ID: 21210
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Bogus
Bug Type: Session related
Operating System: Linux 2.4.7
PHP Version: 4.2.3
New Comment:
Understood. However, what makes this appear like a bug rather than a
feature is that once a session is successfully registered, the code
works as suspected, carriage returns and all. It's only in the very
first initial session_start() that the problem appears, which is weird
if, as you suggest, the problem simply has to remain in PHP. How come
PHP can read cookies fine even if preceded by carriage returns or other
whitespace, but cannot set cookies if preceded by carriage returns or
other whitespace junk? I was under the impression both operations are
performed in the headers, and if that's the case, and one works fine
with whitespace preceding it, and the other doesn't, that would seem to
indicate that this is a bug and not a feature.
I just think it's odd that I have to eliminate all comments and blank
lines in a PHP include file if I want to use sessions later in the
document.
Previous Comments:
------------------------------------------------------------------------
[2002-12-26 21:14:34] [EMAIL PROTECTED]
No, it would be a really bad idea to have PHP swallow up whitespace and
other chars. And any http body output, including whitespace, must be
preceded by the HTTP headers, so PHP has to force them out.
------------------------------------------------------------------------
[2002-12-26 20:46:12] [EMAIL PROTECTED]
So I do indeed! Thanks.
The immediate problem is solved; however, it seems strange to me that
carriage returns should be causing "header like" output. Wouldn't it
make more sense to make the require and include functions function not
generate output from extraneous whitespace?
------------------------------------------------------------------------
[2002-12-26 20:24:21] [EMAIL PROTECTED]
Do a 'od -c include.php' and see what is at the end of your included
file. I bet you have extra carriage returns.
------------------------------------------------------------------------
[2002-12-26 20:19:44] [EMAIL PROTECTED]
Calling includes or requires seems to create header output, even if the
includes or requires are blank. This conflicts with session handling in
situations where the session is called as a result of logic-branches in
the code.
I have encountered this issue on several different systems.
Here's the setup.
Create an include file, called "include.php".
Put the following in it:
<?php
?>
Now, create a page with the following code:
<?php
include("include.php");
session_start();
session_register("SESSION");
if (!isset($SESSION)) {
$SESSION["count"] = 0;
print("<p>Counter initialized, please reload this page to see
it increment</p>");
}
else {
print("<p>Waking up session $PHPSESSID</p>");
$SESSION["count"]++;
}
print("<p>The counter is now $SESSION[count] </p>");
?>
run the page with all the code in the browser such that it includes the
include file above.
Even though the include file does not write or generate a single
header, the output I get is:
"Warning: Cannot send session cookie - headers already sent by (output
started at include.php:1) in test.php on line 4
Warning: Cannot send session cache limiter - headers already sent
(output started at include.php:1) in test.php on line 4
Counter initialized, please reload this page to see it increment
The counter is now 0 "
My observation is corroborated by the following note, found on the
session_start() function manual page at php.net.
############
As per <shadowflame at starpilot dot net>:
"If you are using an include page, such as a config or possibly
common-functions page, that relies on session variables being pulled
from the sesssion, remember to add the session_start() function
_before_ you call the includes, or your session will not be called by
the page..."
Any include or require called before you call session_start() will
cause the initial session setup to fail, even if that include file
contains only a comment!
Here are scenarios:
include("blank_file.php");
session_start();
This works. However:
include("file_with_just_a_comment_in_it.php");
session_start();
Does not.
The recommended way to use session_start() is of course to put it at
the top of the page. However, if, like me, you find yourself wanting to
start a session only as a result of some previous logic, this avenue is
closed to you. You will have to use ob_start() and related functions,
and create a code mess.
It will be a beautiful day when header conflicts are caused only by the
layout of my code rather than PHP code cruft.
##############
As mentioned, I've encountered this on several different systems, so
configure lines and php.ini doesn't seem to be too relevant. If you
want build lines or php.ini, I'll send them on via e-mail.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=21210&edit=1
