ID: 48026 Updated by: [email protected] Reported By: scratch65535 at att dot net Status: Bogus Bug Type: Session related Operating System: W2KProSP4 PHP Version: 5.2.9 New Comment:
An IP address is not the same as a domain name. Cookies are limited to the domain that set them, this is just how browsers work and has nothing to do with PHP. Previous Comments: ------------------------------------------------------------------------ [2009-04-20 21:24:25] scratch65535 at att dot net They're the same domain! That's the whole point of domain naming. And that particular mapping is so central to PHP's use that it's just crazy to break it that way. ------------------------------------------------------------------------ [2009-04-20 21:13:24] [email protected] Cookies are only valid for the domain they set, if you change the domain between 127.0.0.1 and localhost then it makes sense they wont be sent. ------------------------------------------------------------------------ [2009-04-20 19:23:41] scratch65535 at att dot net Your suggestion doesn't help, Jani. Calling session_write_close() before the redirect makes no difference in the outcome. Will you reopen this bug report or do I need to submit a duplicate? ------------------------------------------------------------------------ [2009-04-20 15:04:56] [email protected] Use session_write_close() before redirect.. ------------------------------------------------------------------------ [2009-04-20 13:46:06] scratch65535 at att dot net Description: ------------ If localhost/p1.php initiates a session before redirecting to 127.0.0.1/p2.php (or vice versa), the session data will be saved in p1 but not restored in p2; a new session will be started in p2. Only if the host references match literally ( both 'localhost' or both '127.0.0.1' ) will the session be restored. Reproduce code: --------------- Create 2 files, truncate sessions for a clean start ( I store sessions in a mysql db, and 'incSessions.inc' are the vanilla routines that support that) _t1.php: <?php define('cDocRoot',$_SERVER['DOCUMENT_ROOT'].'/') ; require_once( cDocRoot.'Global/incSessions.inc' ) ; session_start() ; $_SESSION['T1'] = session_id() ; header('Location: http://127.0.0.1/_t2.php') ; exit() ; ?> _t2.php: <?php define('cDocRoot',$_SERVER['DOCUMENT_ROOT'].'/') ; require_once( cDocRoot.'Global/incSessions.inc' ) ; session_start() ; $_SESSION['T2'] = session_id() ; var_dump($_SESSION) ; exit() ; ?> Type into the address line of your browser "127.0.0.1/_t1.php", and note that var_dump shows both 'T1' and 'T2' having been set. Inspect the sessions storage, note that only one session was created. Re-truncate sessions, and call _t1 as "localhost/_t1.php". Note that var_dump now shows only 'T2' having a value, and that inspection of the sessions storage shows 2 sessions rather than 1. Expected result: ---------------- I expected the session to be restored after the redirect regardless of how localhost was identified. Actual result: -------------- See above ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=48026&edit=1
