ID: 19022
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: No Feedback
Bug Type: Session related
Operating System: linux (rh7.3), apache 1.3.26
PHP Version: 4.2.2
New Comment:
You can work around this bug by changing the session saver to "mm"
(without the quotes).
There are no known solutions to this problem that I can see out there.
The only people with solutions are the windows people who didn't change
the php.ini file to have a windows path in it. FOr the Linux people,
this may well be a library compatibility problem, which is the best
guess so far but is probably wrong!
Previous Comments:
------------------------------------------------------------------------
[2002-12-07 20:32:26] [EMAIL PROTECTED]
Okay, I think I solved this bug for me at least.
I would receive this error:
Failed to write session data (files). Please verify that the current
setting of session.save_path is correct (c:\windows\temp) in Unknown on
line 0
and I finally tracked it down to being I was sometimes setting the
session_id(""); to blank, aka, to nothing. That would cause it to fail.
I still think this is a bug, because you shouldn't be able to break it
by setting it to nothing.
The reason I was unable to track this down quicker was because I had no
idea I was passing a blank variable to the session_id. So I looked into
that, and it turns out PHP fails to delete cookies.
I think their is a bug with the delete cookie functions...you might
want to check into that. To solve this, instead of deleting the
cookies, I just set them to -1, and then checked if they were -1, and
if so, treated them as if they weren't there.
I hope this helps,
Nate
------------------------------------------------------------------------
[2002-12-07 20:05:38] [EMAIL PROTECTED]
I receive this bug too...I have traced it back to breaking as soon as I
use session_id(); function, and then working fine again once use of
that function is removed.
------------------------------------------------------------------------
[2002-11-12 14:33:57] [EMAIL PROTECTED]
Another data point. I've recently moved a system from a hosted server
running 4.06 to a server under my control running redhat 7.3 and php
4.2.3 Since the move I've been getting very occasional cases of users
logging in and receiving someone else's session. The session handling
is very simple.
On login
session_name($db_name);
session_start();
$user = new User($userid, $passwd);
session_register("user");
On return
session_name($db_name);
session_start();
I've tried various workarounds like
session.entropy_length = 512
session.entropy_file = /dev/urandom
in the belief that somehow the two people were getting the same ID and
hence temp file
But all this was just thrashing at the problem. Then I checked my own
cookies and discovered the same as
[EMAIL PROTECTED] The cookie contained two session IDs. So I deleted
all relevant cookies. Logged out and in and now I'm back to the
expected single ID in the cookie.
I have logging turned on but have not yet seen any errors.
------------------------------------------------------------------------
[2002-11-11 03:12:24] [EMAIL PROTECTED]
I've seen this bug on FreeBSD since PHP4.0.* series. Now I use 4.2.2.
It happens rarely. I could not figure why - the probability is small.
------------------------------------------------------------------------
[2002-10-22 08:45:42] [EMAIL PROTECTED]
I got this too and its on a low traffic dev server. This
started happening even with old sites. I use FreeBSD and
the latest of everything. I will not upgrade the PHP on my
prod servers until this is resolved. good luck.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/19022
--
Edit this bug report at http://bugs.php.net/?id=19022&edit=1
