From: watermark86 at gmail dot com
Operating system: Ubuntu 8.04 x32
PHP version: 5.2.8
PHP Bug Type: Session related
Bug description: session_set_save_handler without session_start causes issues
in IE
Description:
------------
Calling session_set_save_handler without calling session_start later will
cause IE 7 to report that the website is having network problems. The site
will work in all other browsers, including IE8. Disabled the great
"Friendly HTTP errors" which lead to the same error.
Reproduce code:
---------------
class SessionManager {
private $life_time;
private $db;
public function __construct() {
// Read the maxlifetime setting from PHP
$this->life_time = get_cfg_var("session.gc_maxlifetime");
ini_set('session.gc_probability','1');
// Register this object as the session handler
session_set_save_handler(
array( &$this, "open" ),
array( &$this, "close" ),
array( &$this, "read" ),
array( &$this, "write"),
array( &$this, "destroy"),
array( &$this, "gc" )
);
}
public function open() {
global $dbhost, $dbuser, $dbpass, $dbname;
//get a seperate connection for session management
$this->db = new sql_db($dbhost, $dbuser, $dbpass, $dbname);
}
public function close() {
//close the connection
$this->db->close();
}
public function read($sessionid) {
global $dbprefix;
$this->cleanSQL($sessionid);
$id = $this->db->query(
"SELECT
data
FROM
{$dbprefix}sessions
WHERE
sessionid='{$sessionid}'
AND expire > UNIX_TIMESTAMP()
");
if( $this->db->numrows() == 0 ) return '';
else {
$row = $this->db->fetchrow(0,MYSQLI_ASSOC);
return $row['data'];
}
}
public function write($sessionid, $data) {
global $dbprefix;
$this->cleanSQL($sessionid);
$this->cleanSQL($data);
$time = time() + $this->life_time;
$this->db->query(
"REPLACE
{$dbprefix}sessions
(sessionid,data,expire)
VALUES
(
'{$sessionid}',
'{$data}',
'{$time}'
)
");
return TRUE;
}
public function destroy( $sessionid ) {
global $dbprefix;
$this->cleanSQL($sessionid);
$this->db->query(
"DELETE FROM
{$dbprefix}sessions
WHERE
sessionid='{$sessionid}'
");
return true;
}
public function gc() {
global $dbprefix;
$this->db->query(
"DELETE FROM
{$dbprefix}sessions
WHERE
expire < UNIX_TIMESTAMP()
");
return true;
}
private function cleanSQL(&$var) {
$var = mysql_real_escape_string($var);
}
}
$sessionmanager = new SessionManager();
echo 'it works';
Expected result:
----------------
Will print "it works" in all browsers.
Actual result:
--------------
Prints "it works" in all browsers except IE7 (Unknown if IE6 is affected.)
--
Edit bug report at http://bugs.php.net/?id=47483&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=47483&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=47483&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=47483&r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=47483&r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=47483&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=47483&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=47483&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=47483&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=47483&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=47483&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=47483&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=47483&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=47483&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=47483&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47483&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=47483&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=47483&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=47483&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=47483&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=47483&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=47483&r=mysqlcfg
