ID: 24169 User updated by: steveh at brendata dot co dot uk Reported By: steveh at brendata dot co dot uk -Status: Feedback +Status: Open Bug Type: Session related Operating System: NT4 SP6a PHP Version: 4.3.2 New Comment:
This is with IIS4 and it's an issue in all versions of Internet explorer we have at hand, including 6.0.2800 (XP SP2) using php4isapi.dll ( Previous Comments: ------------------------------------------------------------------------ [2003-06-13 07:45:01] [EMAIL PROTECTED] What webserver are you using? And which SAPI module? Does this happen with any browser? ------------------------------------------------------------------------ [2003-06-13 07:35:44] steveh at brendata dot co dot uk Here they are. Files do get created in the php\sessiondata directory, this worked fine with 4.3.1 (and the same php.ini file), it has stopped since upgrading to 4.3.2. Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 Off Off session.bug_compat_warn Off Off session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 100 100 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path C:\PHP\sessiondata C:\PHP\sessiondata session.serialize_handler php php session.use_cookies On On session.use_only_cookies Off Off session.use_trans_sid Off Off ------------------------------------------------------------------------ [2003-06-13 07:28:05] [EMAIL PROTECTED] And what might be the relevant php.ini options..? (the ones with "session." prefix) ------------------------------------------------------------------------ [2003-06-13 03:51:15] steveh at brendata dot co dot uk Description: ------------ For session handling a cookie should be set as follows: <session name>=<session id> This was previously working, but since upgrading to 4.3.2 we now see cookies set as follows: <session id>=<session id> As a result sessions are not carried over and a new session is started for every access (i.e. no cookie called PHPSESSID or whatever is in the php.ini) Here's the relevant chunk of phpinfo output that demonstrates this. _SERVER["HTTP_COOKIE"] CookieProductID=94; a9c7fa405401e831e6ada0ee31f67ea3=a9c7fa405401e831e6ada0ee31f67ea3; caec00776094cd5017fa35e41162333b=caec00776094cd5017fa35e41162333b; 139632a02257356caa27c86256afcb70=139632a02257356caa27c86256afcb70; 0ba5beadf45c35245e67c1f67ffc70dc=0ba5beadf45c35245e67c1f67ffc70dc; b7f2e2e4a196a620f318f16034a8192b=b7f2e2e4a196a620f318f16034a8192b; 6ca2b668932e46c85528d399fad50541=6ca2b668932e46c85528d399fad50541; 913a5a99fa54ccd33b610b3f882d132d=913a5a99fa54ccd33b610b3f882d132d; a7c7085d672b5e885476dabdc096ca9f=a7c7085d672b5e885476dabdc096ca9f; 04a257bf48fef943fb1d4ed508970140=04a257bf48fef943fb1d4ed508970140; d269823ce913782241613e3791935d11=d269823ce913782241613e3791935d11; edc78b150437138fb1d14915a97dee87=edc78b150437138fb1d14915a97dee87; 50212bca7b517a57521305d72a6c43c9=50212bca7b517a57521305d72a6c43c9; 68c37f0103351348dd1e705847e2f6d3=68c37f0103351348dd1e705847e2f6d3; 78d96155c83ee77e3fc3b69731b428a4=78d96155c83ee77e3fc3b69731b428a4; e7b52247b003b85c04d942721879206a=e7b52247b003b85c04d942721879206a; f3d20ebc7068137eaa7b3461eab64d62=f3d20ebc7068137eaa7b3461eab64d62; c3940ed02170d481105849b74b6d3cb8=c3940ed02170d481105849b74b6d3cb8; e8109d59aca1442f4cd7fa5358410c30=e8109d59aca1442f4cd7fa5358410c30; 2a0f643e85d2b21003958bb47c2a2d4d=2a0f643e85d2b21003958bb47c2a2d4d Reproduce code: --------------- <?php session_start(); $_SESSION["FRED"]=1; echo session_id(); phpinfo(); ?> Expected result: ---------------- The same session id for each open, and PHPSESSID seen as a cookie in the headers. Actual result: -------------- Different session id's each time, and a growing list of <session id>=<session id> cookies. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=24169&edit=1