Re: [PHP] PHP 5.2.0 Session Handling Bug? Can someone test this please?

[Jürgen Wind]

Colin Guthrie-6 wrote:
> 
> Hi,
> 
> I've noticed a bug with PHP 5.2.0 when dealing with sessions and posting
> quite large forms.
> 
> I've attached a file that highlights the bug.
> 
> Can people test this please and if it is confirmed i'll post upsteam.
> Just want to rule out my distro's packaging being at fault
> 
> I am using the suochsim, soouishm, soushim ach the security patch
> thing, so that may be what is at fault here.
> 
> Anyway, I don't think the data itself is to blame but I didn't fiddle
> too much with it as I didn't see the point.
> 
> I've tested this on PHP 5.1.6 and it is not affected.
> 
> Thanks.
> 
> Col.
> 
> 
>  
> 
as you mentioned using hardened php:
maybe you have to adjust  hphp.post.max_value_length = 
and/or some other settings

-- 
View this message in context: 
http://www.nabble.com/PHP-5.2.0-Session-Handling-Bug--Can-someone-test-this-please--tf2644202.html#a7382877
Sent from the PHP - General mailing list archive at Nabble.com.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] PHP 5.2.0 Session Handling Bug? Can someone test this please?

[Frank J. Schima]

The ID never changed for me.

PHP 5.2.0
Apache 1.3.33
Mac OS X 10.4.8


On Nov 16, 2006, at 9:28 AM, Colin Guthrie wrote:

I've noticed a bug with PHP 5.2.0 when dealing with sessions and  
posting

quite large forms.

I've attached a file that highlights the bug.

Can people test this please and if it is confirmed i'll post upsteam.
Just want to rule out my distro's packaging being at fault

I am using the suochsim, soouishm, soushim ach the security patch
thing, so that may be what is at fault here.

Anyway, I don't think the data itself is to blame but I didn't fiddle
too much with it as I didn't see the point.

I've tested this on PHP 5.1.6 and it is not affected.

Thanks.

Col.




Frank Schima
Foraker Design

303-449-0202