Edit report at https://bugs.php.net/bug.php?id=43439&edit=1
ID: 43439 Updated by: [email protected] Reported by: bnies at bluewin dot ch Summary: PHP Cookie expiration (2) -Status: Assigned +Status: Closed Type: Feature/Change Request Package: Session related Operating System: Solaris 9 PHP Version: 5.2.5 Assigned To: yohgaki Block user comment: N Private report: N New Comment: setcookie() has changed Previous Comments: ------------------------------------------------------------------------ [2013-01-15 08:10:34] narf at bofh dot bg This has been fixed via the following pull request: https://github.com/php/php-src/pull/238 ------------------------------------------------------------------------ [2012-03-31 03:28:55] [email protected] Sounds reasonable ------------------------------------------------------------------------ [2007-11-28 10:57:08] bnies at bluewin dot ch Description: ------------ Concerning Bug #43226 because it was set to 'bogus' and additional comments are not allowed. First: I did not ask for support. The issue I submitted is concerning the HTTP headers that the PHP function session_unregister() sends to the browser. My suggestion was to send Cookie Expires and Cookie Max-Age together when unregistering a PHP session to make sure that even with broken proxy or browser implementations the session gets terminated. This problem came across a broken proxy implementation that only treated the Max-Age option and ignored the Expires option and then sent the session cookie with the value 'deleted' back to the PHP application which then treated it as a valid session. See: https://sourceforge.net/tracker/index.php?func=detail&aid=1829098&group_id=311&atid=100311 I don't mess with computer's time but some internet users might do this and change the date to use expired software licenses. I don't know if the PHP application or PHP itself sets the cookie expires date to one year in the past. Maybe setting it to 1 January 1980 00:00 GMT is the safest way. Bye, Bernd ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=43439&edit=1
