From: [EMAIL PROTECTED] Operating system: RH7.2 PHP version: 4.2.3 PHP Bug Type: Session related Bug description: use_trans_sid produces unvalid html
When a PHP option session.use_trans_sid is set on, and user has cookies disabled, every URL in page is altered by PHP to include the SID in them. However possible "amp"-signs in urls are not produced as valid html (according to w3c). Heres an example: A page has a link similiar to: -- HREF="/some.php?a=b&c=d" after adding SID it becomes: -- HREF="/some.php?a=b&c=d&SID=WHATEVER" Should be: -- HREF="/some.php?a=b&c=d&SID=WHATEVER" am I right? Or didn't I just notice something? And btw, bug search system doesn like & as a search word, says that I'm a bad cracker :| -- Edit bug report at http://bugs.php.net/?id=20798&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=20798&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=20798&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=20798&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=20798&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=20798&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=20798&r=support Expected behavior: http://bugs.php.net/fix.php?id=20798&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=20798&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=20798&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=20798&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=20798&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=20798&r=dst IIS Stability: http://bugs.php.net/fix.php?id=20798&r=isapi