ID: 19022
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: No Feedback
Bug Type: Session related
Operating System: linux (rh7.3), apache 1.3.26
PHP Version: 4.2.2
New Comment:
Okay, I think I solved this bug for me at least.
I would receive this error:
Failed to write session data (files). Please verify that the current
setting of session.save_path is correct (c:\windows\temp) in Unknown on
line 0
and I finally tracked it down to being I was sometimes setting the
session_id(""); to blank, aka, to nothing. That would cause it to fail.
I still think this is a bug, because you shouldn't be able to break it
by setting it to nothing.
The reason I was unable to track this down quicker was because I had no
idea I was passing a blank variable to the session_id. So I looked into
that, and it turns out PHP fails to delete cookies.
I think their is a bug with the delete cookie functions...you might
want to check into that. To solve this, instead of deleting the
cookies, I just set them to -1, and then checked if they were -1, and
if so, treated them as if they weren't there.
I hope this helps,
Nate
Previous Comments:
------------------------------------------------------------------------
[2002-12-07 20:05:38] [EMAIL PROTECTED]
I receive this bug too...I have traced it back to breaking as soon as I
use session_id(); function, and then working fine again once use of
that function is removed.
------------------------------------------------------------------------
[2002-11-12 14:33:57] [EMAIL PROTECTED]
Another data point. I've recently moved a system from a hosted server
running 4.06 to a server under my control running redhat 7.3 and php
4.2.3 Since the move I've been getting very occasional cases of users
logging in and receiving someone else's session. The session handling
is very simple.
On login
session_name($db_name);
session_start();
$user = new User($userid, $passwd);
session_register("user");
On return
session_name($db_name);
session_start();
I've tried various workarounds like
session.entropy_length = 512
session.entropy_file = /dev/urandom
in the belief that somehow the two people were getting the same ID and
hence temp file
But all this was just thrashing at the problem. Then I checked my own
cookies and discovered the same as
[EMAIL PROTECTED] The cookie contained two session IDs. So I deleted
all relevant cookies. Logged out and in and now I'm back to the
expected single ID in the cookie.
I have logging turned on but have not yet seen any errors.
------------------------------------------------------------------------
[2002-11-11 03:12:24] [EMAIL PROTECTED]
I've seen this bug on FreeBSD since PHP4.0.* series. Now I use 4.2.2.
It happens rarely. I could not figure why - the probability is small.
------------------------------------------------------------------------
[2002-10-22 08:45:42] [EMAIL PROTECTED]
I got this too and its on a low traffic dev server. This
started happening even with old sites. I use FreeBSD and
the latest of everything. I will not upgrade the PHP on my
prod servers until this is resolved. good luck.
------------------------------------------------------------------------
[2002-10-18 03:29:47] [EMAIL PROTECTED]
I'm experiencing this too, and I might have some usefull feedback!
I don't see the 'failed to write' messages. But I do have the random
loss of sessions. I've modified my script so I get an email with all
GET_VARS, SERVER_VARS etc. whenever the sessiondata is lost.
I found a very weird thing with respect to the session cookie. It
contained:
HTTP_COOKIE = 1; PHPSESSID=f1faf3374d562e8738f64e7e7e030972;
pollvoted[1]=1; (... some other data left out for privacy reasons);
PHPSESSID=842be4994a9c424fd7d4f9f8049aadc9
There are two separate PHPSESSID's in the same cookie! Maybe one of the
too is indeed invalid (no session date) How is this possible?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/19022
--
Edit this bug report at http://bugs.php.net/?id=19022&edit=1
