ID: 25676 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Bogus +Status: Open Bug Type: Session related Operating System: WinXP/FreeBSD PHP Version: 4CVS-2003-09-26 (stable)
Previous Comments: ------------------------------------------------------------------------ [2003-09-27 08:36:22] [EMAIL PROTECTED] RTFM "Note: If you want XHTML conformity, remove the form entry and use the <fieldset> tags around your form fields." ------------------------------------------------------------------------ [2003-09-26 23:20:55] [EMAIL PROTECTED] Description: ------------ Despite there being no form=fakeentry or form= (as I understand it, providing no value is the same as giving fakeentry) in url_rewriter.tags the form hidden element for the PHPSESSID is still output. I am trying to use form=action as the url_rewriter.tags and whilst this IS rewritten correctly, the hidden element is still being inserted. It seems that the fallback mechanism is faulty. This has been tested on several builds: PHP 4.3.3RC4 WinXP Latest Snapshot (200309270130) WinXP PHP 4.3.3 FreeBSD Latest Snapshot (200309270130) FreeBSD I have also had someone reporting the CORRECT behaviour on Debian with latest CVS so its quite the puzzle... - Davey Reproduce code: --------------- <?php session_start(); setcookie('PHPSESSID','',0); /* needed if session.use_cookies is still on */ ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled</title> </head> <body> <?php ini_set('url_rewriter.tags','a=href,area=href,frame=src,input=src,form=action,foo=bar'); echo ini_get("url_rewriter.tags") . "<br />"; if(isset($_GET)) { var_dump($_GET); } ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get"> <p> Foo: <input type="text" name="foo" value="" /> <br /> Bar: <input type="text" name="bar" value="" /> <br /> <input type="submit" value="Test!" /> </p> <foo href="foo.php" bar="null" /> </form> </body> </html> Expected result: ---------------- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled</title> </head> <body> a=href,area=href,frame=src,input=src,form=action,foo=bar<br />array(0) { } <form action="/test/url_rewrite_form_action.php?PHPSESSID=6a5b43d2aef8e2e3158e44fbd3df5d9d" method="get"><input type="hidden" name="PHPSESSID" value="6a5b43d2aef8e2e3158e44fbd3df5d9d" /> <p> Foo: <input type="text" name="foo" value="" /> <br /> Bar: <input type="text" name="bar" value="" /> <br /> <input type="submit" value="Test!" /> </p> <foo href="foo.php" bar="null?PHPSESSID=6a5b43d2aef8e2e3158e44fbd3df5d9d" /> </form> </body> </html> Actual result: -------------- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled</title> </head> <body> a=href,area=href,frame=src,input=src,form=action,foo=bar<br />array(0) { } <form action="/test/url_rewrite_form_action.php?PHPSESSID=6a5b43d2aef8e2e3158e44fbd3df5d9d" method="get"><input type="hidden" name="PHPSESSID" value="6a5b43d2aef8e2e3158e44fbd3df5d9d" /> <p> Foo: <input type="text" name="foo" value="" /> <br /> Bar: <input type="text" name="bar" value="" /> <br /> <input type="submit" value="Test!" /> </p> <foo href="foo.php" bar="null?PHPSESSID=6a5b43d2aef8e2e3158e44fbd3df5d9d" /> </form> </body> </html> ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25676&edit=1