ID: 37095
User updated by: giaym at hotmail dot com
Reported By: giaym at hotmail dot com
Status: Open
Bug Type: Session related
Operating System: Windows 2000
PHP Version: 5.1.2
New Comment:
Oh, same behavior for IE6. The server is located on the same machine as
the browser.
Previous Comments:
------------------------------------------------------------------------
[2006-04-16 02:14:59] giaym at hotmail dot com
Description:
------------
Randomly, the cookies send back random values to the server, values
different than those set the previous page load.
I use session auto start on php.ini. PHP runs on Apache 2.
Reproduce code:
---------------
a, b, locka and lockb are cookies set with setcookie(<name>, <value>,
0, "/");
if($somevar == "lock") {
echo "lock";
Set cookies locka and lockb with the values of cookies a and b
respectively.
} else if($somevar == "random") {
echo "random";
Delete locka and lockb, and give a random value to a.
} else {
echo "none";
if(locka not set) Set random value to a.
}
if (b not set) Set random value to b.
Enter pages in that order:
www.domain.com/page/
www.domain.com/page/lock/
www.domain.com/page/random/
www.domain.com/page/lock/
(The if logic works, this is not a case of $somevar holding an
incorrect value.)
Expected result:
----------------
www.domain.com/page/
received cookies: none
output: none
sent cookies: a with value x; b with value y
www.domain.com/page/lock/
received cookies: a with value x
output: lock
sent cookies: lock a = x; lock b = y
www.domain.com/page/random/
received cookies: a with value x; b with value y; locka with value x;
lockb with value y
output: random
sent cookies: delete lock a; delete lock b; a = z
www.domain.com/page/lock/
received cookies: a with value z; b with value y
output: lock
sent cookies: lock a = z; lock b = y
Actual result:
--------------
Everything as expected except the last page load: The cookie received
isn't a = z, it is a = q, I mean, another value. The server then sends
"lock a = q" following the logic.
PHPSESSID is received and reset on every page load.
1.
HTTP Request Headers
HTTP Request GET /page/ HTTP/1.1
User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2)
Gecko/20060308 Firefox/1.5.0.2
HTTP Response Headers
Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma no-cache
Set-Cookie a=3; path=/
Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/
2. (The request is as expected)
HTTP Request Headers
HTTP Request GET /page/lock/ HTTP/1.1
a=3;
b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52
(We lock the values of a and b)
HTTP Response Headers
Set-Cookie locka=3; path=/
Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/
3.(The request is as expected)
HTTP Request Headers
HTTP Request GET /page/random/ HTTP/1.1
Cookie
a=3;
b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52;
locka=3;
lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52
(We delete the locked values and set a random value for a, this case
2)
HTTP Response Headers
Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT;
path=/
Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT;
path=/
Set-Cookie a=2; path=/
4. (The request is not as expected, that value for 'a' had not even
been used in the whole run -we are getting 1)
HTTP Request Headers
HTTP Request GET /page/lock/ HTTP/1.1
a=1;
b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52
(We lock the received values, this case 1)
HTTP Response Headers
Set-Cookie locka=1; path=/
Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=37095&edit=1
