Bug #16626 Updated: Only last cookie set
ID: 16626 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Open Bug Type: Apache2 related Operating System: RedHat 7.2 (kernel 2.4.18) i386 PHP Version: 4.2.0 New Comment: Now I know what don't use this on a production server means. :) Strangely, this bug also seems to affect header(). As a result of this bug, we replaced setcookie() with our own routine to write out cookies via header(). However, still, only one cookie (the last one) is being printed in the HTTP response headers (when I sniff the packets being sent). It's very strange... Here's the code we used to replace setcookie(). function send_htCookie() { $vars=array('varname','varval','expire','path','domain','secure'); for ($i=0;$ifunc_num_args();$i++) { ${$vars[$i]}=func_get_arg($i); } if (!$varname) { return false; } $COOKIE = Set-Cookie: $varname=$varval; if (isset($expire)) { $COOKIE .= ; EXPIRES=$expire;} if (isset($domain)) { $COOKIE .= ; DOMAIN=$domain; } if (isset($path)) { $COOKIE .= ; PATH=$path; } if (isset($secure) $secure0) { $COOKIE .= ; SECURE; } header($COOKIE); return true; } Can anyone confirm that this, too, doesn't work for them? I'll do more testing in the meantime... Previous Comments: [2002-04-23 09:56:19] [EMAIL PROTECTED] I get the same problem on FreeBSD 4.5 with Apache 2. [2002-04-23 04:22:00] [EMAIL PROTECTED] Bug reproduced with 4.2.0 [2002-04-16 16:37:10] [EMAIL PROTECTED] Same problem as BUG# 16631. (Problem also with RC2 and RC3 of 4.2.0) [2002-04-15 17:19:12] [EMAIL PROTECTED] With Apache 2.0.35 and PHP 4.2.0RC4, only the last cookie seems to get set. Here is the PHP source I used for testing: ?php setcookie ('first_name', 'Svein', 0, '/'); setcookie ('last_name', 'Olav', 0, '/'); echo htmlhead/headbody . h1Cookie test page/h1\n; while (list ($var,$val) = each ($HTTP_COOKIE_VARS)) { echo Set-Cookie: $var=$val br\n; } echo /body/html; ? This script can be tested via the following URL: https://bjerkeset.dns2go.com/php/cookie.php PHP was configured like this: ./configure \ --prefix=/opt/php \ --with-mysql=/opt/mysql \ --with-config-file-path=/etc/opt/apache2 \ --enable-track-vars \ --enable-force-cgi-redirect \ --with-gettext \ --with-apxs2=/opt/apache2/bin/apxs Svein Olav Bjerkeset -- Edit this bug report at http://bugs.php.net/?id=16626edit=1
Bug #16803: Using header() to set multiple cookies only sets the last cookie.
From: [EMAIL PROTECTED] Operating system: RedHat 7.2 PHP version: 4.2.0 PHP Bug Type: Apache2 related Bug description: Using header() to set multiple cookies only sets the last cookie. (Also see Bug #16626) Bug #16626 explains that when using setcookie() with PHP 4.2.0 and Apache 2.0.35, only the LAST call to setcookie() will be actually sent in the HTTP headers -- all previous calls/cookies will be ignored and not sent. This bug expands on this by discovering that the same problem affects the header() call. For example, try running the following test script in PHP 4.2.0 and Apache 2.0.35: -- ?php // Only three=three will get sent! header(Set-Cookie: one=one); header(Set-Cookie: two=two); header(Set-Cookie: three=three); // These will both be sent unharmed. header(Set-Monkey: eep); header(Set-Fish: glug); // Location gets sent fine... header(Location: http://www.panic.com/;); ? -- You can verify that ONLY the last cookie (three) is being sent by either turning on per-cookie ask in your browser, or running a packet sniffer and looking at the HTTP response. In the example above, the HTTP headers look like: [...] X-Powered-By: PHP/4.2.0 Set-Cookie: three=three Set-Money: eep Set-Fish: glug Location: http://www.panic.com/ Content-Length: 0 [...] Thanks for looking into this! -- Edit bug report at http://bugs.php.net/?id=16803edit=1 -- Fixed in CVS:http://bugs.php.net/fix.php?id=16803r=fixedcvs Fixed in release:http://bugs.php.net/fix.php?id=16803r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=16803r=needtrace Try newer version: http://bugs.php.net/fix.php?id=16803r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=16803r=support Expected behavior: http://bugs.php.net/fix.php?id=16803r=notwrong Not enough info: http://bugs.php.net/fix.php?id=16803r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=16803r=submittedtwice
Bug #16626 Updated: Only last cookie set
ID: 16626 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Open Bug Type: Apache2 related Operating System: RedHat 7.2 (kernel 2.4.18) i386 PHP Version: 4.2.0 New Comment: I filed bug #16803 to expand on the header() problem. Previous Comments: [2002-04-24 13:54:39] [EMAIL PROTECTED] Now I know what don't use this on a production server means. :) Strangely, this bug also seems to affect header(). As a result of this bug, we replaced setcookie() with our own routine to write out cookies via header(). However, still, only one cookie (the last one) is being printed in the HTTP response headers (when I sniff the packets being sent). It's very strange... Here's the code we used to replace setcookie(). function send_htCookie() { $vars=array('varname','varval','expire','path','domain','secure'); for ($i=0;$ifunc_num_args();$i++) { ${$vars[$i]}=func_get_arg($i); } if (!$varname) { return false; } $COOKIE = Set-Cookie: $varname=$varval; if (isset($expire)) { $COOKIE .= ; EXPIRES=$expire;} if (isset($domain)) { $COOKIE .= ; DOMAIN=$domain; } if (isset($path)) { $COOKIE .= ; PATH=$path; } if (isset($secure) $secure0) { $COOKIE .= ; SECURE; } header($COOKIE); return true; } Can anyone confirm that this, too, doesn't work for them? I'll do more testing in the meantime... [2002-04-23 09:56:19] [EMAIL PROTECTED] I get the same problem on FreeBSD 4.5 with Apache 2. [2002-04-23 04:22:00] [EMAIL PROTECTED] Bug reproduced with 4.2.0 [2002-04-16 16:37:10] [EMAIL PROTECTED] Same problem as BUG# 16631. (Problem also with RC2 and RC3 of 4.2.0) [2002-04-15 17:19:12] [EMAIL PROTECTED] With Apache 2.0.35 and PHP 4.2.0RC4, only the last cookie seems to get set. Here is the PHP source I used for testing: ?php setcookie ('first_name', 'Svein', 0, '/'); setcookie ('last_name', 'Olav', 0, '/'); echo htmlhead/headbody . h1Cookie test page/h1\n; while (list ($var,$val) = each ($HTTP_COOKIE_VARS)) { echo Set-Cookie: $var=$val br\n; } echo /body/html; ? This script can be tested via the following URL: https://bjerkeset.dns2go.com/php/cookie.php PHP was configured like this: ./configure \ --prefix=/opt/php \ --with-mysql=/opt/mysql \ --with-config-file-path=/etc/opt/apache2 \ --enable-track-vars \ --enable-force-cgi-redirect \ --with-gettext \ --with-apxs2=/opt/apache2/bin/apxs Svein Olav Bjerkeset -- Edit this bug report at http://bugs.php.net/?id=16626edit=1