=47483&r=dst IIS Stability: http://bugs.php.net/fix.php?id=47483&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47483&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47483&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47483&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47483&r=mysqlcfg