ID: 25934 User updated by: php at webfreezer dot com Reported By: php at webfreezer dot com -Status: Bogus +Status: Open Bug Type: Session related Operating System: SuSe Linux 8.1 PHP Version: 4.3.3 New Comment:
Iliaa, would you please read my bug report before setting it to "Bogus"? I stated "both (old and new) SID files exist and are readable" and as you should know if a session expired the session files in the temp directory are deleted by PHP. So if they are there and PHP correctly calls the garbage collection everytime why should they be there if the session has expired? By the way we´re not talking of a small website but of a website receiving more than 20.000 visitors/day! And it works most of the time - sometimes it doesn´t. This does not work even on a second server with the same PHP configuration and modules! Please investigate this. I´m a PHP professional since 4 years and have built many websites which use sessions extensively and never encountered such a problem before. Previous Comments: ------------------------------------------------------------------------ [2003-10-21 10:53:10] [EMAIL PROTECTED] Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://www.php.net/manual/ and the instructions on how to report a bug at http://bugs.php.net/how-to-report.php If the session has expired or the session id is invalid of cource will ignore that session. ------------------------------------------------------------------------ [2003-10-21 08:37:47] php at webfreezer dot com Description: ------------ PHP sometimes does not want to use the sessionID given via GET! This happens only on some occasions however it is reproducible on such a certain page. I regret that I cannot post a short code snippet because it simply does not happen when testing with a short code snippet. What happens is the following: - the SID is used as a GET parameter (this works on every other page!) - $sidname=session_name(); echo $_GET[$sidname] outputs the correct SID visible in the URL (e.g. "/search.php?page=2&qid=1&sessionID=1291bfd78301f151803ca632cd41f626") - however echo session_id() outputs a totally different SID! - both (old and new) SID files exist and are readable session.auto_start=0 session.use_cookies=0 session.use_only_cookies=0 session.referer_check=0 I even implemented my own session handler and it appears that PHP does not even call the OPEN function for the "old" SID that it no longer wants to use. I also tried to use the generic PHPSESSID name instead of the custom "sessionID" by not setting the custom name, but the problem still exists. This is my configure line: './configure' '--with-apache=../apache_1.3.28' '--with-mhash=/usr/local/lib' '--with-zlib-dir=/usr/local/lib' '--with-zip=/usr/local/lib' '--enable-memory-limit' '--enable-versioning' '--with-gd' '--enable-exif' '--with-config-file-path=/etc' '--enable-magic-quotes' '--enable-thread-safety' '--with-gettext' '--with-xml' '--with-mcrypt' '--enable-calendar' '--enable-bcmath' '--with-curl' '--with-curlwrappers' '--enable-ftp' '--enable-wddx' '--with-jpeg-dir=/usr/lib' ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25934&edit=1
