ID: 37382
Comment by: richard at elpinto dot com
Reported By: eschultz at lwmc dot com
Status: Feedback
Bug Type: Session related
Operating System: Server2003 w/ IIS 6
PHP Version: 5.1.4
New Comment:
Upon further review, it seems that IE7 Beta 2 has trouble identifying
domain greater than 3 directories deep. e.g. most cookes are set to be
accessed anywhere within the domain path when set (e.g. "/"), however
it seems that IE is not consistent sending the cookie with the request
when more than 2 levels deep within the site (e.g.
"domain.com/store/cart/payment/") and thus session information is
"lost" for that application instance. Should affect all languages that
use sessions - not just PHP I would imagine.
Previous Comments:
------------------------------------------------------------------------
[2006-05-11 21:18:32] richard at elpinto dot com
Having the same issue using Windows 2000 w/ IIS 5. Must be an IE7 Beta
2 issue.
------------------------------------------------------------------------
[2006-05-09 20:08:00] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
Smells like IE bug though
------------------------------------------------------------------------
[2006-05-09 14:58:11] eschultz at lwmc dot com
Description:
------------
I have developed a web application that uses a session variable that
only allows valid users to use any page with in the app. While beta
testing my app with the new IE7 the session variables will be dropped
randomly and redirect me to my unauth users page.
Reproduce code:
---------------
if($_SESSION['valid']!="yes")
{
header("Refresh: 0; URL=$folder/unauth_user.php");
exit;
}
Expected result:
----------------
when the session variable 'valid' is not set to yes, the user was never
authorized to view this page. The user should then be redirected to the
unauth_user.php page.
Actual result:
--------------
The code is working correctly, the problem is that a valid user will
get redirected by accident because the variable resets or loses its
value
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=37382&edit=1
