From:
Operating system: Ubuntu 10.04 LTS
PHP version: 5.3.2
Package: Session related
Bug Type: Bug
Bug description:Bug related to serialisation session and store in database
postgresql 8.4
Description:
------------
i ve a class test
<?php
class test{
protected $die = true;
}
?>
plus i ve many value for $_SESSION
i use session_set_save_handler to declare session store in database
and when php call write from my class session :
public function write ($sid, $data){//écriture
$debug = false;
$expire = intval(time() + $this->session_life);
$data = $this->db->dbh->quote($data);
$sql = "INSERT INTO session VALUES('$sid',$data,'$expire')";
NB: $data is not protected by ' because func quote realize it.
First i declare many value in $_SESSION and i serialize my object instance
of test and i launch program when the program write session data in
database
At this moment if i display $data parameters from write i can read :
.....ivraison";s:6:"�*�die";b:0;s:18:................
and when php store in my database i obtain :
.....ivraison";s:6:"
so pdo func quote truncate data if i commente line quote and change my sql
by
$sql = "INSERT INTO session VALUES('$sid','$data','$expire')"; //i add
protected ' to field $data
i obtain an sql error
because postgres dont find the protected terminator ' cause char �
postgres work in utf8 and $data parameter write is in utf8 so.
sure because postgres will cause an other error type (encoding error)
if i change protected or private (because this 2 cases declare this error)
by public, $data parameters from write is equal to data store in database
and my program is ok.
Test script:
---------------
no code because it 's difficult to transcribe this case in 20 lines and i
must post so database scheme.
Just create sheme in database to collect session data. create
session_set_save_handler to write session in database.
Create a class like my test class, serialize it, and declare
$_SESSION['test'] = serialize([instance of test])
and write session
I ve no test in mysql
--
Edit bug report at http://bugs.php.net/bug.php?id=52371&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=52371&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=52371&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=52371&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=52371&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=52371&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=52371&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=52371&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=52371&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=52371&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=52371&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=52371&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=52371&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=52371&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=52371&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52371&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=52371&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=52371&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=52371&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=52371&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=52371&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=52371&r=mysqlcfg
