#37095 [Opn->Csd]: cookie returns random value
ID: 37095 User updated by: giaym at hotmail dot com Reported By: giaym at hotmail dot com -Status: Open +Status: Closed Bug Type: Session related Operating System: Windows 2000 PHP Version: 5.1.2 New Comment: Closing. Previous Comments: [2006-04-16 22:28:57] giaym at hotmail dot com Both IE6 and Firefox? Although what you say makes sense phpinfo shows php doing the right thing. This would be a php bug only if phpinfo() was returning the wrong data, which is unlikely. [2006-04-16 07:59:25] [EMAIL PROTECTED] So, your browser sends wrong data to PHP script, am I correct? Why do you report it to PHP bug system then? [2006-04-16 02:18:33] giaym at hotmail dot com Oh, same behavior for IE6. The server is located on the same machine as the browser. [2006-04-16 02:14:59] giaym at hotmail dot com Description: Randomly, the cookies send back random values to the server, values different than those set the previous page load. I use session auto start on php.ini. PHP runs on Apache 2. Reproduce code: --- a, b, locka and lockb are cookies set with setcookie(, , 0, "/"); if($somevar == "lock") { echo "lock"; Set cookies locka and lockb with the values of cookies a and b respectively. } else if($somevar == "random") { echo "random"; Delete locka and lockb, and give a random value to a. } else { echo "none"; if(locka not set) Set random value to a. } if (b not set) Set random value to b. Enter pages in that order: www.domain.com/page/ www.domain.com/page/lock/ www.domain.com/page/random/ www.domain.com/page/lock/ (The if logic works, this is not a case of $somevar holding an incorrect value.) Expected result: www.domain.com/page/ received cookies: none output: none sent cookies: a with value x; b with value y www.domain.com/page/lock/ received cookies: a with value x output: lock sent cookies: lock a = x; lock b = y www.domain.com/page/random/ received cookies: a with value x; b with value y; locka with value x; lockb with value y output: random sent cookies: delete lock a; delete lock b; a = z www.domain.com/page/lock/ received cookies: a with value z; b with value y output: lock sent cookies: lock a = z; lock b = y Actual result: -- Everything as expected except the last page load: The cookie received isn't a = z, it is a = q, I mean, another value. The server then sends "lock a = q" following the logic. PHPSESSID is received and reset on every page load. 1. HTTP Request Headers HTTP RequestGET /page/ HTTP/1.1 User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 HTTP Response Headers Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie a=3; path=/ Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 2. (The request is as expected) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the values of a and b) HTTP Response Headers Set-Cookie locka=3; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 3.(The request is as expected) HTTP Request Headers HTTP RequestGET /page/random/ HTTP/1.1 Cookie a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; locka=3; lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We delete the locked values and set a random value for a, this case 2) HTTP Response Headers Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie a=2; path=/ 4. (The request is not as expected, that value for 'a' had not even been used in the whole run -we are getting 1) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=1; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the received values, this case 1) HTTP Response Headers Set-Cookie locka=1; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ -- Edit this bug report at http://bugs.php.net/?id=37095&edit=1
#37095 [Fbk->Opn]: cookie returns random value
ID: 37095 User updated by: giaym at hotmail dot com Reported By: giaym at hotmail dot com -Status: Feedback +Status: Open Bug Type: Session related Operating System: Windows 2000 PHP Version: 5.1.2 New Comment: Both IE6 and Firefox? Although what you say makes sense phpinfo shows php doing the right thing. This would be a php bug only if phpinfo() was returning the wrong data, which is unlikely. Previous Comments: [2006-04-16 07:59:25] [EMAIL PROTECTED] So, your browser sends wrong data to PHP script, am I correct? Why do you report it to PHP bug system then? [2006-04-16 02:18:33] giaym at hotmail dot com Oh, same behavior for IE6. The server is located on the same machine as the browser. [2006-04-16 02:14:59] giaym at hotmail dot com Description: Randomly, the cookies send back random values to the server, values different than those set the previous page load. I use session auto start on php.ini. PHP runs on Apache 2. Reproduce code: --- a, b, locka and lockb are cookies set with setcookie(, , 0, "/"); if($somevar == "lock") { echo "lock"; Set cookies locka and lockb with the values of cookies a and b respectively. } else if($somevar == "random") { echo "random"; Delete locka and lockb, and give a random value to a. } else { echo "none"; if(locka not set) Set random value to a. } if (b not set) Set random value to b. Enter pages in that order: www.domain.com/page/ www.domain.com/page/lock/ www.domain.com/page/random/ www.domain.com/page/lock/ (The if logic works, this is not a case of $somevar holding an incorrect value.) Expected result: www.domain.com/page/ received cookies: none output: none sent cookies: a with value x; b with value y www.domain.com/page/lock/ received cookies: a with value x output: lock sent cookies: lock a = x; lock b = y www.domain.com/page/random/ received cookies: a with value x; b with value y; locka with value x; lockb with value y output: random sent cookies: delete lock a; delete lock b; a = z www.domain.com/page/lock/ received cookies: a with value z; b with value y output: lock sent cookies: lock a = z; lock b = y Actual result: -- Everything as expected except the last page load: The cookie received isn't a = z, it is a = q, I mean, another value. The server then sends "lock a = q" following the logic. PHPSESSID is received and reset on every page load. 1. HTTP Request Headers HTTP RequestGET /page/ HTTP/1.1 User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 HTTP Response Headers Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie a=3; path=/ Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 2. (The request is as expected) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the values of a and b) HTTP Response Headers Set-Cookie locka=3; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 3.(The request is as expected) HTTP Request Headers HTTP RequestGET /page/random/ HTTP/1.1 Cookie a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; locka=3; lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We delete the locked values and set a random value for a, this case 2) HTTP Response Headers Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie a=2; path=/ 4. (The request is not as expected, that value for 'a' had not even been used in the whole run -we are getting 1) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=1; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the received values, this case 1) HTTP Response Headers Set-Cookie locka=1; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ -- Edit this bug report at http://bugs.php.net/?id=37095&edit=1
#37095 [Opn]: cookie returns random value
ID: 37095 User updated by: giaym at hotmail dot com Reported By: giaym at hotmail dot com Status: Open Bug Type: Session related Operating System: Windows 2000 PHP Version: 5.1.2 New Comment: Oh, same behavior for IE6. The server is located on the same machine as the browser. Previous Comments: [2006-04-16 02:14:59] giaym at hotmail dot com Description: Randomly, the cookies send back random values to the server, values different than those set the previous page load. I use session auto start on php.ini. PHP runs on Apache 2. Reproduce code: --- a, b, locka and lockb are cookies set with setcookie(, , 0, "/"); if($somevar == "lock") { echo "lock"; Set cookies locka and lockb with the values of cookies a and b respectively. } else if($somevar == "random") { echo "random"; Delete locka and lockb, and give a random value to a. } else { echo "none"; if(locka not set) Set random value to a. } if (b not set) Set random value to b. Enter pages in that order: www.domain.com/page/ www.domain.com/page/lock/ www.domain.com/page/random/ www.domain.com/page/lock/ (The if logic works, this is not a case of $somevar holding an incorrect value.) Expected result: www.domain.com/page/ received cookies: none output: none sent cookies: a with value x; b with value y www.domain.com/page/lock/ received cookies: a with value x output: lock sent cookies: lock a = x; lock b = y www.domain.com/page/random/ received cookies: a with value x; b with value y; locka with value x; lockb with value y output: random sent cookies: delete lock a; delete lock b; a = z www.domain.com/page/lock/ received cookies: a with value z; b with value y output: lock sent cookies: lock a = z; lock b = y Actual result: -- Everything as expected except the last page load: The cookie received isn't a = z, it is a = q, I mean, another value. The server then sends "lock a = q" following the logic. PHPSESSID is received and reset on every page load. 1. HTTP Request Headers HTTP RequestGET /page/ HTTP/1.1 User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 HTTP Response Headers Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie a=3; path=/ Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 2. (The request is as expected) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the values of a and b) HTTP Response Headers Set-Cookie locka=3; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 3.(The request is as expected) HTTP Request Headers HTTP RequestGET /page/random/ HTTP/1.1 Cookie a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; locka=3; lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We delete the locked values and set a random value for a, this case 2) HTTP Response Headers Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie a=2; path=/ 4. (The request is not as expected, that value for 'a' had not even been used in the whole run -we are getting 1) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=1; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the received values, this case 1) HTTP Response Headers Set-Cookie locka=1; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ -- Edit this bug report at http://bugs.php.net/?id=37095&edit=1
#37095 [NEW]: cookie returns random value
From: giaym at hotmail dot com Operating system: Windows 2000 PHP version: 5.1.2 PHP Bug Type: Session related Bug description: cookie returns random value Description: Randomly, the cookies send back random values to the server, values different than those set the previous page load. I use session auto start on php.ini. PHP runs on Apache 2. Reproduce code: --- a, b, locka and lockb are cookies set with setcookie(, , 0, "/"); if($somevar == "lock") { echo "lock"; Set cookies locka and lockb with the values of cookies a and b respectively. } else if($somevar == "random") { echo "random"; Delete locka and lockb, and give a random value to a. } else { echo "none"; if(locka not set) Set random value to a. } if (b not set) Set random value to b. Enter pages in that order: www.domain.com/page/ www.domain.com/page/lock/ www.domain.com/page/random/ www.domain.com/page/lock/ (The if logic works, this is not a case of $somevar holding an incorrect value.) Expected result: www.domain.com/page/ received cookies: none output: none sent cookies: a with value x; b with value y www.domain.com/page/lock/ received cookies: a with value x output: lock sent cookies: lock a = x; lock b = y www.domain.com/page/random/ received cookies: a with value x; b with value y; locka with value x; lockb with value y output: random sent cookies: delete lock a; delete lock b; a = z www.domain.com/page/lock/ received cookies: a with value z; b with value y output: lock sent cookies: lock a = z; lock b = y Actual result: -- Everything as expected except the last page load: The cookie received isn't a = z, it is a = q, I mean, another value. The server then sends "lock a = q" following the logic. PHPSESSID is received and reset on every page load. 1. HTTP Request Headers HTTP RequestGET /page/ HTTP/1.1 User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 HTTP Response Headers Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie a=3; path=/ Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 2. (The request is as expected) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the values of a and b) HTTP Response Headers Set-Cookie locka=3; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 3.(The request is as expected) HTTP Request Headers HTTP RequestGET /page/random/ HTTP/1.1 Cookie a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; locka=3; lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We delete the locked values and set a random value for a, this case 2) HTTP Response Headers Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie a=2; path=/ 4. (The request is not as expected, that value for 'a' had not even been used in the whole run -we are getting 1) HTTP Request Headers HTTP RequestGET /page/lock/ HTTP/1.1 a=1; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the received values, this case 1) HTTP Response Headers Set-Cookie locka=1; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ -- Edit bug report at http://bugs.php.net/?id=37095&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=37095&r=trysnapshot44 Try a CVS snapshot (PHP 5.1): http://bugs.php.net/fix.php?id=37095&r=trysnapshot51 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=37095&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=37095&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=37095&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=37095&r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=37095&r=needscript Try newer version:http://bugs.php.net/fix.php?id=37095&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=37095&r=support Expected behavior:http://bugs.php.net/fix.php?id=37095&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=37095&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=37095&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=37095&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=37095&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=37095&r=dst IIS Stability:http:/